Anything that program does could send a copy of that data to a third party. A vulnerability created by a nefarious actor somewhere in the supply chain could be a switch that lies dormant until activated when it would disable the system. Depending on what system that might be, there could be devastating consequences. Two major concepts underlie the cyber supply chain security issues in the United States: 1 the United States technology sector is dependent on hardware components manufactured all over the world; and 2 the United States government is heavily dependent on commercial off-the-shelf cyber programs.
The United States, both its government and its private citizens, has become increasingly dependent on an intricate global economy. This is particularly true when it comes to technology, as the cost of manufacturing in the U. For example, the production of one iPhone involves component parts made in the U. What does this mean for an SMB? Technical debt accumulates with custom built software over time. People and developers move on to other projects and customers.
A COTS product will be supported by the vendor in the long run and you will always enjoy an upgrade path, patches, and support which is not always true of home grown or built applications.
To learn more about COTS, watch this short 3 minute video:. Are you doing enough to protect your business? COTS products should be evaluated to meet all performance and reliability requirements during all environmental conditions and service life requirements specified by the intended application requirements documents.
The Systems Engineer should ensure open system design, identification and mitigation of ESOH and security risks, survivable technology insertion, or refresh throughout the projected system life cycle. Commercial-Off-the-Shelf COTS Benefits The use of commercial-off-the-shelf COTS items, including Non-Developmental Items, can provide significant opportunities for efficiencies during system development but also can introduce certain issues that should be considered and mitigated if the program is to realize the expected benefits.
Allow faster insertion of new technology. Lower life-cycle costs by taking advantage of the more readily available and up-to-date commercial industrial base. Concerns However, regardless of the extent to which a system is made up of commercial items, the Program Manager PM and Systems Engineer still develop, integrate, test, evaluate, deliver, sustain and manage the overall system.
The vendors can embed proprietary functions into COTS products, limiting supply sources. Vendors do not have to provide design information and often restrict purchasers from reverse engineering their intellectual property.
0コメント