iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 20243-2:2018

(Main)

Information technology — Open Trusted Technology ProviderTM Standard (O-TTPS) — Mitigating maliciously tainted and counterfeit products — Part 2: Assessment procedures for the O-TTPS and ISO/IEC 20243-1:2018

Information technology — Open Trusted Technology ProviderTM Standard (O-TTPS) — Mitigating maliciously tainted and counterfeit products — Part 2: Assessment procedures for the O-TTPS and ISO/IEC 20243-1:2018

ISO/IEC 20243-2:2018 specifies the procedures to be utilized by an assessor when conducting a conformity assessment to the mandatory requirements in the Open Trusted Technology Provider? Standard (O-TTPS).1 These Assessment Procedures are intended to ensure the repeatability, reproducibility, and objectivity of assessments against the O-TTPS. Though the primary audience for this document is the assessor, an Information Technology (IT) provider who is undergoing assessment or preparing for assessment, may also find this document useful.

Technologies de l'information — Norme de fournisseur de technologie de confiance ouverte (O-TTPS) — Atténuation des produits contrefaits et malicieusement contaminés — Partie 2: Procédures d'évaluation de l'O-TTPS et l'ISO/IEC 20243-1:2018

General Information

Status
Withdrawn
Publication Date
08-Jan-2018
ICS
13.310 - Protection against crime
35.030 - IT Security
Technical Committee
ISO/IEC JTC 1 - Information technology
Drafting Committee
ISO/IEC JTC 1 - Information technology
Current Stage
9599 - Withdrawal of International Standard
Completion Date
24-Nov-2023
Ref Project

Relations

Revised
ISO/IEC 20243-2:2023 - Information technology — Open Trusted Technology ProviderTM Standard (O-TTPS) — Part 2: Assessment procedures for the O-TTPS
Effective Date
14-Jan-2023
Revised
ISO/IEC 20243:2015 - Information Technology — Open Trusted Technology ProviderTM Standard (O-TTPS) — Mitigating maliciously tainted and counterfeit products
Effective Date
26-Aug-2017

Buy Standard

ISO/IEC 20243-2:2018 - Information technology -- Open Trusted Technology ProviderTM Standard (O-TTPS) -- Mitigating maliciously tainted and counterfeit productsISO/IEC 20243-2:2018 - Information technology -- Open Trusted Technology ProviderTM Standard (O-TTPS) -- Mitigating maliciously tainted and counterfeit products
PreviousNext
Standard
ISO/IEC 20243-2:2018 - Information technology -- Open Trusted Technology ProviderTM Standard (O-TTPS) -- Mitigating maliciously tainted and counterfeit products
English language
33 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 20243-2
First edition
2018-01
Information technology — Open
TM
Trusted Technology Provider
Standard (O-TTPS) — Mitigating
maliciously tainted and counterfeit
products —
Part 2:
Assessment procedures for the O-TTPS
and ISO/IEC 20243-1:2018
Technologies de l'information — Norme de fournisseur de technologie
de confiance ouverte (O-TTPS) — Atténuation des produits contrefaits
et malicieusement contaminés —
Partie 2: Procédures d'évaluation de l'O-TTPS et l'ISO/IEC 20243-
1:2018
Reference number
ISO/IEC 20243-2:2018(E)
©
ISO/IEC 2018

---------------------- Page: 1 ----------------------
ISO/IEC 20243-2:2018(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2018
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
Published in Switzerland
ii © ISO/IEC 2018 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 20243-2:2018(E)
Contents
1.  Introduction . 1
1.1  Scope . 1
1.2  Normative References . 1
1.3  Terms and Definitions . 1
1.3.1  Distributor . 1
1.3.2  Evidence of Conformance . 1
1.3.3  Implementation Evidence . 1
1.3.4  O-TTPS Requirements . 1
1.3.5  Organization . 1
1.3.6  Pass-Through Reseller . 2
1.3.7  Process Evidence . 2
1.3.8  Scope of Assessment . 2
1.3.9  Selected Representative Product . 2
2.  General Concepts . 3
2.1  The O-TTPS . 3
2.2  Assessment Concepts: Relevance of Scope of Assessment and Selected Representative Products . 3
2.3  Relevance of IT Technology Provider Categories in the Supply Chain . 4
3.  Assessment Requirements . 6
3.1  General Requirements for Assessor Activities . 6
3.1.1  General Requirements for Evidence of Conformance . 6
4.  Assessor Activities for O-TTPS Requirements . 8
4.1  PD_DES: Software/Firmware/Hardware Design Process . 8
4.2  PD_CFM: Configuration Management . 9
4.3  PD_MPP: Well-defined Development/Engineering Method Process and Practices . 11
4.4  PD_QAT: Quality and Test Management .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC 20243-2:2023(Main)
Information technology — Open Trusted Technology ProviderTM Standard (O-TTPS) — Part 2: Assessment procedures for the O-TTPS

ISO/IEC 20243-2:2018 specifies the procedures to be utilized by an assessor when conducting a conformity assessment to the mandatory requirements in the Open Trusted Technology Provider? Standard (O-TTPS).1 These Assessment Procedures are intended to ensure the repeatability, reproducibility, and objectivity of assessments against the O-TTPS. Though the primary audience for this document is the assessor, an Information Technology (IT) provider who is undergoing assessment or preparing for assessment, may also find this document useful.

  • Standard
    50 pages
    English language
    sale 15% off
  • Draft
    50 pages
    English language
    sale 15% off
ISO
ISO/IEC 20243-1:2023(Main)
Information technology — Open Trusted Technology ProviderTM Standard (O-TTPS) — Part 1: Requirements and recommendations for mitigating maliciously tainted and counterfeit products

ISO/IEC 20243-1:2018 (O-TTPS) is a set of guidelines, requirements, and recommendations that address specific threats to the integrity of hardware and software COTS ICT products throughout the product life cycle. This release of the Standard addresses threats related to maliciously tainted and counterfeit products. The provider's product life cycle includes the work it does designing and developing products, as well as the supply chain aspects of that life cycle, collectively extending through the following phases: design, sourcing, build, fulfillment, distribution, sustainment, and disposal. While this Standard cannot fully address threats that originate wholly outside any span of control of the provider ? for example, a counterfeiter producing a fake printed circuit board assembly that has no original linkage to the Original Equipment Manufacturer (OEM) ? the practices detailed in the Standard will provide some level of mitigation. An example of such a practice would be the use of security labeling techniques in legitimate products.

  • Standard
    31 pages
    English language
    sale 15% off
  • Draft
    31 pages
    English language
    sale 15% off
ISO
ISO/IEC 20243-2:2023(Main)
Information technology — Open Trusted Technology ProviderTM Standard (O-TTPS) — Part 2: Assessment procedures for the O-TTPS

ISO/IEC 20243-2:2018 specifies the procedures to be utilized by an assessor when conducting a conformity assessment to the mandatory requirements in the Open Trusted Technology Provider? Standard (O-TTPS).1 These Assessment Procedures are intended to ensure the repeatability, reproducibility, and objectivity of assessments against the O-TTPS. Though the primary audience for this document is the assessor, an Information Technology (IT) provider who is undergoing assessment or preparing for assessment, may also find this document useful.

  • Standard
    50 pages
    English language
    sale 15% off
  • Draft
    50 pages
    English language
    sale 15% off
ISO
ISO/IEC 20243-1:2023(Main)
Information technology — Open Trusted Technology ProviderTM Standard (O-TTPS) — Part 1: Requirements and recommendations for mitigating maliciously tainted and counterfeit products

ISO/IEC 20243-1:2018 (O-TTPS) is a set of guidelines, requirements, and recommendations that address specific threats to the integrity of hardware and software COTS ICT products throughout the product life cycle. This release of the Standard addresses threats related to maliciously tainted and counterfeit products. The provider's product life cycle includes the work it does designing and developing products, as well as the supply chain aspects of that life cycle, collectively extending through the following phases: design, sourcing, build, fulfillment, distribution, sustainment, and disposal. While this Standard cannot fully address threats that originate wholly outside any span of control of the provider ? for example, a counterfeiter producing a fake printed circuit board assembly that has no original linkage to the Original Equipment Manufacturer (OEM) ? the practices detailed in the Standard will provide some level of mitigation. An example of such a practice would be the use of security labeling techniques in legitimate products.

  • Standard
    31 pages
    English language
    sale 15% off
  • Draft
    31 pages
    English language
    sale 15% off
ISO
ISO 21978:2023(Main)
Air to water heat pumps — Testing and rating at part load conditions and calculation of seasonal coefficient of performance for space heating

This document specifies test conditions for determining the seasonal performance characteristics of air to water heat pumps for space heating with electrically driven compressors with or without supplementary heater. In the case of air to water heat pumps for space heating consisting of several parts with refrigerant or water connections, this document applies only to those designed and supplied as a complete package. The seasonal coefficient of performance depends, inter alia, on the climate conditions and temperature regime of the space heating distribution network. This document specifies: — three design conditions, each of them being characterized by a design temperature which represents the lowest temperature that can occur in that design condition; — three water temperature distribution regimes, namely “temperature application” in the text. This document also provides a full description of three heating seasons that can be used with the associated design conditions.

  • Standard
    50 pages
    English language
    sale 15% off
  • Draft
    49 pages
    English language
    sale 15% off
  • Draft
    49 pages
    English language
    sale 15% off
ISO
ISO 24438:2023(Main)
Ships and marine technology — Maritime education and training — Maritime career guidance

This document provides a powerful decision-making tool for persons that either have clear professional development goals or uncertainties related to the progression of their career paths, including minimum education and training requirements for many of the maritime-related occupations. It aims to assist candidates to take the necessary steps to meet their goals. This document seeks to assist professionals in (or those who would like to enter) the maritime sector, on board or ashore, in determining their professional goals, establishing how to achieve them through this proactive tool, taking into consideration: — personal circumstances and academic background; — previous work experience, knowledge and skills; — short, medium and long-term ambitions; — changing education and training requirements resulting from continual industry evolution; — current and future job opportunities, — impact of technology, and — shifting personal interests, attitudes, abilities, and goals. This document helps identify many of the potential jobs within the maritime industry, on board and ashore, in order to provide alternative career paths.

  • Standard
    17 pages
    English language
    sale 15% off
  • Draft
    16 pages
    English language
    sale 15% off
  • Draft
    16 pages
    English language
    sale 15% off
ISO
ISO 3951-6:2023(Main)
Sampling procedures for inspection by variables — Part 6: Specification for single sampling plans for isolated lot inspection indexed by limiting quality (LQ)

This document specifies an acceptance sampling system of single sampling plans for inspection by variables, primarily designed for use under the following conditions: a) where the inspection procedure is applied to an isolated lot of discrete products all supplied by one producer using one production process; b) where only a single quality characteristic, x, of this process is taken into consideration, which is measurable on a continuous scale; c) where the quality characteristic, x, is distributed according to a normal distribution or a close approximation to a normal distribution; d) where the quality characteristic can be measured without error or with moderate measurement error; e) where a contract or standard defines a lower specification limit, L, an upper specification limit, U, or both; an item is qualified as conforming if and only if its measured quality characteristic, x, satisfies the appropriate one of the following inequalities: 1) x ≥ L (i.e. the lower specification limit is not violated); 2) x ≤ U (i.e. the upper specification limit is not violated); 3) x ≥ L and x ≤ U (i.e. neither the lower nor the upper specification limit is violated). Inequalities 1) and 2) are cases with a single specification limit, whereas inequality 3) is a case with double specification limits. Where double specification limits apply, it is assumed in this document that conformance to both specification limits is equally important to the integrity of the product. In such cases, it is appropriate to apply a single LQ to the combined fraction of a product outside the two specification limits. This is referred to as combined control.

  • Standard
    80 pages
    English language
    sale 15% off
  • Draft
    82 pages
    English language
    sale 15% off
  • Draft
    82 pages
    English language
    sale 15% off
ISO
ISO 16478:2023(Main)
Thermal insulation products — Vacuum insulation panels (VIPs) — Specification

This document: — defines requirements for vacuum insulation panels (VIPs) with silica or glass fibre core, which are used for thermal insulation of buildings; — outlines required product properties, their performance, test methods and rules for conformity evaluations, identification and labelling; — provides a test method to determine ageing factors and the influence of the linear thermal bridges at the edges. This document is applicable to all types of silica and glass fibre core VIPs, independent of the type of envelope. In the case of a glass fibre core VIP, it is only applicable to VIPs with desiccants whose service life is ≥ 25 years. This document is not applicable to: — any specific installation and application requirements; — products intended to be used for the insulation of building equipment and industrial installations.

  • Standard
    52 pages
    English language
    sale 15% off
  • Draft
    52 pages
    English language
    sale 15% off
  • Draft
    52 pages
    English language
    sale 15% off
ISO
ISO 12643-1:2023(Main)
Graphic technology — Safety requirements for graphic technology equipment and systems — Part 1: General requirements

This document provides safety specifications for the design and construction of new equipment used in prepress systems, printing press systems, binding and finishing systems, converting systems, corrugated board manufacturing systems and stand‑alone platen presses. It is applicable to equipment used in stand-alone mode, or in combination with other machines, including ancillary equipment, in which all the machine actuators (e.g. drives) of the equipment are controlled by the same control system. The requirements given in this document are applicable to the equipment covered by ISO 12643 (all parts), unless otherwise noted. This document is intended to be used in conjunction with the applicable part of ISO 12643 that contains additional requirements specific to a particular type of equipment. This document addresses recognized significant hazards specific to equipment and systems in the following areas: — mechanical; — electrical; — slipping, tripping, falling; — ergonomics; — noise; — UV and laser radiation; — fire and explosion; — thermal; — substances and material used for processing; — failure, malfunction of control system; — other types of emissions [e.g. ozone, ink mist, volatile organic compounds (VOCs), etc.]. This document is not applicable to: — equipment manufactured before the date of its publication; — ordinary office equipment for digital printing and paper processing, such as digital printers, copiers, sorters, binders and staplers, which is intended for use outside the printing and paper industry; — winder-slitters and sheeters in paper finishing (sheeters with unwinders); — office-type collating machines equipped with friction feeders; — mail processing machines; — machines used for filling packages (such as machines for shaping, filling, and closing the package); and — textile printing presses. The safety principles established in this document can also be applicable to the design of equipment within areas of technology that are not specified in ISO 12643 (all parts).

  • Standard
    110 pages
    English language
    sale 15% off
  • Standard
    121 pages
    French language
    sale 15% off
  • Draft
    110 pages
    English language
    sale 15% off
  • Draft
    111 pages
    English language
    sale 15% off
  • Draft
    111 pages
    English language
    sale 15% off
  • Draft
    120 pages
    French language
    sale 15% off
  • Draft
    122 pages
    French language
    sale 15% off
ISO
ISO 12643-4:2023(Main)
Graphic technology — Safety requirements for graphic technology equipment and systems — Part 4: Converting equipment and systems

This document deals with all significant hazards, hazardous situations or hazardous events relevant to converting equipment and systems used in the corrugated board, package printing, converting and graphic technology industries (see Clause 5), when it is used as intended and under conditions of misuse which are reasonably foreseeable by the manufacturer. This document is applicable to converting equipment not covered by other parts of ISO 12643. This document is not applicable to the machinery or machinery components manufactured before the date of its publication.

  • Standard
    80 pages
    English language
    sale 15% off
  • Standard
    81 pages
    French language
    sale 15% off
  • Draft
    80 pages
    English language
    sale 15% off
  • Draft
    80 pages
    English language
    sale 15% off
  • Draft
    84 pages
    French language
    sale 15% off