Secure Device Manufacturing: Supply Chain Security Resilience
Today the production of hardware devices involves multiple suppliers at various stages of the production and support lifecycle.
There is no electronics manufacturer who manufactures every single component of a device in their own factory. As such, and has been demonstrated, these hardware and manufacturing supply chains introduce risk that threat actors could gain an opportunity to defraud, steal, or otherwise undermine the security of the produced electronic devices.
For these reasons it is important that hardware brand owners understand this risk and take appropriate steps to mitigate them. The appropriate level of mitigation that any organization should take will depend on the expected level of security of the device, the sensitivity of the data that it will process, and the capabilities of the expected threat actors.
This whitepaper is primarily concerned with the following questions:
- How can I build a secure product that my customers can trust when I do not trust my factory?
- How do I limit the number of counterfeit devices in the marketplace?
- Can the grey market be of any benefit to my company?