Documents | Contact Us | Employment | Customer Login

SEARCH:
  SECURITY
  ANCHOR POINT  |  SECURE COMMS  |  SUPPLY CHAIN  |  EMERGING APPS



Supply Chain Protection

One of the primary applications of the secure processor, both in commercial and defense business, is in providing protection to tampering in the research and development supply chain.

Supply chain vulnerabilities can occur in a variety of places: design and development tools and software, part ordering and channel delivery, warehouse tampering of components, ‘non-trusted’ design workstations, and of course ‘non-trusted’ employees and design personnel.

Threats to Supply Chain

On 2 March 2010, White House Cyber Security Coordinator Howard Schmidt declassified portions of the Comprehensive National Cyber Security Initiative (CNCI). This initiative, which takes the first steps in identifying significant security holes and vulnerabilities in our national infrastructure, outlines plans to address these holes.

One of these holes in our Federal and Defense acquisitions infrastructure, addressed by initiative #11 in the CNCI, is the ‘Global Supply Chain’. This refers to the process of sourcing materials, tools, and components that make up pieces of our critical infrastructure. This process has become so globalized that we quickly lose track of where our technology is coming from. This creates opportunities for malicious actors to create backdoors, malware, and faulty hardware that in turn make their way into our weapon systems, internet infrastructure, banking systems, and personal computing devices.

It is very difficult to know where in the design, manufacture, or device configuration process malware was introduced once it is discovered. Plugging all of these holes in the supply chain is a virtually impossible task, which is why it is being coordinated at the level even as high as the White House. The first step in this process was recently released by the NIST in June 2010: Draft NISTIR 7622, Piloting Supply Chain Risk for Federal Information Systems.

How Acalis and Design Environment Can Help

The primary application to support the detection of counterfeit boards, components, and supply chain tampering is the Secure Anchor Point using the Acalis CPU 872. This application is designed specifically to incorporate self-sensing and monitoring mechanisms to meet some of the real-time monitoring goals of the Comprehensive National Cyber Security Initiative.

The Acalis Sentry element of the Acalis Design Environment is itself designed to improve the supply chain process for developers of equipment used in defense and critical national infrastructure. The Acalis Sentry is a ‘secure configuration tool’ designed for configuration of the Acalis Secure Processor, but can also be considered a platform candidate for performing other critical system configuration tasks not limited to the Acalis Secure Processor.

CPU Tech is also investing in other initiatives aimed at addressing the supply chain security issue.