We’ve been reporting on a backroom Washington deal that pulled $3.5 billion out of the CHIPS and Science Act’s grant funding, and diverted it into an ultra-secret national-security project instead. The project, known as Secure Enclave, touched off a battle over which agency would pay for a single company to set up a specialized facility for making and finishing chips for the Pentagon. But that wasn’t the only area of disagreement. Another was more technical, and got to the heart of why the project even exists in the first place: the top-performing chip technology often comes from the global commercial marketplace, so how can the military and intelligence community trust what they’re getting? Though very little is known about the exact proposal, multiple interviews suggest Secure Enclave will portion off some commercial capability to produce chips requested for defense and intelligence projects, including classified ones. Additionally, it could involve a new facility dedicated to packaging advanced chips for the government. (The three agencies implementing the project — the Office of the Director of National Intelligence, Commerce and Defense Departments — declined to comment on the facility’s eventual design.) Intel CEO Pat Gelsinger, whose company pushed for the idea and is the most likely recipient of the $3.5 billion, has described the Secure Enclave as an extension to a commercial chip fabrication plant: “a little thing on top of a big commercial thing to meet the unique requirements of government.” That’s not the only way to handle those requirements for sensitive microelectronics, though. “It is debatable what the solution is,” a defense industry expert told DFD. “The problem is, I just need this source of high-end and secure microelectronics, and I need all five that I buy this year to be perfectly secure. What's the best way for me to achieve that?” DOD’s longtime answer has been a 2004 program known as Trusted Foundry, where inspectors certify certain commercial plants that provide the military hardware. Doug Kirkpatrick, formerly DARPA’s chief scientist, said this approach works well for processors in items like military radios, where flaws, kill switches, and backdoors can be caught through frequent use. But he and proponents of the Secure Enclave worry that is not enough for a rare event, like in the case of a Trident D5 missile test firing. A more locked-down manufacturing process would make sure “everything that gets included goes through a very, very significant vetting process” before being used for mission-critical applications where “you only get one chance and no mistakes are allowed,” Kirkpatrick said. “There's a real challenge when you're dealing with classified systems: Make sure that you don’t inadvertently incorporate something … that makes them Swiss cheese,” he added. “You sure as heck don’t want that processor to do something other than what you are expecting.” Christine Michienzi, a former senior executive in the Office of the Secretary of Defense, concurred, saying, “there are special types of chips that the Department of Defense and other agencies need that cannot be manufactured using the Trusted Foundry model,” including state-of-the-art semiconductors. Others argue that Secure Enclave is an unproven concept, and that there’s little evidence it would advance U.S. security more than alternatives DOD had also worked on. Some critics worry that the project gives adversaries a single bullseye target, as they’re unaware of any intention to open the money to competition. A independent panel of 27 experts who studied the U.S. microelectronics strategy for the Air Force last year came to the consensus that the Pentagon’s requirements could “be met by creating DOD specific overlays on commercial processes” with two complementary efforts: the Trusted Foundry program and an emerging data-based approach that officials had been developing with teams at Intel to avoid implementation of the enclave. Multiple defense officials as well as the Senate Armed Services and Commerce Committees recommended for DOD to spread the risk of a sole-sourced award by adapting those security overlays to be used by other companies making state-of-the-art chips. An Air Force spokesperson said Secure Enclave was “outside the scope” of the report. Former officials dispute that, saying the report’s findings questioned the need for the project at all. If so, they wouldn’t be the only ones. According to critics, U.S. intelligence agencies — who pushed for the Secure Enclave over years but were unwilling to pay for it— wouldn’t say what specific threats the project exists to address when asked by people with security clearances, in briefings with congressional committees, and during conversations with the defense officials. Another major concern is whether there will be enough demand for the facility to sustain itself over time. “The reason we were so dead set against the Secure Enclave is that as you start to peel off advanced technology and put it in a separate enclave and spend the amount of money that they're talking about, it becomes a one-off where we can afford to do this once and you get stuck at whatever technology node that is,” said a person familiar with government conversations around the project. In the 1980s, the National Security Agency contracted with a company to build a supersecret chip plant at its Fort Meade, Md. headquarters — with the idea of servicing its own intelligence needs as U.S. semiconductor manufacturing had increasingly shifted overseas. Sound familiar? The fab eventually shuttered after running into a key challenge: those needs were too narrow. The NSA tried opening production up to other government clients, but even so, it was too expensive to upgrade and became obsolete.
| 
