{"title":"确保整个供应链的软硬件安全和完整性","authors":"C. Axelrod","doi":"10.1109/THS.2011.6107848","DOIUrl":null,"url":null,"abstract":"There is much talk in government and private sector circles about setting up additional test laboratories for certifying commonly-used software and hardware products. It has also been suggested that quality control and oversight be included at each step of the supply-chain. However, reviews are typically done after-the-fact, and have much less value for controlling processes. Often only when malware or rogue components are discovered in final products are more thorough audits initiated. By then it is often too late to retrieve items already in production. Much damage could have already occurred by the time a recall takes effect. The author has long supported supply-chain customers and entities installing sensors to monitor processes and products throughout the supply-chain life cycle. At various stages, products and services should be sent to laboratories for testing or be subjected to internal tests to verify that they comply with design specifications and external requirements.","PeriodicalId":228322,"journal":{"name":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","volume":"143 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Assuring software and hardware security and integrity throughout the supply chain\",\"authors\":\"C. Axelrod\",\"doi\":\"10.1109/THS.2011.6107848\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"There is much talk in government and private sector circles about setting up additional test laboratories for certifying commonly-used software and hardware products. It has also been suggested that quality control and oversight be included at each step of the supply-chain. However, reviews are typically done after-the-fact, and have much less value for controlling processes. Often only when malware or rogue components are discovered in final products are more thorough audits initiated. By then it is often too late to retrieve items already in production. Much damage could have already occurred by the time a recall takes effect. The author has long supported supply-chain customers and entities installing sensors to monitor processes and products throughout the supply-chain life cycle. At various stages, products and services should be sent to laboratories for testing or be subjected to internal tests to verify that they comply with design specifications and external requirements.\",\"PeriodicalId\":228322,\"journal\":{\"name\":\"2011 IEEE International Conference on Technologies for Homeland Security (HST)\",\"volume\":\"143 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-12-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 IEEE International Conference on Technologies for Homeland Security (HST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/THS.2011.6107848\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE International Conference on Technologies for Homeland Security (HST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/THS.2011.6107848","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Assuring software and hardware security and integrity throughout the supply chain
There is much talk in government and private sector circles about setting up additional test laboratories for certifying commonly-used software and hardware products. It has also been suggested that quality control and oversight be included at each step of the supply-chain. However, reviews are typically done after-the-fact, and have much less value for controlling processes. Often only when malware or rogue components are discovered in final products are more thorough audits initiated. By then it is often too late to retrieve items already in production. Much damage could have already occurred by the time a recall takes effect. The author has long supported supply-chain customers and entities installing sensors to monitor processes and products throughout the supply-chain life cycle. At various stages, products and services should be sent to laboratories for testing or be subjected to internal tests to verify that they comply with design specifications and external requirements.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
