NSA Research Offers New Software to Support Supply Chain Security Using TPM

NSA Research, as part of NSA’s Technology Transfer program, released new software on September 6, 2018, allowing technology users to mitigate risks with today’s supply chain management. This software is intended to support the supply chain validation techniques prescribed by the Trusted Computing Group (TCG).

NSA’s Host Integrity (HI) Attestation Certificate Authority (ACA) is available on the NSA Cyber Github site. The ACA provides an “Acceptance Test” policy, used to prove a device was produced by the claimed manufacturer, and contains the agreed upon list of components. Host Integrity will initially support Centos-based Linux devices; however, the TCG’s supply chain validation process can work with any computerized device that includes a Trusted Platform Module (TPM) (1.2 or 2.0).

Trusted Computing Group

Newsletter Subscribe