The National Cybersecurity Center of Excellence (NCCoE) has invited seven technology providers and industry experts to collaborate on the Supply Chain Assurance Project.
The collaborators are Dell, Eclypsium, Hewlett Packard Enterprise, HP Inc., Intel, RSA, and Seagate.
These collaborators will work with the NCCoE project team to provide a practical solution for distinguishing trustworthy computing products. The result will be a freely available National Institute of Standards and Technology (NIST) Cybersecurity Practice Guide that includes a reference design and a detailed description of the practical steps needed to implement the solution based on the NIST Cybersecurity Framework and industry standards and best practices.
Each of these organizations responded to a notice in the Federal Register to submit capabilities that aligned with desired solution characteristics for the project. The accepted collaborators were extended a Cooperative Research and Development Agreement, enabling them to participate in a consortium where they will contribute expertise and hardware or software to help refine a reference design and build an example standards-based implementation. To learn more, read the Validating the Integrity of Computing Devices project description.
If you would like to join the Supply Chain Community of Interest to help guide this project and provide feedback, please email us at supplychain-nccoe@nist.gov.
