TEST 1
Here’s the polished and professionally formatted version of TEST 1: BIS-3.3.1 under Section 3.3:
TEST 1
Test Case ID: BIS-3.3.1
Test Name: TC_ASSESS_TRUSTED_SUPPLY_CHAIN_FOR_CRITICAL_COMPONENTS
Objective:
Verify that trusted sources are used for sourcing the components of the device, specifically for critical hardware components (e.g., SoC), and that a secure and managed Bill of Materials (BOM) is maintained.
Tools Used:
Document review checklist
Vendor-supplied BOM documentation
Test Execution Steps:
Review the Bill of Materials (BOM) submitted by the vendor.
Verify that the BOM includes all critical hardware components related to security functions (e.g., SoC, TPM, crypto modules).
Validate that the documentation clearly states the supplier names and confirms procurement from trusted, certified, or authorized vendors.
Check if the supply chain process includes security measures such as tamper-proof packaging, vendor authentication, or audit records.
Expected Results for Pass:
Documentation confirms that all critical hardware components are sourced from trusted and verifiable suppliers.
The BOM reflects a well-maintained and secure supply chain process.
Components are authentic and procured through reputable channels, with supporting documentation from the vendor.
Test Observations:
(To be filled after document review. E.g., Vendor-supplied BOM includes XYZ secure SoC sourced from ABC Semiconductors, verified through invoice and certification.)
Evidence Provided:
Vendor-signed Bill of Materials (BOM)
Supplier authentication documents (certifications, contracts, or invoices)
Internal supply chain policy (if applicable)
Test Case Result:
(Pass / Fail – based on validation outcome)
Overall Test Result:
(Pass / Fail – consistent with test case result)
Let me know if you'd like a compiled summary report for submission or assistance preparing Section 3.4 next.
Last updated
Was this helpful?