A U.S. combat jet goes down over territory it does not control, or an export-model missile that was sold to one government turns up on a workbench in a country it was never meant to reach. Within days a foreign engineering team is prying open the seeker head, dumping the firmware, and photographing the guidance boards. The question is not whether they will try to copy it. They will. The question is how long the design can hold them off, and whether the adversary harvests a working weapon or a pile of dead-ended parts. That delay is a discipline with a name, anti-tamper, and inside the Department of Defense it has an owner, a directive, and a budget line that runs on the order of $50 million a year.
What anti-tamper actually protects
Anti-tamper, abbreviated AT, is not a weapon or a gadget. It is a systems-engineering discipline aimed at one narrow job: protecting the small handful of things in a weapon that would actually help an adversary if they were understood. The Pentagon calls those things Critical Program Information, or CPI. CPI is not the whole airplane or the whole missile. It is the guidance algorithm, the seeker design, the cryptographic keys, the signal-processing tricks, the low-observable coatings, the specific pieces of know-how that took years and billions to develop and that a competitor would love to skip straight to.
Anti-tamper is the set of design choices that make a captured system slow and expensive to reverse-engineer. In practice that means potting sensitive electronics in hardened resin, adding sensors that detect when a housing is opened or drilled, wiring memory to erase itself if it is probed, and obfuscating the code so that a firmware dump does not read like a blueprint. The goal is almost never to make exploitation impossible. Against a determined state adversary with unlimited time, nothing is truly tamper-proof. The realistic goal is to buy time, enough time that by the point an adversary understands the technology, it has already been superseded, and enough friction that the effort is not worth it. AT exists because the United States is the most prolific exporter and forward-deployer of advanced weapons on earth, and some fraction of those systems will inevitably be captured, shot down, resold, or abandoned in a hasty withdrawal.
The Executive Agent and the office that writes the rules
Because anti-tamper cuts across every service and nearly every major weapons program, DoD does not leave it to each program to invent its own approach. It designates a single owner. In 2001 the Under Secretary of Defense for Acquisition, Technology, and Logistics designated the Air Force as the DoD Executive Agent for anti-tamper. That designation is carried today in the DoD Executive Agent registry and codified in DoD Directive 5200.47E, "Anti-Tamper (AT)," issued September 4, 2015 and incorporating Change 3 dated December 22, 2020. The directive's own purpose section says it establishes policy and assigns responsibilities for AT protection of critical program information, and it designates the Secretary of the Air Force as the Executive Agent. So the role is not folklore or an org-chart habit. It sits on a current, primary directive.
The work is done by a small shop, the Anti-Tamper Executive Agent Program Office, ATEA for short, run inside Air Force acquisition (the office is associated with SAF/AQLE) and reachable at at.dod.mil. Its mission, in the office's own words, is to manage and support DoD acquisition programs and their contractors in anti-tamper systems engineering. That framing matters for understanding the money. The ATEA does not bolt anti-tamper onto any one missile or radar. It writes the policy, funds the shared labs and tools and testing, and helps program managers across the department figure out what their CPI is and how to guard it. The individual weapons programs pay to build the protection into their own hardware. The Executive Agent is the standards body and the toolmaker, not the line worker.
The money, kept in its lanes
Three numbers get quoted about anti-tamper, and the fastest way to misread this program is to blur them together. They measure three different things.
The first is the Executive Agent's own budget. That lives in a single Air Force research-and-development program element, PE 0605024F, "Anti-Tamper Technology Executive Agency." In recent years it has run around $50 million annually. The primary source, the Department of the Air Force FY2023 President's Budget R-1 exhibit, shows the shape of it in dollars: about $46.8 million actual in FY2021, about $51.5 million enacted for FY2022, and about $50.1 million requested for FY2023. That distinction is worth pausing on, because it is easy to garble. The $51.5 million is money Congress actually appropriated for fiscal 2022. The $50.1 million is a request, a projection of what the office asked to spend in fiscal 2023, not a settled fact. A figure sometimes cited loosely as "the FY2023 request" of $51.5 million is really the FY2022 enacted amount. The honest one-line version is: about $50 million a year in recent budgets, funding the Executive Agent's technology development, testing, and policy work, and nothing else.
The second number is historical, and it shows how much this function has grown. GAO reported in 2004 that the Executive Agent ran on about $8 million a year with two full-time staff. A two-person office guarding the crown jewels of the entire acquisition system is a striking image, and it is part of why the watchdog was worried.
The third number is the one that makes headlines and misleads the most. In February 2024 the Air Force awarded a multiple-award indefinite-delivery, indefinite-quantity contract with a ceiling of $499 million over a potential six years, shared across 17 companies, for anti-tamper technologies such as sensors and cryptographic protection. It was a recompete of a 2016 award. A ceiling is not a check. It is the maximum total that could be ordered across all 17 firms over six years if every option and every task order came due, which is not how these vehicles usually play out. Treating $499 million as anti-tamper spending is a category error. It is a spending limit, not an outlay.
And there is a fourth bucket the office budget deliberately excludes: what individual weapons programs pay to embed anti-tamper into their own systems. GAO's 2004 review put concrete numbers on this. On one program, adding protection to a receiver upgrade was estimated to raise unit cost by about $31 million (roughly ten percent). On another, a budget increase of about $56 million was estimated. On a third, protecting two critical technologies was put at about $87 million. Those are program add-on costs, not Executive Agent budget, and lumping them into the ATEA's ledger would badly overstate the size of the central office.
Where the criticism lands
The honest case against the program is not that $50 million is wasteful on its face. It is that anti-tamper is genuinely hard to manage and even harder to audit. GAO's 2004 report, the one detailed public examination this function has drawn, found that DoD had no reliable central inventory of the critical technologies that needed protecting. If you cannot list what you are guarding, you cannot be confident you are guarding it. The report also found that protection was often added late in a program, after the design had frozen, which is exactly when it is most expensive and most disruptive, and that program managers frequently struggled to implement it at all. Those are the $31 million, $56 million, and $87 million surprises appearing after the fact rather than in the original plan.
Two deeper problems dog anti-tamper permanently. First, you cannot easily prove it worked. Success looks like an adversary who quietly gave up or wasted years on a copy that did not fly, and neither of those shows up on a spreadsheet. Measuring a discipline whose entire product is a delay you can never fully observe is close to impossible, which makes cost-effectiveness a matter of judgment rather than data. Second, the same secrecy that gives anti-tamper its value starves external oversight. Very little of this program is examined in public. Its visibility is low, an underserved corner of the budget that Congress and the press rarely dig into, precisely because the subject matter is classified and unglamorous. A skeptic can fairly say that a small policy-and-tools office holding a mandate that spans the entire weapons enterprise, and doing so mostly out of public view, is a structure that invites drift and is easy to fund on autopilot.
The case for the line item
The defense is straightforward and, on the arithmetic, strong. If anti-tamper works even partially, it is cheap insurance on extraordinarily expensive secrets. The United States will keep exporting and forward-deploying weapons that sometimes end up in the wrong hands, and the value of slowing an adversary from harvesting a guidance package or a low-observable coating and fielding a copy is measured in strategic advantage and in the follow-on cost of countering that copy. Set roughly $50 million a year for the central office against the technology embedded in multi-billion-dollar export programs, and the ratio looks favorable on its face. Even the historical $8 million office was guarding value orders of magnitude larger than its budget.
The decisive point is what the watchdog recommended. GAO did not look at the disorganization it found and conclude that anti-tamper should be scaled back or scrapped. It concluded the opposite, that DoD needed to better support program managers in implementing the protection, build the central inventory it lacked, and integrate anti-tamper earlier in the acquisition cycle. The remedy for the program's weaknesses was to strengthen the function, not defund it. When the auditor who documents your failures still tells you to do more of the thing, that is a meaningful vote of confidence in the mission if not in the execution.
Reading the ledger
Both readings are true at once, and the honest thing is to let them sit together. On one side, anti-tamper is a lightly watched, hard-to-audit discipline whose central office has grown from about $8 million to about $50 million a year with little public scrutiny, whose flagship $499 million contract figure is routinely misread as spending, and whose core weakness, an inability to prove what it prevents, means no one can say with confidence what the taxpayer gets for the money. On the other side, it is a small line item guarding secrets worth thousands of times its budget, an insurance policy the government's own auditors told it to reinforce rather than cancel, doing a job that becomes only more necessary as more advanced U.S. hardware is sold and deployed into places it may not stay. The verdict here is mixed on purpose. The dollars, kept honestly in their lanes, are modest. The oversight is thin. Whether that combination reads as prudent thrift or as a comfortable blind spot depends on how much you trust a program you are structurally not allowed to see.
Related reading
- The GAO high-risk list and improper payments: the same watchdog lens that produced the one detailed public audit of anti-tamper, applied across the federal ledger.
- The A-12 Avenger stealth cancellation: a stealth program killed after billions, a reminder of exactly the kind of technology anti-tamper exists to keep an adversary from copying.
- The index of programs, lifelines, and boondoggles: the full catalog this piece belongs to.
- The working ledgers: the running tally of programs weighed the same way.
Fact-check notes and sources
- The Air Force is the DoD Executive Agent for anti-tamper, designated in 2001 and codified in DoD Directive 5200.47E, "Anti-Tamper (AT)," September 4, 2015, incorporating Change 3 dated December 22, 2020, which establishes AT policy and designates the Secretary of the Air Force as Executive Agent. The designation itself is carried in the DoD Executive Agent registry. DoD Executive Agent registry; DoD Directive 5200.47E.
- The Executive Agent's own budget is Air Force program element PE 0605024F, "Anti-Tamper Technology Executive Agency," running about $50 million a year. Per the FY2023 President's Budget R-1 exhibit: about $46.8 million actual in FY2021, about $51.5 million enacted for FY2022, and about $50.1 million requested for FY2023. Note that the $51.5 million is an enacted (appropriated) FY2022 figure while the $50.1 million is a projected FY2023 request; a common citation swaps these and calls $51.5 million the FY2023 request, which is incorrect. Department of the Air Force FY2023 RDT&E Budget Estimates, Vol I.
- Historically the office was tiny: GAO reported in 2004 that it ran on about $8 million a year with two full-time staff, that DoD lacked a reliable central inventory of critical technologies, and that late-added protection raised program costs (examples cited: about $31 million, $56 million, and $87 million). These are 2004-era program add-on costs, separate from the current PE 0605024F budget, and GAO's recommendation was to strengthen the function, not cut it. GAO-04-302.
- The widely cited $499 million figure is a contract ceiling, not spending. In February 2024 the Air Force awarded a multiple-award IDIQ with a $499 million ceiling over up to six years shared across 17 companies (a recompete of a 2016 award). A ceiling is the maximum that could be ordered, not money obligated or paid. Washington Technology, "Air Force chooses 17 for $499M anti-tampering tech contract".
- The office is the Anti-Tamper Executive Agent Program Office (ATEA), whose stated mission is to manage and support DoD acquisition programs and their contractors in anti-tamper systems engineering. Anti-Tamper Executive Agent Program Office.
This post is informational and journalistic, drawn from public records, and is not legal, financial, or policy advice; dollar figures are attributed to their fiscal year and distinguish enacted amounts, requests, contract ceilings, and program-specific costs.