The Open Group Releases Global Technology Supply Chain Security Standard
From the press release, "Specifically intended to prevent maliciously tainted and counterfeit products from entering the supply chain, this first release of the O-TTPS codifies best practices across the entire COTS ICT product lifecycle, including the design, sourcing, build, fulfilment, distribution, sustainment, and disposal phases."
Meanwhile, the head of Huawei admits "challenges and problems" in America.
So, even though the new O-TTPS is supposed to create trust within the supply chain for COTS, could Huawei, even if it were a software company, ever use it? I doubt any type of certification will overcome the deep mistrust of enterprises owned by either the PRC or the PLA.