WHITE PAPER

主题:关于国防研究的拟议安全控制

Enclosures:

OVERVIEW

Enclosure (1) underscores the strong role that technology plays in the nation's defense and economic competitiveness. The memorandum's three signatories (Hon. E.C. Aldridge, Hon. J.P. Stenbit, and Hon. T.P. Christie) therefore resolve to protect U.S. research and technology from America's military adversaries and industrial rivals, and agree to work together to accomplish that goal.

简而言之,备忘录表示要保护对国家安全至关重要的承诺。因此,它加强了长期存在的国家政策,要求国防部(DOD)通过分类过程来保护研究(国防部),以保护研究,并通过多种手段来保护技术,其中之一就是分类。备忘录中的关键点是,在30天内,在30天内,在由反智能(CI)/安全社区赞助的两个指令中,要求国防部长办公室(OSD)和军事部门完成协调。与备忘录不同,这些文件主张与现有政策的急剧偏差。

As currently written the draft directives contradict national policy on scientific information stipulating the use of the classification process when national security requires it. They contradict existing DoD policy that specifically prohibits gathering counter-intelligence "lists" for Science and Technology (S&T) projects. They propose a CI/Security database that duplicates the functions of the Militarily Critical Technologies List, an existing database used extensively by the Defense Security Service's Counter-Intelligence Office to develop its annual threat assessments. And,they create the possibility for criminal sanctions to be brought against individuals publishing unclassified research

This paper is intended to: (1) help meet the commitment of OSD's tripartite memorandum, (2) assist the CI/Security community in its legitimate and important role to target, collect, and disseminate relevant threat data to appropriate RDT&E facility personnel, (3) correct two misleading inaccuracies that are being used to justify changes in national policy, and (4) ensure that defense S&T will not be harmed by the very measures designed to protect it.

背景

On 17 February 2000, the former Deputy Secretary of Defense (DEPSECDEF), Dr. John Hamre, issued a series of memoranda addressing security and counterintelligence (CI) in DoD's laboratories and Test & Evaluation centers. These memoranda conveyed a number of proposals for improving security procedures. An Overarching Integrated Process Team (OIPT), composed of executive-level officials1, developed the proposals. Dr. D. Etter, the former DUSD (S&T), chaired the group.

One of the actions directed by Dr. Hamre in enclosure (2) was for the Assistant Secretary of Defense for Command, Control, Communications and Intelligence (ASD C3I) and the Under Secretary of Defense for Acquisition, Technology & Logistics (USD AT&L) to create a directive requiring the services to develop "site-specific lists of critical program information for non-Science and Technology (S&T) programs." Critical program information (CPI) is a designator used to control information in some acquisition category (ACAT) programs, therefore the effect of Dr. Hamre's memo was to expand its use into other ACAT programs and into non-ACAT RDT&E Programs,excepting S&T(i.e., 6.1, 6.2, and 6.3).简而言之,Hamre博士的备忘录(从标题到文本)仅与“技术”保护有关。

ISSUE

The ASD(C3I) has formally submitted two Directives, enclosures (3) and (4), for coordination among the Military Departments and the Office of the Secretary of Defense. Contrary to the stated DEPSECDEF policy, they require that all acquisition programs identify CPI throughout all RDT&E budget categories--including S&T. All non-acquisition activities are required to use a CPI-like designator, called Critical Research Technology (CRT), and likewise apply it to "all seven subcategories of RDT&E" -- including S&T (Encl. 3, p.2). The stated objective is to "protect DoD-funded research and technology."An ASD(C3I) memo, provided as enclosure (5), specifically urges protection "beginning with the idea phase within DoD-funded basic research."

保护研究的拟议过程

Once a project is designated as CPI, or CRT, specific requirements and procedures become mandatory. For example:

这最后的要求并不是微不足道的,因为大学,工业,联邦资助的研发中心和非营利组织的所有DOD资助研究的64%(6.1和6.2)。2The actual figure is higher because the DoD laboratories outsource a significant amount of their work.

Finally, it should be noted that the CRT designation is applicable to unclassified information. Therefore,these procedures create the possibility for criminal sanctions to be brought against individuals publishing unclassified research, or failing to control it according to the measures prescribed.

ANALYSIS AND FINDINGS

A. THE DIRECTIVES CONTRADICT NATIONAL AND DOD RESEARCH POLICY

外壳(6),National Security Decision Direclive (NSDD) 189,编码有关科学,技术和工程信息转移的国家政策。研究由16岁的政策定义为科学与工程学中的基础研究(6.1和6.2)。它规定了这一点,

In other words, when research requires protection, classification is the only tool permitted by national policy. NSDD 189 endorsed this approach because the strength of American science requires "an environment in which the free exchange of ideas is a vital component."

However, the Directives require that research be protected by means in addition to classification, i.e., the CPI and CRT control procedures. The Directives state that they "recognize the normally unrestricted nature of fundamental research, as identified in National Security Decision Directive 189" (Encl. 3, p.2), and have "implemented relevant portions" of it (Encl. 3, p.1).That claim is misleading because the Directives clearly violate national policy

Another misleading claim is made by enclosure (5), an ASD(C3I) memo being circulated to justify the controls on research. It states that Dr. Hamre's memorandum (i.e., enclosure (2), "directed the ASD(C3I), with support from the USD(P) and the USD(AT&L), to revise or create a DoD directive and define a new process or discipline of integrating support for protecting research and technology... "(Encl. 5, p. 1).

But the former DEPSECDEF's statements are very different from those offered by the ASD(C3I) memo.Hamre博士不仅从未使用过“研究”一词,而且他特别将S&T排除在任何控件之外。Hamre博士从ASD(C3I)备忘录引用的同一来源引用:

B. THE PROPOSED ASD(C3I) DATABASE DUPLICATES FUNCTIONS OF THE MILITARILY CRITICAL TECHNOLOGIES LIST

The MCTL identifies emerging militarily critical technologies. In fact, the MCTL process reviewed over 6,000 technologies and identified 2,O60 militarily significant technologies that were then entered into the MCTL database. A total of 656 were selected as Militarily Critical. In short, the MCTL process appears to identify the very technologies that the CI/Security community seeks to protect from compromise.

The general features of the MCTL process are as follows.3

基于这些特性,MCTL过程出现了to be a cost-effective alternative to the proposed database. In fact, the Defense Security Service (DSS) Counter-Intelligence Office uses the MCTL to compile its annual report, "Technology Collection Trends in the U.S. Defense Industry." Its 2000 report stated that the "DSS documents and reviews foreign interest in U.S. defense technology in categories described by the MCTL."4 Its use by the DSS CI office indicates that the MCTL can likely satisfy the CI/Security community's need to target, collect, and disseminate relevant threat data to appropriate RDT&E facility personnel.

但是,如果MCTL的不足会导致对其功效的怀疑,那么也许DOD的资源可以更好地修改MCTL过程,而不是创建新的且重复的过程。而且,the avoidance of unnecessary investment costs would meet an objective of the USD (AT&L) Business Initiative Council (BIC), which is to identify and implement business reforms that allow the reallocation of savings to higher priorities.

C. CRT'S DEFINITION IS BROAD ENOUGH TO INCLUDE ALL DEFENSE RDT&E

CRT5is defined as "RDT&E information identified and prioritized by site directors and managers thatmay(emphasis added) be important to maintaining the U.S. warfighters' operational advantage when the resulting capability becomes part of a future DoD acquisition program or system." (Encl. 3, p. 12)

This definition is expansive enough to apply to all DoD-funded work. Hopefully all DoD-funded RDT&E "may be important to maintaining the U.S. warfighters operational advantage." Logically, the definition is worded in a way that excludes only RDT&E thatwill notbe important. Moreover, in a competitive budget environment, there will be a strong propensity for managers to designate their projects as critical. To manage work that is not critical is to risk having your funding cut for work that is.

For these reasons the CRT data gathered for the HAPD would likely be much less discriminating than that derived from the MCTL's systematic, expert-driven process.

D.改变当前研究保护政策的案例缺乏信誉

也许关键问题是 -发生了哪些事件,比冷战期间使用的安全措施更严格控制科学信息?Enclosure (5), an ASD(C3I) memo, bases the CI/Security community's argument for more stringent research protections on:

But in all five cases the stated concern is technology, not research.The CI/Security community has clearly not made a credible argument to support strict new measures beyond existing national policy codified in NSDD 189-- which is to use the classification process when a need arises for protecting scientific information.

AN OLD DEBATE

The question of how far to go in protecting research was debated throughout the Cold War. In an article published in theWall Street Journal1982年,国防部长C. Weinberger表示,苏联“组织了一项巨大的,系统的努力,以从西方获得先进的技术”。当时的中央情报局副董事Adm B. Inman Adm B. Inman遵循该文章,建议向美国科学进步协会(AAAS)会议提出,科学依赖性应该通过自愿提交研究结果来更加合作,以向适当出版的政府​​机构进行预公开审查。

In the wake of those remarks, a study sponsored by the DoD, National Science Foundation, AAAS, and National Academy of Sciences, was conducted to examine the relationship between scientific communication and national security in light of the growing concern that foreign nations were gaining military advantage from such research.6Two central conclusions of the "Corson Study" were as follows.

Another DoD report voiced similar findings.

第二份报告强劲的倡导的科学openness, in particular with Russia, sounds like post-Cold War policy. Instead, the above quote is from a briefing given before the National Security Council (NSC) on 31 May 1956--苏联首次成功测试了飞机排出的氢弹,不到七个月不到七个月。

有趣的是,这两种冷战报告与ASD(C3i)备忘录的语气进行了对比:ReportsReports

SUMMARY

Both the 1982 Corson Study and the 1956 NSC briefing were conducted when there was a clear and present danger. Even in an atmosphere of urgency, defense experts found no reason to abandon America's reliance on "security by accomplishment" as a strategy for the S&T environment. Therefore, a strong case can be made that national security is best served by maintaining a balance betweensecurity by accomplishmentand通过控制安全性。The former is the appropriate strategy for the DoD's S&T process, and the latter is effective for the subsequent stages of systems development, acquisition, and commercial production.

With this balance in mind, the three recommendations offered by this paper are intended to:

By incorporating this paper's recommendations, the Directives would meet the above objectives by: protecting research in an appropriate manner by conforming to national policy codified in NSDD 189; implementing former DEPSECDEF Hamre's directive to expand the use of CPI into non-S&T programs; and by considering the MCTL (already used extensively by the CI/Security community) as a cost-effective alternative to the proposed ASD(C3I) database. Moreover, if the ASD(C3I) database is found to be as duplicative as it appears, then the USD(AT&L) BIC might explore it as an area for cost savings.

By contrast-- as currently written-- the ASD(C3I) Directives: contradict national policy stipulating the use of the classification process when there is a need to protect research; contradict existing DEPSECDEF policy that specifically prohibits control "lists"8for S&T projects; propose a database that appears to duplicate the functions of the existing MCTL, which is used extensively by the CI/Security community; and create the possibility for criminal sanctions to be brought against individuals publishing unclassified research.

If approved in their present form, the Directives can be expected to have a chilling effect on the defense research conducted by the nation's universities, industrial centers, and military laboratories.

Source: Hardcopy original
HTML byFAS