Posts
Giving Preference to Domestically
Manufactured Electronic
Goods
Domestically
manufactured electronic products are expected to be more secure because
effective monitoring processes can be put in place for manufacturing processes
of security
sensitive electronic
products
With increasing deployment of electronic devices and Information
Technology applications in various sectors, the critical applications and
associated infrastructure are becoming vulnerable to cyber attacks including
espionage, financial theft and cyber terrorism. The forms of attack include
backdoors, malicious code, identity-theft and information warfare. Instances of
malware and other cyber attack tools pre-loaded on to electronic hardware
equipment have been detected world-wide. Imported software and hardware IT
products are often shipped with maliciously embedded malware. There have been
concerns about supply chain security as computers, portable devices and other
electronic devices pass through several suppliers before the final product goes
on sale and somewhere along line someone could compromise a component or design
a capability that could enable cyber attacks. Backdoors are not necessarily limited
to software applications as hardware components, such as Embedded Radio
Frequency Identification (RFID) chips or hardware encryption products could be compromised.
Even critical infrastructure in civilian sector like Power System is being targeted
with targeted attacks on Supervisory Control and Data Acquisition Systems
(SCADA) emerging.
Using modified hardware provide attackers with a fundamental advantage
compared to software based attacks. Due to the lower level of control offered
attackers can more easily avoid detection and prevention. Hardware encryption products
have also been found to be embedded with malicious software to enable leakage
of encryption keys and reduction of encryption strength. In all these
instances, the attack code is found to be hard coded in hardware.
In a connected world, telecommunication is a vital and critical
component of the economy. In the context of emerging cyber attacks, the security
of the telecommunication infrastructure and network elements such as routers
and switches and exchanges are of paramount importance. Maliciously modified
devices are reality. Wikipedia cites several reports of cyber security breaches
and views expressed by top security
experts which lend credence to these concerns.
All electronic devices
work on extremely complex miniature semiconductor integrated circuits or
“chips”. A typical electronic device may have several chips. A maliciously
designed chip can initiate an internal trigger to launch a cyber attack or such
an attack can be externally triggered through encrypted data sent through normal
communication channels. By implication, both the connected and isolated devices
are vulnerable. When conducted on a large scale, in a systematic matter, the
effect can be devastating. Alternatively, a covert chip can send copies of confidential
data to a third-party destination. Another threat could be the chip corrupts
the data, thereby making the device malfunction at a critical juncture. A
malicious hardware can be triggered months or years later, to open a backdoor to
install software, which could launch an attack. The situation is further
compounded because the technology has yet to develop which can detect such
malicious hardware.
Considering the potential for large scale damage and loss to life
and property and limited technological capabilities available globally in
testing hardware for detection of malicious backdoors, it is necessary that
electronic hardware used in systems having security implications for the nation
be manufactured indigenously to ensure trust worthiness. In March 2011, the
Senate Armed Services Committee in US initiated an investigation regarding
counterfeit electronic parts in Department of Defence supply chain and
uncovered overwhelming evidence of large number of counterfeits making their
way into Defense systems. It also found companies from one country were the
primary source of counterfeit electronic parts; 1800 cases involving millions
of parts were detected. Despite one of the best testing standards, especially for
critical applications, the existing testing framework has not ensured counterfeits
and defective electronic components getting into the system in the US.
Domestically manufactured electronic products are expected to be
more secure because effective monitoring processes can be put in place for
manufacturing processes of security sensitive electronic products. Conformance to
safeguards can be ensured and desired encryption levels and enforced.
Government Policy to
Provide Preference to Domestically Manufactured Electronic Goods
The Government has recently approved a policy to provide
preference to domestically manufactured electronic products, in procurement of
those electronic products which have security implications for the country and in
Government procurement for its own use, consistent with our World Trade
Organization (WTO) commitments. Electronic product or products having security implications
and agencies deploying them will be notified by concerned Ministry/Department.
The notified agencies will be required to procure the specified electronic
product or products from a domestic manufacturer. When the electronic goods are
specified by the concerned Ministries/Departments, rationale for such items
being covered as essential security interest may also be clearly detailed.
Listing of electronic goods as security sensitive can also be done by a designated
authority which may take a project wise decision on which projects are
sensitive from the security angle. In Government procurement, the policy will be
applicable to all Ministries/ Departments (except Defence) and their agencies
for electronic product or products purchased for Governmental purposes and not with
a view to commercial resale or with a view to use in the production of goods
for commercial sale.
Each Ministry/Department would notify the sector specific electronic
product or products for which preference would be accorded to
domestically-manufactured electronic product or products. However, generic
products which are procured across sectors, such as, computers, communication equipment
etc., would be notified by the Departments of Electronics and Information
Technology/ Telecommunications, as the case may be. The notification issued by
each Ministry/Department for providing preference to domestically manufactured
electronic product or products, either for reasons of security or for Government
procurement, would specify the percentage of procurement to be made from
domestically manufactured electronic product or products but it shall not be
less than 30% of the total procurement value of that electronic product or products.
Further each Ministry/ Department would also specify the domestic value
addition requirement which the electronic product should satisfy for the
product to qualify as domestically manufactured electronic products. However, such
specification should not be below the generic value-addition of domestically
manufactured electronic products provided in the policy. The preference to
domestically manufactured electronic goods shall be subject to matching of L1
price and on satisfying technical specifications of the tender.
The graded value-addition norm for domestically manufactured electronic
products is described in Table below:
Challenges in
Operationalizing the Policy
The policy is likely to address the security concerns as well as
spur investment in the Electronics System Design and Manufacturing (ESDM) sector. However, there are several challenges in operationalizing the policy.
These challenges relate to determination of which electronic good to notify, and
in which sequence, what value addition to be prescribed to qualify as
domestically manufactured electronic product, how to assess the value addition
objectively, and without creating an inspector-raj. There are no precedents of
a similar effort having been launched in other sector.
To answer some of these challenges, efforts to create operational
guidelines for the said policy are underway. These guidelines have been
extensively discussed with all stakeholders, including concerned
Ministries/Departments and industry representatives. Some of the thinking which
has emerged from these discussions has helped create a draft set of guidelines
which are objective, fair and transparent in the process being adopted. Some of
the salient features of the draft guidelines are as follows. “Bill of Material”: is defined as the sum of
costs of all inputs which go into the product including parts, subparts, components,
assemblies, manufacturing costs including cost of design and development/ assembling/testing/sourcing/power/
finance/logistics/insurance done inhouse, and/or by external Electronic Manufacturing
Service provider, royalties or licensee fee for IPR, and/or in-house R&D
costs incurred/ amortized to create IPR, embedded and other software integral
to the device. The “profit after tax” and warranty cost of the manufacturer is not
part of the BOM. Domestically Manufactured
Electronic Products are defined as those electronic products which are manufactured by
entities that are registered and established in India, including in Special
Economic Zones (SEZs), and engaged in manufacture of such electronic products
in India and would include OEM and their Contract Manufacturers, but not traders.
In addition, such products are required to meet the criteria of domestic
value-addition as laid down in the Policy, for being classified as DMEP.
The guidelines also suggest that while Ministry/Departments should
strive to notify all electronic products relating to their sector but should
take up those electronic products which constitute significant part of the
demand for Government on priority. It stresses on the need for developing an understanding
of the domestic manufacturing base preceding the identification of an
electronic product for notification under the Policy. Only those electronic products
in respect of which at least one domestic manufacturer exists, shall be
notified. Consultation with industry, as necessary, may be carried out. The configuration/
specifications representative of the entire range of a product should be
categorized in a single notification. For example, there may be a separate
notification for Desktop PCs, Servers and Tablets, but all Desktop PCs, with
different configurations, may be clubbed under a single notification. Since identification
of all electronic products cannot be taken up simultaneously, the products
having high value of procurement in Government may be identified for notification
on priority. Moreover, it also suggests that each Ministry/ Departments should
assess the prospective annual demand for Government procurement over the next 5
years, with the objective of encouraging development/ investment in such manufacturing,
along with the prospective date on which the product will be notified for
applicability of the policy.
The percentage of total procurement value for which preference is
provided to domestically manufactured electronic products should be so fixed
after an understanding of the domestic manufacturing base including the available
production capacities with the indigenous manufacturers and their number as
well as that of their suppliers of inputs, which should, interalia, meets the
value addition norms proposed to be notified. This would inter alia depend on
the availability of multiple domestic manufacturing units with sufficient capacities,
so that the Government requirement can be fulfilled without compromising on
timelines. The after-sales service support network of domestic manufacturer/s
also needs to be factored in.
The guidelines for deciding the value-addition for the
electronic product being notified is proposed to be determined as follows. This
involves identifying main inputs as per industry norms, constituting the Bill
of Material (BOM) for the electronic product. The granularity at which the
inputs need to be identified (i.e. the number of inputs) should not be very
large and be based on industry practices. Secondly, the value of input should,
as far as possible, be clearly discernible based on industry billing practices.
Thereafter the status of manufacture of the input needs to be ascertained and
accordingly, define what would mean to manufacture the input domestically.
Based on the cumulative understanding of these inputs, the value addition will
be determined.
The policy has attracted great deal of interest and responses. There
have been concerns whether the policy is discriminatory to foreign companies
and whether it is compatible with the commitment sunder the WTO; whether it
would actually help achieve cyber security objectives, whether it would eventually
help in developing a manufacturing base of electronics in India. There are also
concerns regarding tis wide scope in terms of electronic products which it
covers. A factual analysis of the policy will show that these concerns are
largely unfounded. Let me briefly reiterate some of the basic facts relating to
the policy.
The Policy does not per se mandate preference to any electronic
product. It only provides an enabling framework. Each Ministry/Department is
free to decide whether any products are to be notified under the policy. Department
of Electronics and IT does not notify preference for all products, but only
those products which it is concerned with.
The Policy is in conformance with India’s WTO commitments. The
procurement by Governmental agencies is exempted from the provisions of GATT
(Article III). Besides, India is not a signatory to Government Procurement Agreement
(GPA) of the WTO and, therefore, is not constrained by the stipulations of the
GPA. Article XX and XXI of General Agreement on Trade and Tariffs (GATT)
provide for member countries to take such steps as are necessary in its
essential security interests. The extant scheme also does not differentiate between
Indian companies and foreign companies and the benefit of the scheme is
available to all companies manufacturing electronic products in India without
discrimination. India also allows 100% Foreign Direct Investment (FDI) in
electronics hardware manufacturing which further provides a level playing field
to foreign companies (except in strategic products relating to defense, Space
etc.). The extant scheme does not provide any price preference to domestic manufacturers
over imported electronic products. Neither is any concession with respect to
technical requirements is provided.
Several countries including USA, Australia, and Taiwan among others
have put various restrictive clauses regarding entry of foreign companies in
their country on security grounds. According to reports, US blocked bidding by
Huawei Technologies for wireless networks for emergency responders. The US
Committee on Foreign Investment blocked Huawei’s attempt to take over Server
Company 3Leaf Systems. Australia recently blocked Huawei from taking part in
that country’s National Broadband Network. Taiwan had earlier blocked Chinese companies
from participating in telecom networks in that country.
The policy should not be seen in isolation. The overall National
Policy on Electronics framework, including the five key pillars, would make it
extremely competitive to manufacture electronics in India. The new National
Manufacturing Policy also addresses these concerns and will further improve the
manufacturing ecosystem in the country.
Several companies in the ESDM sector have already started
looking for alternative bases as part of China plus one strategy and to be proximate
to the large demand of the South Asian market. The policy provides additional
incentive to do so.
Conclusion
The policy to provide preference to domestically manufactured electronic
goods is one of the several initiatives which have been taken up by Government of
India as part of its effort to develop India into a secure and globally
competitive destination for ESDM sector. The companies which manufacture in
India take advantage of several other financial incentives as announced under
the Modified Special Incentive Package Scheme, Electronic Manufacturing Clusters
scheme, and above all, can take advantage of the talent pool available in the
country.
By
: Ajay Kumar, The author is Joint Secretary, Department of Electronics &
Information Technology, Government of India.
0 comments:
Post a Comment