https://ift.tt/2zaxEZA

Business Wire India


The Open Group, a vendor-neutral technology standards consortium, hosted a virtual sensitization session on ISO/IEC 20243-2018 [Open Trusted Technology Provider™ Standard (O-TTPS)] for Senior Indian Government Officials and Regulators on Thursday, 2nd December 2021.

In continuation to The Open Group ongoing endeavor in building awareness and adoption of this standard in India, it organized a virtual session which was the first of its kind sensitization session. The session shared information about the standard, its usage in different industries and departments, and use cases from government-wide procurement process in the US Government. It was attended by seventy officers from the Ministry of Electronics and Information Technology, Ministry of Power, Standardisation Testing and Quality Certification, Centre for Development of Advanced Computing, National Informatics Centre, Central Power Research Institute, Indian Railways, and Indian Institute of Science.

The Open Group provided an overview of the standard and industries where it is being adopted. The O-TTPS is a set of guidelines, recommendations, and requirements that help address the issue of maliciously tainted and counterfeit hardware and software products throughout the commercial off-the-shelf (COTS) information and communication technology product lifecycles. The standard includes best practices throughout all phases of the product life cycle spanning design, sourcing, development, fulfillment, distribution, sustenance, and disposal, thus enhancing the integrity of technology products and the security of their global supply chains. More information about the standard is available at:
 
Joanne Woytek, Program Manager from NASA's Solution for Enterprise-Wide Procurement (SEWP) provided insights into the use of the standard by their supplier group and its valuable contribution in enhancing the procurement process. The SEWP is a premier Government-Wide Acquisition Contract (GWAC) providing federal agencies access to the latest in Information and Communication Technology product solutions, managed by NASA.

The main points and the key takeaways from the session were:
  • The significance of the standard against maliciously tainted and counterfeit hardware and software products throughout commercial off-the-shelf information and communication technology product lifecycles.
  • NASA's use of the standard while being aware that there is some risk and uncertainly involved in the supply chain and being vigilant about it as an imperative. Additionally, ensuring that the process of education and keeping their customer/suppliers updated and aware about their policies and standard usage.
  • The role of the standard for India in securing India’s critical infrastructures like Power, Telecom, Railways, and Banking. The need for wider awareness among various stakeholders covering consumers, integrators, component suppliers, certification authority, and standards bodies was accentuated during the interactions.
  • The necessity to create an implementation guide suited to the Indian context and its industries. This will help in a better understanding of the standard and its adoption process for various industries that use information and communication technology products.

In his keynote address at the Sydney Dialogue on 18th November 2021, Prime Minister Modi spoke about India’s efforts towards creating and operating with trusted supply chains. In this regard, the Department of Telecom launched the Trusted Telecom Portal effective from June 15th, 2021. Taking the same thread forward with concrete action, the Standardisation Testing and Quality Certification (STQC) Directorate of the MeitY has recently launched the Trusted Electronics Value Chain Certification Scheme (TEVCCS). This scheme is derived from and aligned with the ISO 20243:2018. This impacts design, development, manufacturing, procurement, and deployment activities in the entire telecom sector. After the Telecom Sector, India released the cybersecurity guidelines for the power sector. There is a heavy emphasis on trusted providers in the Power Sector's Cybersecurity Guidelines with two of its main objectives being the reduction of cyber supply chain risks and use of open standards and in that context the O-TTPS being mentioned as one of the standards for compliance signaling the relevance and timeliness of the session.

The Open Group has constantly strived to lead the field in technology standards services, certifications, research, and training worldwide. “With supply chain cybersecurity emerging as one of the most important priorities in protecting our critical infrastructures, this sensitization session demonstrates our vision and commitment to open standards and accentuating its adoption as a public good. We aim to continue more such sessions to cover other stakeholders in India,” states Dr. Pallab Saha, General Manager, The Open Group (India).

Advertisements

Post a Comment

Comment

Previous Post Next Post