As part of the Trump administration’s push to reduce government spending, the U.S. Department of Defense has rolled back more than US $580 million in funding, including $360 million in grants, some of which were tied to universities. The cuts pumped the brakes on troves of projects across the country, including national security–focused research that President Trump deemed unaligned with national priorities.
Among the projects placed on indefinite hold was a multiyear, $3 million study at Cornell University funded through the National Defense Authorization Act (NDAA) to examine cyber vulnerabilities in the U.S. semiconductor supply chain. It was one of more than 75 DoD-funded projects at Cornell that received a stop-work order.
The research came amid rising geopolitical tensions and a global AI arms race. Chips are critical to both AI infrastructure and military systems. Without understanding risks—such as design software attacks and IP theft—some experts warn that halting this work could leave the chip supply chain open to sabotage, posing threats to U.S. economic and national security.
Sarah Kreps, a professor of government at Cornell and director of the university’s Tech Policy Institute, led the research. In a conversation with IEEE Spectrum, Kreps explained what her team set out to study, how the project came to a halt, and why securing the chip supply chain is more urgent than ever. The following has been edited for length and clarity.
Sarah Kreps on:
How did this project come about?
Sarah Kreps: About two years ago, Micron reached out to the Cornell Tech campus. They were building a $100 billion manufacturing facility near Syracuse and were concerned about the security of their entire supply chain. They said they didn’t have the mental bandwidth or in-house expertise to figure out where the vulnerabilities lay, and therefore couldn’t figure out how to address them.
Cornell Tech said this was an interdisciplinary project they couldn’t handle on their own, so they reached out to us. My work focuses on emergent technologies—AI, semiconductors—with a national security focus, which is what Micron was most interested in, especially with chips that ultimately end up with DoD as the customer. We put together one-pagers about the project, and eventually it made it into the 2025 NDAA. We finally got the grant in December 2024, and the work was set to run for the calendar year 2025.
Why did this feel so urgent?
Kreps: We started this around the time the AI boom really took off. I’ve worked in the AI space since 2018, but it’s completely accelerated. The geopolitics of AI matter. If there’s a goal to be a global leader in AI, then we have to secure the infrastructure underlying it.
Part of the problem is that infrastructure isn’t very sexy. It’s easy to take for granted. But if you want to be a leader in AI, meet national security needs, and fulfill domestic manufacturing goals, you need a resilient supply chain. Our early work showed we’re not there yet.
What was the scope of the research, and what were you hoping to achieve?
Kreps: We were compressing quite a bit of work into a one-year window. There were three phases, each addressing key vulnerabilities in the defense semiconductor supply chain.
The first phase involved mapping out material and information networks: identifying critical nodes, choke points, and redundancies to assess supply chain resilience. The material side traced manufacturing dependencies, while the information side looked at data flows, security protocols, and alternative communication routes to prevent theft or disruption.
The second phase brought in the cyber vulnerability angle. We were going to conduct penetration and stress testing of key manufacturing stages like wafer fab and lithography to identify security gaps and high-risk nodes based on the testing results.
The third phase in the fall was going to integrate the findings through network simulations and tabletop exercises. That would’ve modeled how disruptions cascade, analyzed the dual vulnerabilities of the material and information flows, and tested mitigation strategies. We were going to bring in industry, government, and academic stakeholders to validate the risk scenarios and shape policy recommendations. In the end, we owed Congress both an unclassified and a classified version of these findings.
We were also starting with a proof of concept—looking at analogous use and misuse cases, like the Israeli-Hezbollah pager attacks and Stuxnet. The idea was to understand what the threat environment actually looks like by pointing to real-world examples of the kinds of risks we were modeling. That formed the foundation for a typology of threats we were developing.
What vulnerabilities were you uncovering, and what did early insights reveal?
Kreps: We got a stop-work order in the middle of March, so we were still in the scaling-up phase of the project—bringing the team together, building out the lab, setting up the hardware. We’d spent a few hundred thousand dollars on advanced servers and compute to build the cyber test range.
One early insight was just how little different parts of the supply chain really understand their vulnerabilities, let alone know what their own supply chain looks like. If you don’t know who your tier-three suppliers are, you can’t figure out what the vulnerabilities are. We were supposed to visit Micron in Boise the week we got our stop-work order to begin mapping what they know, what they don’t know, and what they don’t know they don’t know. But we couldn’t go.
It’s clear they’re under attack every day, and they don’t have the expertise to systematically assess and mitigate those threats.
Walk me through some of the real-world cyber risks in the supply chain.
Kreps: We have a dizzying array of possible attacks that could come from this. Upstream, in the design phase, you can have IP theft or hardware Trojans inserted. Your adversary can put something malicious into the software at the front end that could lead to cloned or sabotaged chips.
At the fabrication stage, which is often offshore—Taiwan, South Korea, China—the foundry itself could be compromised. You can imagine software altering doping levels or embedding hidden functionalities without the designer even knowing. That could lead to sabotage, low-yield manufacturing, or chips that don’t work.
During post-fab testing and assembly, contractors could introduce subtle changes—malicious code in the firmware or test environments that are hard to detect after deployment. In the toolchain phase, you have risks of malware in design software that could infect the chips. These tools are often updated in the field, which becomes another attack vector.
At packaging and distribution, malicious updates could be inserted at the last mile. And then there’s the idea that dormant code could allow a chip to be disabled in the future—remote kill switch–type risks. These are all real concerns.
What was your reaction to the funding cut, and how did it affect your team?
Kreps: Frankly, I was blindsided. In the initial weeks of DOGE, we were feeling like we had dodged a bullet. We felt like the project seemed so central to national security, and that anyone who cares about the country would see that pausing this kind of work is shooting yourself in the foot. But by mid-March, we got caught in the crosshairs of the political fallout with higher education—$1 billion pulled from Cornell.
The PhD students on the project had to stop work right away because their support is tied to the grant. We had some admin help, undergrads, and all of that went away. It really made me think about the funding and training pipeline from universities to industry.
Students in these programs often go on to work for SpaceX, Micron, and ASML. These industries—which are so central now to the U.S. economy and national security—are going to be losing their training pipeline. I think that’s a real problem. Federal grants are what make that training possible. If you cut them, you’re not just disrupting research; you’re creating a talent deficit in national security and aerospace that will show up in three to five years.
Is there any chance the funding could be reinstated?
Kreps: We’re working on a few different angles. But this was an executive-level decision, so it’s not something Cornell can change unilaterally. Columbia, for example, received a list of conditions they needed to meet to restart their funding. We didn’t get anything like that, which has made it harder.
Are you optimistic the project will resume?
Kreps: Depends on the day. Sometimes it feels like we’re making progress. Other times, the conflict between higher ed and the executive branch feels unresolved. We’re doing what we can—pushing forward with dissertations, keeping the infrastructure in place—with the hopes there’s a willingness to turn the project back on. So if and when we get the green light, we’ll be ready.
- The Hunt for the Kill Switch ›
- Trump’s Second Term Will Change AI, Energy, and More ›
- How a Harvard Engineer Lost Three Grants in One Day ›
