Intel is helping companies verify system users’ identities and system integrity due to the proliferation of IoT attack surfaces, the increase in firmware-based attacks on hardware and the growing threats to systems throughout their lifecycles.

Because of these threats, companies are embracing the zero-trust mode.

For the past decade, it’s been common practice for IT teams to require end users to authenticate themselves before being granted access to a system or network. But in a zero-trust world, this requirement extends beyond the user.

Neither the system nor its components are assumed secure at any given time. This drives companies to verify not just the identity of system users, but the integrity of the systems themselves in every phase of the lifecycle.

To facilitate this zero-trust model, Intel continues to embrace and innovate its Compute Lifecycle Assurance (CLA) initiative. CLA is a framework that helps analyse and address the security and integrity of a system and its components across its lifecycle.

Intel breaks the lifecycle into four distinct stages: build, operate, transfer and retire. CPUs and other compute elements can be at risk because of counterfeiting, tampering or even out-of-date firmware versions. And, in many cases, IT has no visibility into the problems. Attacks can occur in manufacturing during the build stage or during day-to-day use in the operate stage.

To help build zero trust across the CLA framework, Intel offers Transparent Supply Chain – a set of tools, policies and procedures implemented on the factory floor at PC and server manufacturers. It helps enterprises verify the authenticity and firmware versions of systems and their components.

During manufacture and assembly, there is some risk that systems could receive counterfeit or replacement parts, which may be malicious or unintentionally vulnerable to future attacks. CLA recommends companies verify that what they ordered is what they received – not just at the system level, but at the component level if the component runs active firmware. Active firmware can be a path into hardware; it is important that it has not been tampered with and that it is up to date.

Transparent Supply Chain captures information on the hardware components as they are assembled directly from a shop floor control unit. It stores the data securely and uniquely on each device, providing users the ability to retrieve the data themselves and view their system’s full bill of materials and traceability report. A digitally signed statement of conformance for every platform attests to the authenticity of each platform. This allows, for example, a laptop manufacturer to verify the authenticity of components in a motherboard or server, installed firmware and the system configuration by capturing all the production information and sending it securely to a remote server for verification later.

Systems can be tampered with or compromised while they are physically in transit from the site of manufacture to their final location. For example, a solid-state drive shipped to an original design manufacturer for integration into a computing system could be tampered with by having the drive’s firmware replaced with a malicious version.

Organisations work hard to eliminate these types of problems through methods including facility security requirements, such as closed-circuit cameras, access controls and more, but also with layers of transport security such as tamper-evident packaging, security reviews of shipping lanes, locks, container integrity and GPS tracking.

The Transparent Supply Chain technology helps users determine if a system has been tampered with in transit by verifying critical elements, such as that active firmware arrives in the state in which it is expected.

There are several subphases within the operate state, each with its own risks, such as provisioning whether on-site or remote, daily use and updates. CLA recommends, at minimum, verifying system integrity prior to provisioning a system to the network or assigning it to an end user.

For even higher levels of security, companies can require systems to self-authenticate every time they attempt to access the network to ensure they are in a known good state. This means verifying between uses that the system firmware is up to date and has not been tampered with, and that the physical components on the system such as the solid-state drives have not been swapped out for unknown replacements.

Transparent Supply Chain technology generates platform certificates linked to discrete trusted platform modules that provide system-level traceability from a hardware root of trust. This helps ensure that when a user takes possession of a computing system, it is tamper-free before releasing control to the operating system. It delivers component-level traceability via a direct platform data file that contains all integrated components including processor, storage, memory and add-in cards.

An auto verification tool compares the direct platform data so the user can identify certain system changes from the time of manufacturing to the time of first boot.

Often systems or their components are re-used in second-life scenarios. Data need to be completely wiped, especially before being re-provisioned to a different user or for a different purpose. CLA also recommends verifying the system has been returned to IT in the same state in which it was loaned out. There should be a record of any physical component or firmware changes, including upgrades, made to the system while it was in operation, and there should be an account of each of these.

The Transparent Supply Chain tools help verify the system being returned has not been compromised. It compares components to help ensure they have not been swapped out for counterfeit parts. The technology can also read the firmware version to determine if the device is up to date with patches and safe for deployment in a new environment.