Assuring software and hardware security and integrity throughout the supply chain

Author

Axelrod, C. Warren

Author_Institution

Delta Risk, LLC, Great Neck, NY, USA

fYear

2011

fDate

15-17 Nov. 2011

Firstpage

62

Lastpage

68

Abstract

There is much talk in government and private sector circles about setting up additional test laboratories for certifying commonly-used software and hardware products. It has also been suggested that quality control and oversight be included at each step of the supply-chain. However, reviews are typically done after-the-fact, and have much less value for controlling processes. Often only when malware or rogue components are discovered in final products are more thorough audits initiated. By then it is often too late to retrieve items already in production. Much damage could have already occurred by the time a recall takes effect. The author has long supported supply-chain customers and entities installing sensors to monitor processes and products throughout the supply-chain life cycle. At various stages, products and services should be sent to laboratories for testing or be subjected to internal tests to verify that they comply with design specifications and external requirements.

Keywords

invasive software; product life cycle management; production engineering computing; quality control; sensors; supply chain management; government sector; hardware security; malware components; monitor processes; private sector; quality control; rogue components; software integrity; software security; supply-chain customers; supply-chain life cycle; Certification; Hardware; Monitoring; Security; Software; Supply chains; Testing; IT services; hardware; integrity; security; software; supply chain;

fLanguage

English

Publisher

ieee

Conference_Titel

Technologies for Homeland Security (HST), 2011 IEEE International Conference on

Conference_Location

Waltham, MA

Print_ISBN

978-1-4577-1375-0

Type

conf

DOI

10.1109/THS.2011.6107848

Filename

6107848