If you would like to learn more about the IAEA’s work, sign up for our weekly updates containing our most important news, multimedia and more.
Nuclear Security Implications of Counterfeit, Fraudulent, and Suspect Items (CFSI)
Closed for proposals
Project Type
Project Code
J02019CRP
2359Approved Date
Status
Start Date
Expected End Date
Participating Countries
Description
The commercial supply chain, to include the nuclear supply chain, is ever more expansive as globalization offers producers and suppliers, alike, with more affordable items as a consequence of increased competition and greater availability. However, this globalization complicates the supply chain, and diminishes or completely prevents the transparency and traceability of items as they change hands on their way to the final customer. This lack of transparency in production practices or traceability of item integrity allows for the pervasive issue of CFSI infiltration to take place on a grand scale. CFSIs do not undergo the same rigorous quality assurance procedures as legitimate items and deviate from prescribed specifications. Within the nuclear supply chain, CFSIs can diminish the integrity of equipment, systems, structures, components or devices that may be critical to nuclear safety and/or nuclear security. The inadvertent introduction or malicious insertion of CFSIs within the nuclear security supply chain could lead to the occurrence of a nuclear security event, due to premature or unexpected part failure or performance. CFSIs may be inserted for financial gain or based on malicious intent; however, independent of the motivation for the insertion, the creation of CFSIs is intentional. CFSIs are a concern from a nuclear security perspective in many forms. Computer components from previously disposed systems that are repackaged and sold as new, computer hardware that has been altered to allow for adversaries to access sensitive information through undisclosed backdoors, and construction hardware that is misrepresented as being a higher grade than actually are all examples of CFSIs that can cause nuclear security implications.
The focus of the one-year duration CRP (June 2023-May 2024) is to coordinate numerous individual projects that when combined will represent a holistic approach for minimizing the likelihood that CFSI could initiate a nuclear security event. The best way to accomplish this is to develop methods (tools and processes) for identifying CFSIs at all stages of the supply chain, including after installation. The implementation of measures to accomplish this goal will enhance the reliability and confidence of the components (hardware and software) that comprise the systems upon which a nuclear security regime is reliant. Additionally, the close cooperation between customers, suppliers, and producers will enhance the trust between each entity, while allowing for verification activities to be conducted. Additionally, the implementation of measures to address CFSIs enhances nuclear security, but also nuclear safety. CFSIs will never be eradicated, but it is necessary for the issue to be actively addressed due to the potential consequences of an inserted CFSI within the nuclear supply chain.?
Objectives
The primary objective of the CRP is to identify lessons learned and best practices, and develop strategies and tools, for the prevention and mitigation of the nuclear security implications of CFSIs within the nuclear supply chain. This information will be documented in a non-serial publication that Member States can use to develop their own strategies for addressing the issue of CFSIs within the equipment, systems, structures, components or devices used in the facilitation of activities involving nuclear or other radioactive material.
Specific objectives
Define legislation considerations that allow counterfeiters and fraudsters to be held accountable through criminal prosecution, financial penalties, or other means.
Understand strategies for requiring suppliers and sub-suppliers to engage in practices to mitigate the existence of CFSIs through contractual agreements and other regulations.
Develop techniques, tools, and technologies to non-destructively identify CFSIs within the supply chain, or during in-service inspections.
Promote methods for greater cooperation between law enforcement and other nuclear supply chain stakeholders (such as operators from other countries).
Establish channels for efficient and effective information sharing.
Impact
Counterfeit, Fraudulent, and Suspect Items (CFSIs) pose a threat to global trade security as they infiltrate supply chains. The extent to which this impacted the security of nuclear facilities and material was not sufficiently addressed at the level of the IAEA prior to this CRP. By partnering with exceptional research institutions around the world, this CRP has enabled the IAEA and its Member States to gain a better appreciation and understanding of the pervasiveness and potential harms of CFSIs. Multiple MS research teams, after extensively studying the regulatory frameworks of their respective MSs, developed targeted proposals to share with their MS Competent Authorities and regulators. Additionally, several projects performed risk assessments and identified areas of greatest vulnerability. These risk assessments will serve as useful models for future reference and MSs seek to strengthen the security of their nuclear facilities and their respective supply chains. Other projects developed methods for ensuring the authenticity of good within the supply chain. These methods would enable the verification of goods at the point of manufacture, during shipping and storage, and at the point of installation with the end-user. Lastly, other projects examined how to best establish knowledge sharing mechanisms to ensure other MSs can benefit from the best practices of other MSs which can prevent the repetition of CFSI-related nuclear security problems.
Relevance
Multiple projects from this CRP reported from their research that the prevalence of CFSIs in global supply chains has increased significantly since the onset of the COVID-19 pandemic. In the years following this spike in fraudulent activity, as larger numbers of CFSIs infiltrate markets, the resulting risk to nuclear security has likely experiences a proportional increase. With this in mind, the need to address the nuclear security implications of CFSIs in the supply chain is of higher relevance today than it ever been has before. With this in mind the CRP was intended to run for a single year, indicative of the urgent need for the receipt and dissemination of project findings.