The Launch of the Open Trusted Technology Provider Standard

Over the past couple of years, I’ve been working with The Open Group Trusted Technology Forum (OTTF) on the development of a new standard to help mitigate maliciously tainted and counterfeit products.

Over the past couple of years, I’ve been working with The Open Group Trusted Technology Forum (OTTF) on the development of a new standard to help mitigate maliciously tainted and counterfeit products. I’ve written and spoken about some of the key developments:

  • Shortly after the launch of the OTTF in January 2011, I wrote about how supply chain integrity was a very hot item and how The Open Group’s approach seemed very promising.

  • In the summer of 2011, I participated in a podcast about “filling the gap for building trusted supply chain accreditation.”

  • In the fall of 2011, I wrote about presenting to the International Common Criteria Conference in Kuala Lumpur about the work we were doing and how it was not a competitor to CC but rather was complimentary.

  • In April 2012, I blogged about The Open Group’s Dave Lounsbury and his testimony to the House Energy and Commerce Oversight Committee on supply chain integrity and security.

  • At the RSA Conference in February 2013, I joined a panel discussing the choice between accrediting an organization versus certifying a product.

Now with the recent publication of the Open Trusted Technology Provider Standard (O-TTPS) for the first time Commercial Off the Shelf (COTS) Information and Communication (ICT) providers have a common framework to use for supply chain assurance.

This is a significant development.

Prior to this standard there really wasn’t any one program that was looking at the dimensions covered by OTTF. The strong group of providers working together to build this framework is quite impressive. Here’s what some of them are saying about the new standard:

So what’s next?

A pilot of the accreditation program will take us into late fall. We’ll take the lessons learned from the pilot and apply them, and by early next year, any provider will be able to sign up to get their organization the mark as a “Trusted Technology Provider.”

As ICT providers get on the list, they will ask their suppliers to get accredited and this will work its way down the “chain.” Suppliers that don’t get accredited will hopefully feel the pressure to get on the list. Remember the O-TTPS describes the best practices for the COTS ICT product life cycle the phases of design, sourcing, build, fulfillment, distribution, sustainment, and disposal. And the goal of this standard is to help guard against maliciously tainted and counterfeit products.

The only way to do that is for all “links” in the chain to follow the same best practices. Look for the O-TTPS to play a key role in reaching that objective.

Written by

Joshua Brickman

Joshua Brickman, PMP (Project Management Professional), runs CA Technologies Federal Certifications Program. He has led…

Published in

View this topic
  • James Holland

    This is great. Hooray for Disney’s imagineers!


    become a new brand in the share market research with its accurate research. Proven
    itself always right whether market is bull or bear. Last week all paid clients
    booked handsome profit in NIFTY, BANKINIFTY & STOCKS. Now for the coming
    week we expect more correction can come in NIFTY as the IRAQ issue is getting
    more tense, If it happens more then you will see a sharp fall in all world marketNSE BSE, STOCK TIPSbecause as we know all world run on
    crude & most of the crude comes from IRAQ. So be ready for a sharp fall so
    sell will be the best strategy for next week also. Traders can make a sell
    position in NIFTY around 7600-7650 with stoploss 7750 for the target of
    7300-7200.One can also make a sell call NIFTY 50 stocks as per NIFTY levels. You
    can also take our two days free trial to check our accuracy. For further updates
    you can visit our website.



  • king lear

    testing comment functionality, please do not publish this

  • Rachel Macik

    Love the personal pic :)

  • Plutora Inc

    This is a good case study. 2.3 sec’s off a login transaction is big.