NIST seeks comment on supply chain assurance research project, enterprise risk management publication

The National Institute of Standards and Technology is looking for input on its approach to addressing supply chain assurance, through an ongoing project in partnership with industry examining the integrity of computing devices.

The project is part of an investigation underway through NIST’s National Cybersecurity Center of Excellence to “produce example implementations” that “demonstrate how organizations can verify that the internal components of their purchased computing devices are genuine and have not been altered during the manufacturing and distribution processes,”...