Procurement

China-sourcing restrictions spelled out in SEWP

china flag

NASA's new five-year IT acquisitions vehicle interprets and effectively extends legislative restrictions on sourcing computer gear manufactured in China that were included in the continuing resolution that is funding the government through the end of the current fiscal year.

Under the terms of Section 516 of the continuing resolution, NASA, along with the National Science Foundation and the Commerce and Justice departments, must conduct a risk assessment of IT hardware or software manufactured or assembled by "entities that are owned, directed or subsidized by the People's Republic of China." Before acquiring Chinese-made gear, the affected agencies must make a determination that such a procurement is in the national interest.

The inclusion of the language in the fifth iteration of Solutions for Enterprise-Wide Procurement (SEWP V), valued at up to $20 billion, pushes the lifespan of the provision beyond the current continuing resolution, which is set to expire Sept. 30.

"Seeing it extended into a five-year time frame makes it more permanent," said Erica McCann, manager of procurement policy at the trade group TechAmerica, which opposes the China sourcing rules. "This is the first time we're seeing it in a longer term platform that companies are going to have to pay attention to and protect against."

The SEWP request for proposals reiterates guidance published in June that puts the onus on NASA's CIO to assess the cyber-espionage risk of Chinese-made IT. Vendors must include details of any gear produced in China or from Chinese-owned firms to facilitate checking. In that June 6 circular, NASA said it would assess the security of new IT systems using the National Institution for Standards and Technology standards spelled out in the NIST 800-53, Security and Privacy Controls for Federal Information Systems and Organizations. It advised its own procurement staff to follow the security check procedure before obligating fiscal 2013 funds for IT.

NASA indicates that the Section 516 language applies to NASA orders only, not to procurements made by other agencies using the SEWP vehicle.

"Since these are NASA contracts, first and foremost, we can include specific NASA requirements at the contract level," SEWP Program Manager Joanne Woytek told FCW.  "We assume that other agencies, such as Justice Department, are handling SEWP and non-SEWP orders within their own agency through their own agency processes.  Each agency's CIO office should be making determinations for their own agency – NASA's CIO cannot make purchasing decisions or determination for non-NASA agencies."

The House version of the bill to fund NASA would extend the restrictions into fiscal 2014. Rep. Frank Wolf (R-Va.), chairman of the subcommittee that writes the legislation for the affected agencies, is a stanch advocate of restrictions on IT built by Chinese state-owned companies in federal procurement. In July, Wolf told FCW the Obama administration was "slow-walking" implementation of the sourcing provision.

The Senate version of the bill would require agencies to evaluate supply-chain risk of all "high impact information systems," using NIST security standards, but does not single out China.

Both versions have been approved by their respective Appropriations panels, but  there is a long legislative road ahead before the restrictions on Chinese IT are re-upped or altered for 2014.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected