The U.S. retains significant leadership in developing and innovating information and communications technology (ICT) products but faces risks in the larger supply chain, ranging from increasing reliance on printed circuit boards manufactured in China to security concerns with open-source software and a lack of visibility in the security standards of software developed by suppliers, says a new report prepared by the Departments of Commerce and Homeland Security.

Printed circuit boards (PCBs) are key ingredients in the functioning of ICT hardware, as well as other products used in the automotive, defense and medial industries, and China has a little over half the companies, factories and global sales related to PCB manufacturing, says the report.

In the U.S., which has about 4 percent of the global share of PCB production, manufacturers “often are small and medium sized businesses that do not have the capacity for large scale production, nor do they have the capital to purchase additional equipment, so they concentrate on specialty PCBs for defense, medical, or industrial use,” says the 97-page report, Assessment of the Critical Supply Chains Supporting the U.S. Information and Communications Technology Industry. The report says “many” of these U.S. manufacturers couldn’t survive without defense contracts, which by themselves “do not create the economies of scale to re-develop a significant PCB industrial base for commercial uses in the United States.”

The report, which was prepared at direction of President Biden in an executive order last year on strengthening supply chains of U.S. supply chains, offers a number of recommendations, including bolstering the U.S. ICT manufacturing base through incentives around “Buy American” provisions as part of projects financed under the new federal infrastructure law, federal procurement and investments in productivity and competitiveness.

The report also calls for more transparency in the ICT supply chain, which the government can assist having federal agencies procure sensitive ICT products through vendors that participate in voluntary assured supplier programs and establishing an office within DoC that monitors supply chain vulnerabilities and partners with industry to strengthen the resiliency of the supply ecosystem.

A joint statement by Commerce Secretary Gina Raimondo and Homeland Security Secretary Alejandro Mayorkas said that the “U.S. government alone cannot address these ICT supply chain vulnerabilities. We look forward to working with industry stakeholders, foreign governments, and other domestic and international partners to implement measures identified in the assessment that build resilience and security throughout the ICT supply chain and across our nation.”