"The hardware supply chain is difficult to secure due to the number of stages, organizations, and individuals involved and current security methods are mostly subjective and require human intervention. As malicious and counterfeit hardware is extremely difficult to identify, most organizations do not have access to the tools, knowledge, or expertise to successfully detect it. With guidance from the Supply Chain Security work group, those in the supply chain will be better equipped to protect against cyber threats."
- Provisioning, which involves ensuring devices are genuine and from a trusted source at every step of the supply chain; and
- Recovery, which involves helping companies to recover their systems, devices, and networks quickly in the event of a cyberattack.
Hardware Supply Chain Security: Executive Perspectives
The new work group's co-chairs are:- Dennis Mattoon, principal software development engineer at Microsoft.
- Michael Mattioli, vice president at Goldman Sachs.
“For nearly 20 years, TCG has guided the industry in adopting technologies that enable secure computing, with specifications for IoT and embedded systems, PCs and servers, mobile, and storage. The supply chain is the one thing that spans all of these verticals and experts from TCG work groups are now coming together to create industry-wide guidance that seeks to make the supply chain more secure.”
"Securing the hardware supply chain is no easy task, as no single company has end-to-end control of the modern technology supply chain. This is why the new TCG work group is so important, as we are bringing together experts from a wide range of companies to define industry guidance that can be implemented across the ecosystem.”