Toward a Trusted Supply chain: A Risk Based Approach to Managing Software Integrity

Cybersecurity policy & resilienceWhitepaper

As the integrity of ICT systems become progressively critical to a nation’s well-being, governments are increasingly concerned about the threat to their systems through the global supply chain for technology products. These concerns stem from the fear that an adversary might tamper with products during their development, manufacturing, or delivery.

Server data center with white blurred framing

For Microsoft, the protection of our supply chain is not new and we hope that some of the lessons we have learned can be applied elsewhere. This White Paper describes Microsoft’s framework for incorporating software integrity risk-management practices in both the product development process and online services operations, outlining:

  • The steps that Microsoft takes to develop and implement a risk-based approach to managing software integrity risks and
  • Specific security and software integrity measures that help reduce the risk of attacks on the product supply chain.

Recent posts

    List Item Template
  • [=:title:]

    Read more
  • Xml Url
    https://www.microsoft.com/en-us/cybersecurity/RecentPost.xml
    display item count
    7
    Blue geometric shapes and blue lasers

    About Microsoft's Cybersecurity Policy Team

    Microsoft’s cybersecurity policy team partners with governments and policymakers around the world, blending technical acumen with legal and policy expertise. By identifying strategic issues, assessing the impacts of policies and regulations, leading by example, and driving groundbreaking research, we help to promote a more secure online environment.