DFARS – The Continuing Journey

Bob Bodemuller, Lockheed Martin Missiles and & Fire Control (MFC)

DFARS – The Continuing Journey

By: Bob Bodemuller, Lockheed Martin Missiles and & Fire Control (MFC)

Since the original passage of Section 818 in the 2012 NDAA we have all been on the counterfeit mitigation/avoidance roller coaster. First the law was passed and we awaited the first DFARS. Finally, the first DFARS case was open for public comment and industry provided a large amount of feedback and suggestions regarding how the DFARS could affect industry. Next we waited with anticipation to see what the result would be.

Finally in May 2014, DFARS 2523.246-7007 was published and became effective. I think all of us were surprised at some of the content because in a few areas it was much different than the public comment version.

We have had experience now with the draft, comment, and release cycle for a few DFARS now and have learned to not be surprised anymore when the final release is much different than the public comment version. That is certainly the case with the early August 2016 revisions of DFARS 252.246-7007 and the release of a new DSFARS 252.246-7008. So let us look at the history of DFARS Case 2014-D005 and examine the requirements that we must comply with as the result.

DFARS Case 2014-D005 titled “Further Implementation” was posted for public comment on September 21, 2015. The intent was to address paragraph (c)(3) of section 818 of the 2012 NDAA as modified by section 817 of the 2015 NDAA which said, “contractors shall acquire electronic parts from trusted suppliers in order to further address the avoidance of counterfeit parts.” This case also removed embedded software and firmware from the definition of electronic part and provided clarification of traceability expectations. The final rule was released on August 2, 2016 in the Federal Register and was effective upon publication.

The DFARS case resulted in the revision of the original May 2014 version of DFARS 252.246-7007 along with the issuance of a new DFARS, 252.246-7008. One of the revisions of the -7007 DFARS was to rewrite criteria 4 and 5 for source selection and traceability and refer the criteria directly to the new DFARS 252.246-7008 titled “Sources of Electronic Parts”. In effect, if the 252.246-7007 DFARS is in your contract, then the -7008 is also.

Additional revisions were new definitions of electronic parts sources. Deleted was any reference to “distribution”, authorized or independent. They were replaced by authorized supplier and contractor-approved supplier while implementing a tiered approach for electronic part sources in DFARS -7008. The tiered approach now has three categories of sources shown below.

  • Category 1: Electronic parts that are in production or currently available in stock.

  • Category 2: Electronic parts that are not in production and not currently available in stock from a category 1 supplier.

  • Category 3:
    • Sources other than a category 1 or 2 as defined above.
    • Electronic parts from a subcontractor (other than the original manufacturer) that refuses to accept flow down of DFARS 252.246-7008.
    • Cannot confirm that an electronic part is new or not previously used and that it has not been comingled in supplier new production or stock with used, refurbished, reclaimed, or returned parts.
Category 1 suppliers include the original manufacturer, their authorized suppliers or suppliers who obtain parts exclusively from the original manufacturers of the parts or their authorized dealers. It should be noted that the DFARS specifically states that even if a part is not in production but is available from an authorized supplier, it MUST be procured from a category 1 supplier. Likewise, if it is in production but not available in stock, it must be procured from a category 1 supplier regardless of cost or schedule.

Category 2 suppliers are suppliers that have been identified by the contractor as “contractor-approved”. For this category of supplier the contractor must use established counterfeit prevention industry standards and processes, be responsible for part authenticity and the selection is subject to review, audit and approval (“approval” is from the 2016 NDAA revision, see DFARS case 2016-D010 now finishing the public comment period) by the contracting officer.

Category 3 suppliers are everyone else, i.e., any supplier that does not fall into the first two categories, plus a subcontractor, at any level, who refuses to accept the flow down of DFARS 252.246-7008. This additionally includes if a supplier cannot confirm that an electronic part is new or not previously used AND that it has not been comingled in supplier new production or stock with used, refurbished, reclaimed OR returned parts.

The DFARS also discusses procuring parts from government sources. It imposes the same contractor requirements on government sources that it does on contractor sources. For example, if a part is procured from a QSDL or QML, contractors and subcontractors are still required to comply with the supplier selection (and traceability) requirements discussed above.

One of the intents of the DFARS was to clarify traceability requirements. Many in industry believe that the DFARS fell short in this area and, in fact, raised new questions and concerns. The May 2014 version of the -7007 text required traceability, “back to the original manufacturer”. It was interpreted by many that this was the original manufacturer of the electrical component so was interpreted as meaning back to the OCM. The August 2016 revision provided a new definition of the “original manufacturer” which now includes, “the original component manufacturer, the original equipment manufacturer or the contract manufacturer”.

The traceability debate now centers on the fact that the -7008 DFARS does not need to be flowed down to the “original manufacturer” plus the requirement is only for traceability to the OEM. Many contractors are by definition an OEM (a company that manufactures products that it has designed from purchased components and sells those products under the company’s brand name). The question that has been raised is does traceability stop at the OEM? It is believed this is not the intent of the DFARS.

In the government response to the public comments that are contained in the Federal Register publication, the government goes to great lengths to recognize that traceability comes with a cost. There are some inferences in the discussion that the traceability the government is looking for consists of “as-built” traceability. However, that is contradicted by the DFARS requirements that states, “have risk-based processes (taking into consideration the consequences of failure of an electronic part) that enable tracking of electronic parts from the original manufacturer to product acceptance by the Government…”. However, the following statement was also made in the government’s recognition that traceability comes with a cost:

“While DoD acknowledges the burden associated with this requirement and that establishing such traceability does not guarantee the authenticity of all parts, nevertheless DoD considers the costs associated with this burden to be justified in comparison to the harm that can result from introduction of counterfeit parts into the DoD supply chain.”

Lastly, the DFARS is very specific that this clause is to be used in the procurement of all commercial items and commercial electronic parts. For example, medical equipment procured by DoD was specifically used as an example. DoD specifically commented that even if commercial items are regulated by other parts of the government, any DoD procurement containing electrical parts must comply with this clause.

As we continue through the DFARS “understanding” process, it could argue that once again we may be seeing some unintended consequences. How the current version is reviewed/audited for compliance will help us understand what the intent is. However, it looks like there will more controversy to come.

About Bob

Bob Bodemuller currently works at Lockheed Missiles and & Fire Control (MFC) in Grand Prairie, Texas in supply chain quality where he is the subject matter expert (SME) in counterfeit part avoidance and risk mitigation and a Distinguished Member of the MFC Quality and Mission Success Technical Excellence Staff. Bob has over 40 years’ experience in the Engineering and Mission Assurance area in Space, Aviation and Defense industries. Experiences include over twenty years focused on Supply Chain Quality working extensively in supplier quality with both suppliers and receiving inspection operations.

Bob joined the SAE G-19 committees in mid-2000 where he participated with the development and release of AS5553 Rev. A and B and has worked on the AS6081 standard committee since its inception. He is a member of the SAE G-21 committee, which developed the AS6174 standard for counterfeit mitigation for materials. He now serves as the Chairman of the Counterfeit Avoidance Accreditation Committee, an industry managed third party certification administered by PRI, which has developed an industry managed certification scheme for AS5553A.

Bob has worked with industry as a member of the AIA Counterfeit Avoidance Working Group on counterfeit issues in the legislative area and has provided input during the public comment periods to DoD on the newly drafted DFARS.

Bob has presented at several conferences on the counterfeit standards. He has a mechanical engineering degree from Purdue University and a Masters of Management degree from University of Phoenix.