The O-TTPS Snapshot is a draft – a snapshot in time – of what is intended to become an open standard for organizational commercial best practices that when properly adhered to will enhance the security of the global supply chain and the integrity of Commercial Off-The-Shelf (COTS) Information Communication Technology (ICT) products. It will provide a set of guidelines and best practice requirements and recommendations that help assure specifically against tainted and counterfeit products throughout the COTS ICT product life cycle, encompassing the following phases: design, sourcing, build, fulfillment, distribution, sustainment, and disposal.
Using the guidelines and best practices documented in the O-TTPF (Framework) as a basis, the OTTF will take a phased approach and stage the O-TTPS releases over time. This staging will consist of standards that focus on mitigating specific COTS ICT risks from emerging threats. As threats change or market needs evolve, the OTTF intends to update the O-TTPS (Standard) by releasing addenda to address specific threats or market needs.
The Framework, on which the Snapshot is based, is an evolving compendium of organizational guidelines and best practices relating to COTS ICT products, and the security of the supply chain throughout the entire product life cycle. A publically available early version of the Framework was released as a White Paper in February 2011.
11:30-3:30: Member Meeting on Defining Conformance Criteria and the Accreditation Program for the O-TTPS
The member-meeting sessions on Monday were devoted to identifying the conformance criteria and the evidence of conformance that will be required by applicants who apply for accreditation to the planned O-TTPS Accreditation Program. The program will be open to all vendors and integrators; sub-component suppliers, providers, and integrators, wishing to be accredited against all of the mandatory requirements in the O-TTPS Snapshot/Standard and who, if successful, will be accredited as Trusted Technology Providers in the global supply chain.
4:00–4:45: Open Trusted Technology Track
The Global Supply Chain: Presentation and discussion on The Open Group Trusted Technology Forum and the challenges of protecting products against counterfeit and tampering (Andras Szakal, Chief Technology Officer, IBM US Federal)
Andras' presentation can be found here.
4:45–5:30 Open Trusted Technology Track
The Global Supply Chain: Presentation and discussion on identifying Trusted Technology Providers – What are the conformance criteria that technology providers, integrators, and their component suppliers need to meet to be considered Trusted Technology Providers? (Sally Long, Director, The Open Group Trusted Technology Forum, US)
Sally's presentation can be found here.