Supply Chain Risk Management

Apply SP 800-161 Rev 1 guidance [3] for diversifying the supply base to eliminate single points of failure, particularly for critical components where feasible. Where market constraints limit supplier...

Apply SP 800-161 Rev 1 guidance [3] for contractual flow-down of security requirements from prime contractors to relevant sub-tier contractors throughout the supply chain, with due diligence on upstre...

Organizations assess a sample of AI accelerators before acceptance to verify that hardware security features function as specified: that memory isolation prevents host access, attestation produces val...

Apply SP 800-161 Rev 1 guidance [3] for rigorous, continuous assessment of all suppliers against consistent baseline criteria evaluating security, integrity, resilience, quality, trustworthiness, and ...

AI accelerators within Weight Enclaves implement comprehensive tamper protection. Sensitive data must exist unencrypted during computation, making the compute cores attractive targets for physical att...

Chip providers employ anti-tamper technologies throughout the accelerator development lifecycle, including design, manufacturing, and integration phases. An attacker who can modify the chip during man...

Apply SP 800-161 Rev 1 guidance [3] for physical inspection of critical hardware components prior to initial use and periodically thereafter, using techniques such as radiographic examination, materia...

Apply SP 800-161 Rev 1 guidance [3] for prevention of counterfeit components through use of qualified bidders lists (QBL) and qualified manufacturers lists (QML). While not available to private compan...

Apply SP 800-161 Rev 1 guidance [3] for maintaining a comprehensive, criticality-based inventory of all suppliers documenting supplier identities, products provided, and assigned risk levels....