NCCoE publishes the third part of the supply chain assurance guide

The US National Institute of Standards and Technology (NIST) and its National Cybersecurity Center of Excellence (NCCoE) issue for public comments the third part of three volumes of the upcoming practice guide titled validating the integrity of computing devices. This preliminary draft includes specific product installation, configuration, and integration instructions for building the example implementation. The first volume was an executive summary that explained this project’s challenge, solution, and benefits. The second volume provided an overview of the project’s approach, architecture, and security characteristics. The deadline for public comments is January 17, 2022.