Research and Development Priorities for Security of Embedded Hardware Devices
本文针对嵌入式硬件设备供应链中的安全威胁(如仿冒、网络攻击、木马等),提出一个框架来制定研发优先级,帮助政府和行业识别对系统信任与安全影响最大的场景。
Supply chains for embedded hardware devices are subject to a variety of security threats that are concerning to governments and industry. Such threats include counterfeit parts, cyber-attacks, Trojan attacks, reliance on offshore-manufactured and controlled hardware, software, and rapid increase of network technologies. Addressing these threats is vital to maintain and enhance system trust and security. This article develops a framework to address initiatives and success criteria which accounts for different perspectives of system stakeholders and identify different potential emergent conditions and scenarios which are most and least impactful to the trust and security of the supply chain. The article demonstrates a research and development priorities preferences method that accounts for evolving perspectives of supply chain stakeholders and describing the example application of embedded hardware devices as a system.