Here's an idea: why don't we save some money by having the chips that go into our defense systems and other infrastructure components made in China? What could possibly go wrong? Well, now that you mention it....
Specifically, the American-designed, Chinese-made Actel/Microsemi ProASIC3 A3P250 — commonly known as the PA3 — chip was found by Cambridge researcher, Sergei Skorobogatov, to have a backdoor, or trojan, deliberately built into it. The PA3 is what’s called a Field Reprogrammable Gate Array (FRGA); an almost blank slate of a microchip that can be programmed by its owner to perform a variety of tasks. Most alarming is that the PA3 is considered to be one of the “most impenetrable” designs on the market. The chip is used in military “weapons, guidance, flight control,networking and communications” hardware while “in industry it is used in nuclear power plants, power distribution, aerospace, aviation, public transport and automotive products,” according to Skorobogatov’s report on his findings that was published last weekend.
Basically, Chinese cyber spies can gain use the chip’s built-in malware to decipher military passcodes and gain remote access to the chip and reprogram it to do their bidding; “permitting a new and disturbing possibility of a large-scale Stuxnet-type attack via a network or the Internet on the silicon itself,” reads his report.
As Astro might say, "Rutt-Roh!" The chips may have been designed in the USA, but they were re-designed in China prior to fabrication and shipping. And you can't download a security update, or a patch, because it's built into the microcircuits themselves. Hope they got a good deal.
