Abstract: Clients require greater security assurance, driving new requirements in system solutions and the supply chain. Documenting compliance to security regulations for product offerings can inundate OEMs and their suppliers with requests for security information. Achieving certification to an industry standard can drive systemic implementation of best practices, satisfy client requirements and their requests for information. Clients and suppliers both benefit from the O-TTPS certification of a product family. Clients can view the Open Group website and gain confidence in the security of certified product solutions even before engaging with the supplier. In pursuing certification, OEMs drive suppliers to implement and leverage best practices in supply chain security such as Risk Management, Trusted Technology Components and Counterfeit Mitigation that benefit the supplier, the OEM, the end client, and the industry. A collaborative team across supply chain and security organizations evaluated various security standards to pursue certification and selected the Open Trusted Technology ProviderTM Standard (O-TTPS) / ISO 20243. The team was able to achieve certification in 2020. The focus on certification was timely, as additional industry security requirements continue to be posted, such as the Critical Infrastructure Protection requirements dictated for the Energy & Utility industry by the North American Transmission Forum. The documentation assembled for certification can assist in responding to client requests, even when complete alignment is lacking. This presentation will share some comparison of standards and industry sector requirements, review the elements required for O-TTPS certification across Product Development, Secure Engineering and Supply Chain Security, as well as provide examples of best practices aligning with the supply chain requirements.

Bio: Christine Bunke is a senior engineer in IBM Systems Supply Chain Engineering (SCE) group. She holds a B.S. degree in chemistry from California Polytechnic State University at San Luis Obispo and the M.S. degree in chemical engineering from University of California at Santa Barbara.Currently she is in IBM’s SCE Client Quality team where she is responsible for quality management across Systems Products where she leads teams globally to drive process improvements. She represents SC to maintain corporate ISO 9001 standards and is a member of the SC Cybersecurity team.She has worked at IBM silicon wafer fabricators in East Fishkill, New York and Burlington, Vermont where she worked in various positions including lead integrator in the copper back end of line for 90nm to 22nm ground rules technologies. After the IBM divestiture of its 300mm fabricator, she transitioned into a fabless semiconductor role developing technologies up to the 7nm technology for IBM’s high performance computing mainframe prod

Bio: Marie Cole is a Distinguished Engineer in IBM Systems Supply Chain Engineering with more than 30 years of industry experience. She joined IBM after completing a B.S. in Chemical Engineering from Rensselaer Polytechnic Institute and then earned an M.S. in Materials Science from Columbia University. She is a recognized industry expert in electronic packaging materials, with a focus on environmental initiatives and reliability. Marie has led the development of and improvements to microelectronic packaging, card assembly processes and hardware sub-systems. Her recent technical leadership responsibilities include supply chain security. Marie holds several US Patents and has published numerous technical papers. She is a member of the IBM Academy of Technology and has received several IBM and industry technical awards. She has served on the Board of Directors for several industry organizations and is an active volunteer for the SMTA.