NIST has released the initial public draft of Interagency Report (IR) 8532, Workshop on Enhancing Security of Devices and Components Across the Supply Chain. This report summarizes the presentations and discussions at a recent workshop on semiconductor security. Participants at the in-person workshop discussed existing and emerging cybersecurity threats and mitigation techniques for semiconductors throughout their life cycle.
The workshop obtained valuable feedback from industry, academia, and government to inform NIST’s development of cybersecurity and supply chain standards, guidance, and recommended practices. The discussion focused on semiconductor development and highlighted cybersecurity measurements and metrics that utilize reference data sets to facilitate the testing, attestation, certification, verification, and validation of semiconductor components. It also emphasized the use of automated cybersecurity tools and techniques to secure manufacturing environments throughout the development life cycle.
The public comment period for this draft is open through September 16, 2024. See the publication details for a copy of the draft and instructions for submitting comments.
Security and Privacy: cybersecurity supply chain risk management, roots of trust
Technologies: circuits, semiconductors
Laws and Regulations: CHIPS and Science Act
Sectors: manufacturing