Anti-Tamper (AT) is are measures that are intended to prevent and/or delay the exploitation of critical technologies in systems, training devices, and maintenance support equipment. AT measures are developed and implemented to protect Critical Program Information (CPI) in U.S. defense systems developed using co-development agreements; sold to foreign governments; or no longer within U.S. control. [1, 2]
Software Anti-Tamper (AT) prevents the reverse engineering and exploitation of military critical software technologies in order to deter technology transfer, alteration of system capability, or the development of countermeasures to U.S. systems. AT is an emerging umbrella term that covers the process, activities, and materiel implementation(s) to protect U.S. military and business technology from compromise when that technology is associated with or made vulnerable to reverse engineering through Foreign Military Sales (FMS), Direct Commercial Sales (DCS), worldwide operations. [1]
Definition: Anti-Tamper is the systems engineering activities intended to deter and/or delay exploitation of critical technologies in a system in order to impede countermeasure development, unintended technology transfer, or alteration of a system.
Website: DoD Anti-Tamper
Software Anti-Tamper Steps
The following steps are required by DoD policy and Milestone B criteria to establish software AT protection: [1]
- Identify potential software-related critical technologies (CT) requiring
- Identify threats to the software.
- Identify vulnerabilities.
- Identify attack scenarios.
- Identify impacts if exploited.
- Identify exploitation timelines to minimize impacts.
- Perform risk analysis.
- Select from potential critical technologies those that must be protected.
- Identify the available potential AT techniques for each critical technology.
- Select potential implementations and perform a risk assessment with each technique.
- Down-select to recommended protection solution.
- Develop the final AT plan and obtain AT plan approval.
Testing for Anti-Tamper
Anti-Tamper (AT) is tested and verified during Developmental Test and Evaluation (DT&E) and Operational Test and Evaluation (OT&E). The Program Manager (PM) develops the validation plan and provides the necessary funding for the AT Verification and Validation (V&V) on actual or representative system components. See Testing for Anti-Tamper
AcqLinks and References:
- [1] USAF Weapon Systems Software Management Guidebook – Chapter 3
- DoD Instruction 5200.39 “CPI Identification and Protection Within RDT&E” – 17 Nov 2017
- Mil-STD-498 “Software Development and Documentation” – 5 Dec 1994
- MIL-STD-498 “Application and Reference Guidebook” – 3 Jan 1996
- Software Development Plan Information Outline
- Website: MIL-STD-498 Software Documentation
-
Website: DoD Anti-Tamper
Updated: 7/1/2021
Rank: G2