By Tom Garrison, Vice President and General Manager of Client Security Strategy
Today’s supply chains are global, complex, and often lack transparency. This creates a variety of challenges, from design and responsible sourcing to deployment and secure retirement. Most platforms change custody, ownership, and physical location several times over the course of assembly, transportation, and provisioning. To help ensure integrity at every stage of the compute lifecycle, there needs to be a security-first approach when designing, architecting, and building these technologies. To help address this problem, Intel is working with an ecosystem of customers and partners on a new Compute Lifecycle Assurance Initiative designed to provide an end-to-end framework that includes tools and solutions for increased platform integrity, resilience, and security.
To understand where this initiative is going, it is important to first look at what has been done historically. The call for assurance across the supply chain landscape has been evolving for decades. In fact, several examples have revolved around social responsibility and sustainability. For instance, The Responsible Business Alliance was formed in 2004 to help address key challenges around the rights and well-being of worldwide workers and communities. More recently, policymakers have begun to focus on supply chain risks in new ways. The 2018 SECURE Technology Act gave U.S. federal agencies new authority to consider supply chain risks when procuring products.
Technology companies have been doing their part as well. For example, over the past several years, Intel has taken several important steps toward supply chain transparency, including being one of the first to deliver Intel® Transparent Supply Chain (TSC) tools – a set of policies and procedures implemented at factories to provide visibility into the critical components that were used to manufacture the Intel-based PC or server.
Today, Intel TSC is available to customers across a variety of our platforms, including Intel® Core™ based PCs, Intel® NUC, Intel® Xeon® SP systems, and Intel® solid-state drives. In addition to our own platforms, we have enabled ecosystem partners with Intel TSC tools, including Hyve Solutions, Inspur, Lenovo (client and server), Mitac, Quanta, Supermicro, and ZT Systems.
While these have been great initial steps toward transparency and integrity, more can be done. This is the goal of Intel’s Compute Lifecycle Assurance (CLA) Initiative. A fundamental principle of this initiative is the health of device hardware and firmware across the system – not just on day one, but across all stages of the compute lifecycle. The initiative establishes an end-to-end framework that can be applied across the life of any platform to substantially improve platform integrity, resilience, and security.
As a side note, the industry working group National Telecommunications and Information Administration (NTIA) has already created a Software Bill of Materials with an initial set of deliverables that address similar challenges in the software supply chain. Similar to the way Intel is approaching the computing platform lifecycle, their work is complementary and is driving meaningful change across the software ecosystem.
To address industry concerns, Intel is committed to investing in tools and processes that improve the integrity of computing products across every lifecycle stage, building on the Transparent Supply Chain tools we have today.
We see four key stages of the Compute Lifecycle Assurance Initiative: Build, Transfer, Operate and Retire, designed to provide better insight on the state of a platform at each stage:
- Build – This phase includes the architecture and design of the Intel components, with the goal of utilizing the latest in security research findings and world-class security techniques to minimize attack surfaces. We include the manufacturing of the platforms (PCs, servers, SSDs, etc.). We believe this build phase must start from the component level and extend all the way to platform manufacturing to provide a comprehensive picture of the platform’s inception.
- Transfer – This phase extends from the manufacturing facility dock to when the device arrives at the customer site. In this phase, it is important to detect tampering, modification, or changes within the hardware, firmware, and software since the device was manufactured. We will also put mechanisms in place designed to establish who should or should not have the rights to modify the platform throughout distribution.
- Operate – The operate phase starts with the provisioning of the device and extends over the remainder of the device’s useful life. We aim to improve confidence that a system is operating in a known and trusted state at any point. One example of our goals is to provide visibility into the functional or security updates that have been applied to the platform and report whether the device is fully updated.
- Retire – This phase starts when a device is being decommissioned either permanently or for repurposing to a secondary customer/market. We will develop tools to help assure all data was confidentially wiped from the drive and the platform.
To see how Compute Lifecycle Assurance will ideally work in practice, let us look at a procurement example. When procurement places an order and receives the device on their dock, they have comprehensive visibility into that device. Under the new framework, this includes ensuring the device includes the required components that were ordered (such as processor type, SSD type, etc.) and do not include any blacklisted components from vendors that are high risk from a security or quality standpoint. Further, assurance will be provided that the device state has not changed unexpectedly from the time of manufacturing including key hardware components and firmware versions. Finally, there would be access to management tools capable of reporting on and assessing the fleet security posture with data read from each device.
Tackling assurance is critical for the industry, and collaboration is key to creating a successful CLA Initiative. Worldwide, policymakers have already begun to focus on supply chain risks in new ways.
Commercial enterprises around the world should find value in this improved level of assurance as well for validation, compliance, and governance. In the next 12 to 18 months, our teams at Intel expect to see growing interest from customers, partners, and government oversight organizations in transparency beyond just the manufacturing supply chain to include transportation, provisioning, attestation, and in-field updates. Our journey with CLA is just beginning and we invite the broader ecosystem to join us as we build a more trusted foundation for all computing systems.
About the Author
Tom Garrison is a vice president of Client Computing Group and general manager of Security Strategies and Initiatives (SSI) at Intel Corporation. He leads the team overseeing Intel’s efforts to enhance client security and to help customers and manufacturers deploy tooling and processes for greater security assurance and supply chain transparency. Garrison is responsible for the coordination and execution of Intel’s response to matters involving product function or security for client platforms. Garrison joined Intel in 1994. Prior to assuming his current role within SSI, he spent two years managing the Desktop, Commercial and Channel (DCC) team, which included Intel’s desktop, business client, and workstation businesses, as well as the Intel® Unite collaboration solution and the client channel business for the company. Prior to his role in DCC, he spent three years as the general manager of the Business Client Platforms group. Earlier in his career, he spent 17 years in the Datacenter Group leading the Datacenter Engineering and Datacenter Strategic Planning organizations. Garrison holds a bachelor’s degree in electrical engineering from Portland State University in Oregon.