From Compliance Checklists to Cryptographic Evidence: Using Trusted Computing to Reduce Counterfeit Risk Across the Supply Chain

Thorsten Stremlau [Trusted Computing Group]

Abstract: 

Counterfeit risk is no longer limited to physical component substitution. As supply chains become increasingly software-defined, threats now extend to firmware tampering, device identity spoofing, and unauthorized lifecycle modification. At the same time, reliance on documentation, process audits, and periodic inspections continues to dominate assurance models, despite offering only limited, point-in-time visibility. These approaches struggle to scale and often fail to detect sophisticated, digitally mediated forms of counterfeiting. To address these challenges, the Trusted Computing Group (TCG) has developed a set of standards and technologies that enable cryptographically verifiable evidence of system integrity and provenance. By leveraging hardware roots of trust, measured boot, and platform certificates, organizations can move beyond static compliance frameworks toward continuous, objective validation of device identity and firmware state. This presentation explores how these capabilities can be integrated into existing supply chain security practices to strengthen the detection and prevention of counterfeit components. It will demonstrate how TCG technologies can complement established mechanisms by anchoring them to trusted, tamper-resistant measurements, improving traceability across the product lifecycle. Attendees will gain insight into how cryptographic attestation can reduce audit burden, enhance trust between suppliers and buyers, and provide a scalable foundation for modern supply chain assurance. Real-world scenarios will illustrate how these approaches can be applied to detect anomalies, verify authenticity, and maintain integrity from manufacturing through deployment and beyond. By shifting from checklist-driven compliance to evidence-based trust, organizations can better defend against evolving counterfeit risks while future-proofing their supply chain security strategies.

Biography: 

Dr. Diganta Das

For more information or questions regarding the technical program (including Professional Development Courses), contact the Conference Chair, Dr. Diganta Das

Kristin Nafstad

For more information or questions regarding event logistics, exhibitions, and sponsorship, contact Kristin Nafstad.