THE UNITED STATES ARMY
Headquarters
Department of the Army
Washington, DC
30 April 2025

*Army Regulation 70-77

Effective 30 May 2025

Research, Development, and Acquisition

Technology and Program Protection

By Order of the Secretary of the Army:

RANDY A. GEORGE

General, United States Army

Chief of Staff

MARK F. AVERILL

Administrative Assistant to the

Secretary of the Army

History. This publication is a major revision. The portions affected by this major revision are listed in the summary of change.

Authorities. The authorities for this regulation are DoDI 5000.83, DoDI 5205.87, and DoDI 5200.44.

Applicability. This regulation applies to the Regular Army, the Army National Guard/Army National Guard of the United States, and the U.S. Army Reserve, unless otherwise stated.

Proponent and exception authority. The proponent of this regulation is the Assistant Secretary of the Army (Acquisition, Logistics and Technology). The proponent has the authority to approve exceptions or waivers to this regulation that are consistent with controlling law and regulations. The proponent may delegate this approval authority, in writing, to a division chief within the proponent agency or its direct reporting unit or field operating agency, in the grade of colonel or the civilian equivalent. Activities may request a waiver to this regulation by providing justification that includes a full analysis of the expected benefits and must include formal review by the activity's senior legal officer. All waiver requests will be endorsed by the commander or senior leader of the requesting activity and forwarded through their higher headquarters to the policy proponent. Refer to AR 25-30 for specific requirements.

Army internal control process. This regulation contains internal control provisions in accordance with AR 11-2 and identifies key internal controls that must be evaluated (appendix B).

Suggested improvements. Users are invited to send comments and suggested improvements on DA FormDA FormDepartment of the Army form 2028 (Recommended Changes to Publications and Blank Forms) directly to the Assistant Secretary of the Army (Acquisition, Logistics and Technology) (SAAL-ZF) via email to usarmy.pentagon.hqda-asa-alt.mbx.asa-alt-publication-updates@army.mil.

Distribution. This regulation is available in electronic media only and is intended for the Regular Army, the Army National Guard/Army National Guard of the United States, and the U.S. Army Reserve.

*This regulation supersedes AR 70-77, dated 8 June 2018. Army Directive 2019-29, dated 18 September 2019, is rescinded upon publication of this revised regulation.

AR 70-77 • 30 April 2025

UNCLASSIFIED

Anti-tamper See DoDD 5200.47E.

Basic research Systematic study directed toward greater knowledge or understanding of the fundamental aspects of phenomena and of observable facts without specific applications towards processes or products in mind. It includes all scientific study and experimentation directed toward increasing fundamental knowledge and understanding in those fields of the physical, engineering, environmental, and life sciences related to long-term national security needs. It is farsighted high payoff research that provides the basis for techno- logical progress. See DoDI 3210.1.

Conflict of commitment A situation in which an individual accepts or incurs conflicting obligations between or among multiple em- ployers or other entities. Many institutional policies define conflicts of commitment as conflicting commit- ments of time and effort, including obligations to dedicate time in excess of institutional or funding agency policies or commitments. Other types of conflicting obligations, including obligations to improperly share information with, or withhold information from, an employer or funding agency, can also threaten research security and integrity, and are an element of a broader concept of conflicts of commitment.

Conflict of interest A situation in which an individual, or the individual's spouse or dependent children, has a financial interest or financial relationship that could directly and significantly affect the design, conduct, reporting, or fund- ing of research.

Controlled technical information See DFARS 204.7301.

Counterintelligence support plan See DoDI O–5240.24.

Critical function analysis A key SCRM scoping process that identifies system mission-critical functions and then maps those func- tions to the associated information communication and technology components and subcomponents, to include components and subcomponents that defend or have unmediated access to mission-critical com- ponents. See also criticality analysis.

Critical program information See DoDI 5200.39.

Critical programs and technologies list Annual report to Congress comprising DoD acquisition programs, technologies, manufacturing capabili- ties, and research areas that are critical for maintaining the national security technological advantage of the United States over foreign countries of special concern in accordance with Section 1049 of Public Law 115–232.

Critical technology See DoDI 5230.24. For the purpose of this regulation, includes items on the CP&T list.

Criticality analysis See DoDI 5200.44.

Cyber incident damage assessment See DoDI 5205.13.

Cybersecurity supply chain risk management The systematic process for managing exposure to cybersecurity risks throughout the supply chain and developing appropriate response strategies, policies, processes, and procedures. See NIST SP 800–161.

Digital capabilities See DoDI 5000.82.

Enabling technology Equipment and/or methodology that, alone or in combination with associated technologies, provides the means to generate giant leaps in performance and capabilities of the user.

Functional proponent The proponent or office with responsibility for certifying that a process or activity has been performed ac- curately and meets established standards.

Fundamental research Basic and applied research in science and engineering, the results of which ordinarily are published and shared broadly within the scientific community, as distinguished from proprietary research and from indus- trial development, design, production, and product utilization, the results of which ordinarily are restricted for proprietary or national security reasons. See NSDD 189.

Hardware The physical, touchable, material parts of a computer or other system. The term is used to distinguish these fixed parts of a system from the more changeable software or data components it executes, stores, or carries. Computer hardware typically consists chiefly of electronic devices (central processing unit, memory, and display) with some electromechanical parts (keyboard, printer, disk drives, tape drives, and loudspeakers) for input, output, and storage.

Hardware assurance An activity to ensure a level of confidence that microelectronics (also known as microcircuits, semicon- ductors, and integrated circuits, including its embedded software and/or intellectual property) function as intended and are free of known vulnerabilities, either intentionally or unintentionally designed or inserted as part of the system's hardware and/or its embedded software and/or intellectual property, throughout the life cycle.

Information and communications technology See DoDI 5200.44.

Information technology See 40 USCUSCUnited States Code 11101.

Mission-critical functions See DoDI 5200.44.

Science and technology reinvention laboratory A laboratory designated by the Secretary of Defense in accordance with 10 USCUSCUnited States Code 4121.

Software assurance See DoDI 5200.44.

Special access program See DoDI 5205.11.

Supply chain risk See DoDI 5200.44.

Supply chain risk management See DoDI 5200.44.

System security engineering See DoDI 5200.44.