1 |
International Standard, - Information security for supplier relationships - Part 1: Overview and concepts", ISO/IEC 27036-1, Apr. 2014
|
2 |
International Standard, - Information security for supplier relationships - Part 2: Requirements", ISO/IEC 27036-2, Aug. 2014
|
3 |
International Standard, - Information security for supplier relationships - Part 3: Guidelines for information and communication technology supply chain security", ISO/IEC 27036-3, Nov. 2013
|
4 |
International Standard, - Information security for supplier relationships - Part 4: Guidelines for security of cloud services", ISO/IEC 27036-4, Oct. 2016
|
5 |
International Standard, "Information technology - (O-TTPS) - Mitigating maliciously tainted and counterfeit products - Part 1: Requirements and recommendations", ISO/IEC 20243-1, Feb. 2018
|
6 |
International Standard, "Information technology - Mitigating maliciously tainted and counterfeit products - Part 2: Assessment procedures for the O-TTPS and ISO/IEC 20243-1:2018", ISO/IEC 20243-2, Jan. 2018
|
7 |
Office of the Under Secretary of Defens e for Acquisition & Sustainment, "DFA RS 252.204-7012 Defense Industrial Base Compliance Information", Nov. 2011
|
8 |
European Cyber Security Organisation, "Overview of existing Cybersecurity standards and certification schemes v2", Dec. 2017
|
9 |
European Cyber Security Organisation, "European Cyber Security Certification A Meta-Scheme Approach v1.0", Dec. 2017
|
10 |
National Institute of Standards and Technology, "Workshop Brief on Cyber SCRM Standards Mapping"
|
11 |
National Institute of Standards and Technology, "National Institute of Standards and Technology, "Workshop Brief on Cyber SCRM Standards Mapping(Draft)" , IR 8276, Feb. 2020
|
12 |
UK Cabinet Office, "Supplier Assurance Framework: Good Practice Guide", May.2018
|
13 |
https://www.ncsc.gov.uk/collection/supply-chain-security/principles-supply-chain-security
|
14 |
MITRE, "Supply Chain Attack Framew ork and Attack Patterns", Dec. 2013
|
15 |
KISA, "Cyber Threat Trend Report", Jul. 2018
|
16 |
Hyo-hyeon Son, Kwang-jun Kim and Man-hee Lee, "US supply chain securit y management system analysis.", Journal of the Korea Institute of Informati on Security & Cryptology, 29(5), pp. 1089-1097, Oct. 2019
|
17 |
Eung-kyu Lee and Jung-duk Kim, "A Case Study on ICT Supply Chain Attacks.", The Journal of Information Technology and Architecture, 16(4), pp. 383-396, Dec, 2019
DOI
|
18 |
MITRE, 'Supply Chain Attacks and Resiliency Mitigations.", Oct. 2017
|
19 |
National Institute of Standards and Technology, "Framework for Improving Critical Infrastructure Cybersecurity. version 1.0" , Feb. 2014
|
20 |
National Institute of Standards and Technology, "Framework for Improving Critical Infrastructure Cybersecurity. version 1.1" , Apr. 2018
|
21 |
National Institute of Standards and Technology, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations" Special Publication 800-171 revision 2, Feb. 2020
|
22 |
National Institute of Standards and Technology," Supply Chain Risk Management Practices for Federal Information Systems and Organizations" Special Publication 800-161, Apr. 2015
|
23 |
National Institute of Standards and Technology, "Notional Supply Chain Risk Management Practices for Federal Information Systems" IR 7622, Oct. 2012
|
24 |
National Institute of Standards and Technology, "Managing Information Security Risk Organization, Mission, and Information System View" Special Publication 800-39, Mar. 2011
|
25 |
National Institute of Standards and Technology, "Minimum Security Requirements for Federal Information and Information Systems" Federal Information Processing Standards Publication 200, Mar. 2006
|
26 |
National Institute of Standards and Technology, "Security and Privacy Controls for Federal Information Systems and Organizations" Special Publication 800-53, Apr. 2013
|
27 |
Office of the Under Secretary of Defense for Acquisition & Sustainment, "Supply Chain Attack Pattern : Framework and Catalog", 2014
|
28 |
National Institute of Standards and Technology, "Assessing Security Requirements for Controlled Unclassified Information" Special Publication 800-171A, Jun. 2018
|