ISO/IEC 20243-1:2023

ISO/IEC 20243-1:2023

novembre 2023
Norme internationale En vigueur

Information technology - Open Trusted Technology ProviderTM Standard (O-TTPS) - Part 1: Requirements and recommendations for mitigating maliciously tainted and counterfeit products

ISO/IEC 20243-1:2018 (O-TTPS) is a set of guidelines, requirements, and recommendations that address specific threats to the integrity of hardware and software COTS ICT products throughout the product life cycle. This release of the Standard addresses threats related to maliciously tainted and counterfeit products.The provider's product life cycle includes the work it does designing and developing products, as well as the supply chain aspects of that life cycle, collectively extending through the following phases: design, sourcing, build, fulfillment, distribution, sustainment, and disposal. While this Standard cannot fully address threats that originate wholly outside any span of control of the provider ? for example, a counterfeiter producing a fake printed circuit board assembly that has no original linkage to the Original Equipment Manufacturer (OEM) ? the practices detailed in the Standard will provide some level of mitigation. An example of such a practice would be the use of security labeling techniques in legitimate products.

Voir plus
Informations générales

Collections

Normes internationales ISO
Normes internationales IEC

Thématiques

QSE, Sécurité

Date de publication

novembre 2023

Nombre de pages

31 p.

Référence

ISO/IEC 20243-1:2023

Codes ICS

35.030   Sécurité des technologies de l'information
13.310   Protection contre les crimes

Numéro de tirage

1
Résumé
Information technology - Open Trusted Technology ProviderTM Standard (O-TTPS) - Part 1: Requirements and recommendations for mitigating maliciously tainted and counterfeit products

ISO/IEC 20243-1:2018 (O-TTPS) is a set of guidelines, requirements, and recommendations that address specific threats to the integrity of hardware and software COTS ICT products throughout the product life cycle. This release of the Standard addresses threats related to maliciously tainted and counterfeit products.

The provider's product life cycle includes the work it does designing and developing products, as well as the supply chain aspects of that life cycle, collectively extending through the following phases: design, sourcing, build, fulfillment, distribution, sustainment, and disposal. While this Standard cannot fully address threats that originate wholly outside any span of control of the provider ? for example, a counterfeiter producing a fake printed circuit board assembly that has no original linkage to the Original Equipment Manufacturer (OEM) ? the practices detailed in the Standard will provide some level of mitigation. An example of such a practice would be the use of security labeling techniques in legitimate products.

Normes remplacées (1)
ISO/IEC 20243-1:2018
février 2018
Norme internationale Annulée
Technologies de l'information - Norme de fournisseur de technologie de confiance ouverte (O-TTPS) - Atténuation des produits contrefaits et malicieusement contaminés -Partie 1: Exigences et recommandations

Besoin d’identifier, de veiller et de décrypter les normes ?

COBAZ est la solution simple et efficace pour répondre aux besoins normatifs liés à votre activité, en France comme à l’étranger.

Disponible sur abonnement, CObaz est LA solution modulaire à composer selon vos besoins d’aujourd’hui et de demain. Découvrez vite CObaz !

Demandez votre démo live gratuite, sans engagement

Je découvre COBAZ