Best practices for COTS supplier counterfeit mitigation

Leading commercial off-the-shelf () vendors and military/aerospace electronics suppliers routinely engage with customers and suppliers in the development and maintenance of internal processes for the mitigation and prevention of components.

Many of the best practices for – including methods, systems, and trend monitoring – result from participation in industry committees. Leading the way in efforts to circumvent counterfeiting are the Society of Automotive Engineers’ (SAE’s) [] G19 committee and various other industry consortia, such as the Electronic Resellers Association International (ERAI) and the Independent Distributors of Electronics Association (IDEA).

The continued development and evolution of important standards and methods of practice results from ongoing, in-depth partnerships with suppliers and customers and through development of multidisciplined counterfeit-mitigation systems. New relevant regulatory standards are continually released: For example, the SAE’s AS6174 (“Counterfeit Materiel; Assuring Acquisition of Authentic and Conforming Materiel”) standard now includes nonelectrical component counterfeit mitigation. Defense and aerospace suppliers – all of whom are routinely audited by customers to illustrate their compliance for electrical, electronic, and electromechanical (EEE) parts – must now evolve their methods in recognition of the non-EEE component counterfeit threat.

In addition, suppliers must also be prepared to address customer-specific counterfeit-mitigation standards. Globally, supply-chain and quality professionals focus their efforts on acquisition of parts from trusted sources including franchised distribution and/or direct from original component manufacturers/original equipment manufacturers (OCMs/OEMs). Most have processes in place to engage suppliers to test, source, certify, and track alternate sources of components where required.

The ability to audit compliance with today’s existing standards and with emerging new standards requires a deep knowledge of the industry and of trusted franchised distributors to ensure that the OCM/OEM chain of custody is in place all the way from the OEM through to the component’s sale. An interdisciplinary approach in organizations is not restricted to supply-chain management, but must also include a partnership with the COTS supplier’s engineering, quality engineering, regulatory and procurement, and life-cycle services teams.

Supply-chain organizations should minimize the risk of by executing “last-time buys” (LTB) to extend product life and avoid the need to procure obsolete parts from brokers post-LTB.

In the situation where a component does become obsolete, the supply chain should consider nonfranchised sources only where there is no drop-in alternative. In such a case, applicable internal or external approvals are pursued if a broker-sourced part is to be used, and then only from a limited and approved source base. These sources must be subject to intense audits, and any device provided by a broker must be tested by the source’s internal or accredited labs in compliance with customer (if required), supplier, and industry-mandated validation methods. When an authenticated broker part is used, the COTS supplier must perform disciplined configuration-control practices to ensure that the brokered part receives a unique part number.

To ensure that their supplier is staying up to date with the latest trends in underworld counterfeiting and the most up-to-date techniques for mitigating them, systems integrators should query their supplier about what industry organizations they are members of and/or which they actively monitor. Maintaining membership in and monitoring the latest proposals from committees such as SAE G19 AS5553 is critical for staying ahead of the counterfeit game.

Leading COTS suppliers should monitor vocal industry and nongovernmental agencies that report on and track sources of and trends in detected counterfeit materials. It’s also important for COTS suppliers to monitor counterfeit occurrences and share these experiences via reporting bodies such as the Government Industry Data Exchange Program (GIDEP), the U.K.’s ESCO Council, and counterfeit-mitigation suppliers such as ERAI. Active involvement and communication with these bodies is critical for reducing the risk posed by counterfeits; it is the COTS industry’s duty to report violators in order to prevent any further violations.

One proven way of verifying a COTS supplier’s ability to mitigate counterfeits is to ask what formal certifications they have earned, such as AS5553, AS6081, or ISO/IEC 17025. Recently, SAE released a technical certification in their NADCAP [National Aerospace and Defense Contractors Accreditation Program] suite that will provide technical acknowledgement, via auditing, that a supplier adheres to AS5553 requirements.

In addition, that old adage made popular by President Ronald Reagan, “Trust, but verify,” comes into play: Trust in your supplier’s certification but verify by their performance to ensure that they, and any brokers and distributors they use, have demonstrated their commitment and adherence to the world of counterfeit mitigation and prevention.

Larry McHenry, CET/CQE, is senior manager for Quality Assurance, C4S-ISR, for .