Advancing Industrywide Compute Lifecycle Assurance

Assurance Begins with Security-First Design and Extends Throughout the Compute Lifecycle

By Leslie Culbertson

The globalization of technology design, development, manufacturing and distribution has created an environment of complicated supply chains with limited transparency. There is a growing need to provide assurances of platform integrity in every stage of the compute lifecycle, and to do so in a manner that is as transparent as possible. Government agencies, commercial organizations and consumers deserve this transparency and the benefit it can bring for improved platform security and resiliency.

This presents both an incredible challenge and opportunity for the ecosystem. Today, Intel is responding to the challenge with the introduction of our Compute Lifecycle Assurance Initiative.

We have tackled big, complex problems like this before and we are doing it again. Intel has already taken several important steps toward supply chain transparency. We actively led and collaborated with the industry to influence policies and processes concerning the use of conflict-free minerals — not only for Intel products — but across the industry. In addition, we have already developed a set of policies and procedures at our own factories to validate where and when every component of a server was manufactured. These examples represent an important beginning, and there is more that can be done.

In today’s increasingly complex environment, we want to provide our customers with a full range of tools and solutions that deliver assurances of integrity throughout the entire lifetime of a platform. This starts with a security-first approach to design. It continues as platforms change custody, ownership and physical location several times during their assembly, transportation and provisioning. Once operational, they may then require updates for optimal performance and security. Finally upon retirement from service, platforms should ensure the confidentiality of data that was transmitted, erased or stored.

The industry needs an end-to-end framework that can be applied across this multiyear life of any platform. And that is our goal with the Compute Lifecycle Assurance Initiative — to substantially improve transparency and to provide higher levels of assurance that improve integrity, resilience and security during the entire platform lifecycle.

More: Introduction to Compute Lifecycle Assurance | Security News at Intel

We have identified four key lifecycle stages: build, transfer, operate and retire. Over the next year, we commit to:

  • Invest in tools and processes that improve the integrity of Intel computing products across every lifecycle stage, building on the Transparent Supply Chain tools we have today.
  • Contribute best practices, learned from our decades of experience, for the collection, measurement, stewardship and reporting of platform data to meet our customers’ evolving needs.
  • Collaborate with the ecosystem to develop innovative ways that enhance access to platform data while maintaining confidentiality of that data across the platform lifecycle.
The stages of Compute Lifecycle Assurance. (Credit: Intel Corporation)

Challenges to overcome

We believe a broader set of commercial enterprises from around the world will find value in this level of assurance for validation, compliance and governance. In the next 12 to 18 months, we expect to see growing interest from our customers, partners and government oversight organizations to improve transparency beyond the manufacturing supply chain to also include transportation, provisioning, attestation and in-field updates.

We’re in a unique and fortunate position as a trusted member of the ecosystem and as a leader in the transparency of our own supply chain. We intend to use this position to help mobilize the industry at large and to anticipate the needs of our global — and mutual — customers.

These are early days, and we know we can’t do this alone. We invite the broader ecosystem to join us on this journey. Together with our partners and customers, we will continue to build a more trusted foundation for all computing systems.

Leslie S. Culbertson is an executive vice president and general manager of Product Assurance and Security at Intel Corporation. Follow Leslie on Twitter: @LeslieCulberts

Über Intel

Intel (NASDAQ: INTC) ist ein führendes Unternehmen in der Halbleiterindustrie. Mit Hilfe von Computer- und Kommunikationstechnologien, die die Basis weltweiter Innovationen bilden, gestaltet Intel eine datenzentrierte Zukunft. Intels Know-how trägt dazu bei, die großen Herausforderungen der Welt zu meistern und Milliarden von Geräten sowie die Infrastruktur der intelligenten, vernetzten Welt zu schützen, weiterzuentwickeln und zu verbinden – von der Cloud über das Netzwerk bis hin zu allem, was dazwischen liegt.
Weitere Informationen über Intel finden Sie unter intel.de/newsroom and intel.de.

Intel und das Intel-Logo sind Marken der Intel Corporation in den USA und anderen Ländern.

*Andere Marken oder Produktnamen sind Eigentum der jeweiligen Inhaber