Page 56 - IACC Newsletter March-April 2014 Issue 03

Basic HTML Version

Hello. Good afternoon. I’m here with Ambassador Kathy Stephens who is here as our Charge, as our Ambassador in
New Delhi. She arrived just a couple days ago. We’re here having some wonderful meetings and consultations with the
Government of India. The United States is very committed to the U.S.-India relationship. And this is an opportunity for
us to hear the priorities and the opportunities that the new government is seeking in terms of their desire for this
relationship. United States is very excited about the opportunity ahead and the road ahead because we see the
resounding mandate with which this government has come in, with which Prime Minister Modi has come in, and the
hopes and the aspirations of the Indian people. The United States wants to partner with India in meeting those hopes
and aspirations and we look forward to working together in the months and the years ahead. So, this is an opportunity
for us to hear from the government on their agenda and their priorities.
Question: What are the dates for the Modi visit?
I think these are conversations that are being worked out between our two governments. The president in his first
conversation with the Prime Minister invited him and welcomed him to Washington. And we look forward to that at a
mutually convenient date, and we’re working to see what that would be. Thank you very much.
Hardware Security in the U.S.-Indian Cyber Dialogue
Now is the time for India and the United States to expand the Indo-U.S. cyber dialogue to include hardware security.
Much like the Indo-U.S. strategic partnership, Indo-U.S. cyber engagement appears to have plateaued and could benefit
from a tailored reset. Since the 2001 establishment of the Indo-U.S. Cyber Security Forum, India and the United States
have sought to partner on various cyber issues of collective importance: cyber security, cybercrime, cyber forensics and
cyber security norms, among others. Apart from a 2013 goal of supply-chain security, Indo-U.S. cyber cooperation is
largely software-based. This ignores a mutual, more incipient cyber hardware threat, which permeates broader defense
issues. A failure to address the issue of hardware security could have a highly deleterious impact on India’s defense
apparatus. The time is ripe for India and the United States to expand the Indo-U.S. cyber dialogue to include hardware
The weapon platforms that are critical to state security and deterrence—nuclear weapons, cruise and ballistic missiles,
fighter jets and any number of other systems—are dependent on semiconductor integrated circuits, or chips, which
make up the hardware of the system. The semiconductor supply chain has become increasingly globalized, and as John
Villasenor at the Brookings Institution has noted, tampered or malicious chips, which operate as hidden ‘back doors’ for
espionage or sabotage, have likely heavily contaminated the global supply chain. Malicious hardware can be inserted
into a chip after the design phase but before it is manufactured and placed in a product, thus making it challenging to
detect. Should a malicious chip be placed in a critical weapon system, that platform could cease to operate. At present,
while India does design its own semiconductor chips, it lacks the capacity to manufacture its semiconductors
domestically. As the East West Center notes, most of India’s integrated circuit design work is done for various
multinational corporations, who transfer the design for manufacturing elsewhere, often to locations such as Shenzhen,
China. So long as India’s chips are manufactured externally, India risks placing compromised circuits in their indigenous
weapons systems thus are exposing them to potential sabotage or espionage. India needs a secure supply of ‘trusted’
semiconductors for its domestically produced systems.
Last October, the former Union Minister for Communications and Information Technology, Kapil Sibal announced at the
Observer Research Foundation (ORF) and Federation of Indian Chambers of Commerce and Industry (FICCI), India
Conference on Cyber Security and Cyber Governance that imported computer hardware posed a serious security threat
to India. The Indian government had decided to invest in manufacturing semiconductor chips. Four months later, on
February 14, former Prime Minister Manmohan Singh, sanctioned the construction of two semiconductor wafer plants,
or ‘fabs’, in cooperation with two different business consortiums. Construction is expected to begin in September. While
India has announced the creation of two ‘fabs’, it is unclear what leverage the Indian Ministry of Defense (MoD) will