The Open Group releases Global Technology Supply Chain Security Standard

The Open Group announces the publication of the Open Trusted Technology Provider Standard (O-TTPS)™, the first complete standard published by The Open Group Trusted Technology Forum (OTTF)™ and which will benefit global providers and acquirers of Commercial Off-the-Shelf (COTS) Information and Communication Technology (ICT) products. This open standard is the first of its kind to help organizations achieve Trusted Technology Provider status, assuring the integrity of COTS ICT products worldwide and safeguarding the global supply chain against the increased sophistication of Cybersecurity attacks.

  • Thursday, 11th April 2013 Posted 11 years ago in by Phil Alsop

Specifically intended to prevent maliciously tainted and counterfeit products from entering the supply chain, this first release of the O-TTPS codifies best practices across the entire COTS ICT product lifecycle, including the design, sourcing, build, fulfilment, distribution, sustainment, and disposal phases.


The O-TTPS will enable organizations to implement best practice requirements and allow all providers, component suppliers and integrators to obtain Trusted Technology Provider status. For customers, including government acquirers, O-TTPS can differentiate those providers who adopt the standard’s practices. Thus raising the bar globally by helping the technology industry and its customers to “Build with Integrity, Buy with Confidence.”™.


Tainted and counterfeit products pose significant risk to organizations because altered or non-genuine products introduce the possibility of untracked malicious behavior or poor performance. Both product risks can damage customers and suppliers resulting in failed or inferior products, revenue and brand equity loss, and disclosure of intellectual property. The increase in sophistication of cyber-attacks has forced technology suppliers and governments to take a more comprehensive approach to risk management as it applies to product integrity and supply chain security. Customers are now seeking assurances that their providers are following standards to mitigate the risks of tainted and counterfeit components, while providers of COTS ICT are focusing on protecting the integrity of their products and services as they move through the global supply chain.


The OTTF is now working to develop an accreditation program to help provide assurance that Trusted Technology Providers conform to the O-TTPS. The planned accreditation program is intended to mitigate maliciously tainted and counterfeit products by raising the assurance bar for component suppliers, technology providers, and integrators, who are part of and depend on the global supply chain. Using the guidelines and best practices documented in the O-TTPS as a basis, the OTTF will also release updated versions of the O-TTPS based on changes to the threat landscape.


The launch of the O-TTPS follows the release of a draft or ‘Snapshot’ version, which became available in March 2012.