The Open Group Publishes IT Supply Chain Security Standard to Prevent Counterfeits, Tampering

Published by Open Group’s Trusted Technology Forum (OTTF), the standard dubbed “Open Trusted Technology Provider Standard (O-TTPS),” provides a set of requirements, guidelines along with recommendations that, if implemented, would enable technology acquirers to reduce the risk of acquiring counterfeit or tampered products. The standard intends to provide an assurance that the supplier in question has a set of both logical and physical security controls in place right down to the point where open-source components are in use and that the supplied components / products are not counterfeit or tampered with.

IBM, Cisco and the others who are involved with the standard anticipate an official accreditation process by end of the year where suppliers, specifically technology ones, would be able to prove their adherence to the standard. Apart from these two technology biggies quite a few other companies including Microsoft, HP, CA Technologies, Juniper, Boeing, the NSA and NASA have contributed to the development of the standard. Currently IBM’s Andras Szakal is the Chair of OTTF while Edna Conway of Cisco is serving as the Vice Chair.

The standard is aiming to take the entire life cycle of the supply chain distribution head-on and lays out best practices for all the phases of the chain including designing, sourcing, building and fulfillment. US Government and the Department of Defense have been very vocal about their concerns that fake and tampered products – electronics, hardware and software are being sold and the standard seeks to address these concerns.