Title :
Assuring software and hardware security and integrity throughout the supply chain
Author :
Axelrod, C. Warren
Author_Institution :
Delta Risk, LLC, Great Neck, NY, USA
Abstract :
There is much talk in government and private sector circles about setting up additional test laboratories for certifying commonly-used software and hardware products. It has also been suggested that quality control and oversight be included at each step of the supply-chain. However, reviews are typically done after-the-fact, and have much less value for controlling processes. Often only when malware or rogue components are discovered in final products are more thorough audits initiated. By then it is often too late to retrieve items already in production. Much damage could have already occurred by the time a recall takes effect. The author has long supported supply-chain customers and entities installing sensors to monitor processes and products throughout the supply-chain life cycle. At various stages, products and services should be sent to laboratories for testing or be subjected to internal tests to verify that they comply with design specifications and external requirements.
Keywords :
invasive software; product life cycle management; production engineering computing; quality control; sensors; supply chain management; government sector; hardware security; malware components; monitor processes; private sector; quality control; rogue components; software integrity; software security; supply-chain customers; supply-chain life cycle; Certification; Hardware; Monitoring; Security; Software; Supply chains; Testing; IT services; hardware; integrity; security; software; supply chain;
Conference_Titel :
Technologies for Homeland Security (HST), 2011 IEEE International Conference on
Conference_Location :
Waltham, MA
Print_ISBN :
978-1-4577-1375-0
DOI :
10.1109/THS.2011.6107848
