Updated
5 Apr 2023Form Number
LP1434PDF size
8 pages, 316 KBAbstract
Lenovo ISG has paired its industry leading supply chain with Intel’s innovative Transparent Supply Chain program to add a layer of protection to your data center and bring peace of mind that the server hardware you bring into it is safe authentic and with documented, testable, and provable origin.
Change History
Changes in the April 5, 2023 update:
- Added new supported ThinkSystem V3 systems
Introduction
Infrastructure security has long been on top of the lists of concerns for businesses. Increasingly frequent reports of supply chain attacks add to those concerns, whether it’s purported “spy chip” hardware implants, tainted firmware, interdicted shipments, or counterfeit components.
Recent publications have expressed growing concern that counterfeit electronic parts can cause safety hazards, failure of critical business applications, or that there's a risk that vulnerabilities can be introduced into the supply chain to be exploited later.
Modern manufacturing logistics and the globalization of current supply chains make it difficult to trace the origin and safety of the components inside a device. Your data center supplier must be able to provide assurance that it has tamper proof supply chains from the manufacturing facility all the way into your hands. Current supply chain practices start with trusting the source, but processes are limited to screening out counterfeit components, particularly for products containing many subsystems.
Lenovo has one of the world’s best supply chains as ranked by Gartner Group, backed by extensive and mature supply chain security programs that exceed industry norms and US Government standards. Now we are the first Tier 1 manufacturer to offer Intel® Transparent Supply Chain in partnership with Intel, offering you an unprecedented degree of supply chain transparency and assurance.
What is the Intel Transparent Supply Chain?
Lenovo offers an unparalleled level of supply chain transparency and security with the Intel Transparent Supply Chain program
Intel Transparent Supply Chain (Intel TSC) is a set of tools, policies, procedures and data capture. It extends from motherboard production through the manufacturing factory floor to your data center, implemented on the factory floor enabling you to verify the authenticity of components, installed firmware, and the configuration of your systems.
It all starts with motherboard production, where a comprehensive bill of materials detailing each electronic component – down to the smallest part – is automatically generated by the automated shop floor control systems used for printed circuit board assembly. This inventory forms the motherboard “as built” data file, with each file uniquely tied to a specific motherboard.
Next, in server manufacturing, we physically inventory all the components we assemble in a server using barcoded component identifiers scanned into our manufacturing systems. This inventory is the source of the platform “as built” data file, with each file uniquely tied to a specific server chassis.
Once server manufacturing is complete, an Intel-provided software tool is run that inventories all software readable components, installed firmware, and configuration information within the server. This information is then tied to the TPM, the Trusted Platform Module, that's on the server motherboard.
All of this data is then sent via secure connection to Intel where they digitally sign the data and post it to the Intel-hosted Lenovo ISG Transparent Supply Chain portal at https://tsc.intel.com/lenovo-dcg/. You can then retrieve the data and a companion verification tool. This way you know what's in your system, and you will have the full bill of materials and traceability report of your system along with the accountability and attestation provided by Intel's digital signature which safeguards against data tampering.
With this enhanced supply chain security capability, you will have the confidence that all components are known and genuine, and have a way to verify that the hardware you are receiving hasn’t been tampered with between when it left our facility to when it arrived at yours.
This feature provides traceability back to the motherboard component level giving you the confidence of knowing exactly what's in your product. Below you will find a graphic depiction of the process.
Figure 1. Intel Transparent Supply Chain workflow (click to view a larger version)
What data does the Intel Transparent Supply Chain capture?
Lenovo is the first tier 1 manufacturer to offer this capability
The motherboard “as built” data file - shown in the image below - goes to the detailed level of the motherboard: every micro circuit, chip, resistor, everything that’s placed on a motherboard is inventoried along with information like where it came from, what's its part number, and if there's a serial number. Then we extend that to all the other components that are installed in the server like memory DIMMs, CPUs and hard drives. This creates a set of data which captures each of those individual pieces that make up the product.
Figure 2. "As Built" data file screen capture (click to view a larger version)
The direct platform data file consists of component information that is programmatically readable from the system. A software utility runs and identifies what's installed in the server, where it will identify a hard disk if its installed, then read the model number, serial number, firmware version and other details. The utility will also read the platform configuration registers from the Trusted Platform Module (TPM) which represent system configuration values.
The software also talks to the TPM that's on the server motherboard to read the platform configuration registers representing system configuration values, and to read unique characteristics built into each TPM from the TPM manufacturer such as serial number, and cryptographic endorsement key, certificate. Since the TPM is soldered down to the motherboard it provides a unique representation that ties the collected data to a specific motherboard with specific components in a specific system.
How do I add Intel Transparent Supply Chain to my order?
To add Intel Transparent Supply Chain to your order simply add the following feature code in the DCSC configurator, under the Security tab.
Feature code | Description |
---|---|
BB0P | Intel Transparent Supply Chain |
What are the benefits of adding this feature to my order?
The benefits of adding Intel Transparent Supply Chain can be summarized in four features, as follows:
Traceability |
Accountability |
Assurance |
Security |
---|---|---|---|
Full component traceability linked to TPM | Detailed bill of materials and platform certificate digitally signed by Intel + access to the companion verification tool that provides digital proof of product origin. | Receive a higher level of information and proof compared to the current industry standard | Increased integrity and authenticity of the supply chain |
Additionally, servers manufactured under the Intel Transparent Supply Chain program conform to the US Department of Defense Federal Acquisition Regulation (DFAR) 246.870-2/252.246-7007: Contractor Counterfeit Electronic Part Detection requirements.
What systems are currently supported on this program?
The following tables list the ThinkSystem and ThinkEdge servers that support this enhanced security feature. The equivalent ThinkAgile systems are also supported.
Part Number | Description | Edge | 1S Intel V2 | AMD V3 | Intel V3 | Dense V3 | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
SE350 (7Z46 / 7D1X) |
SE450 (7D8T) |
ST50 V2 (7D8K / 7D8J) |
ST250 V2 (7D8G / 7D8F) |
SR250 V2 (7D7R / 7D7Q) |
SR635 V3 (7D9H / 7D9G) |
SR655 V3 (7D9F / 7D9E) |
SR645 V3 (7D9D / 7D9C) |
SR665 V3 (7D9B / 7D9A) |
SR675 V3 (7D9Q / 7D9R) |
ST650 V3 (7D7B / 7D7A) |
SR630 V3 (7D72 / 7D73) |
SR650 V3 (7D75 / 7D76) |
SR850 V3 (7D97 / 7D96) |
SR860 V3 (7D94 / 7D93) |
SD665 V3 (7D9P) |
SD665-N V3 (7DAZ) |
SD650 V3 (7D7M) |
SD650-I V3 (7D7L) |
||
BB0P | Intel Transparent Supply Chain | Y | Y | N | Y | Y | N | N | N | N | N | Y | Y | Y | Y | Y | N | N | Y | Y |
Part Number | Description | 2S Intel V2 | AMD V1 | Dense V2 | 4S V2 | 8S | 4S V1 | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ST650 V2 (7Z75 / 7Z74) |
SR630 V2 (7Z70 / 7Z71) |
SR650 V2 (7Z72 / 7Z73) |
SR670 V2 (7Z22 / 7Z23) |
SR635 (7Y98 / 7Y99) |
SR655 (7Y00 / 7Z01) |
SR655 Client OS |
SR645 (7D2Y / 7D2X) |
SR665 (7D2W / 7D2V) |
SD630 V2 (7D1K) |
SD650 V2 (7D1M) |
SD650-N V2 (7D1N) |
SN550 V2 (7Z69) |
SR850 V2 (7D31 / 7D32) |
SR860 V2 (7Z59 / 7Z60) |
SR950 (7X11 / 7X12) |
SR850 (7X18 / 7X19) |
SR850P (7D2F / 2D2G) |
SR860 (7X69 / 7X70) |
||
BB0P | Intel Transparent Supply Chain | Y | Y | Y | Y | N | N | N | N | N | Y | Y | Y | Y | Y | Y | Y | N | Y | Y |
Part Number | Description | 1S Intel V1 | 2S Intel V1 | Dense V1 | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ST50 (7Y48 / 7Y50) |
ST250 (7Y45 / 7Y46) |
SR150 (7Y54) |
SR250 (7Y52 / 7Y51) |
ST550 (7X09 / 7X10) |
SR530 (7X07 / 7X08) |
SR550 (7X03 / 7X04) |
SR570 (7Y02 / 7Y03) |
SR590 (7X98 / 7X99) |
SR630 (7X01 / 7X02) |
SR650 (7X05 / 7X06) |
SR670 (7Y36 / 7Y37) |
SD530 (7X21) |
SD650 (7X58) |
SN550 (7X16) |
SN850 (7X15) |
||
BB0P | Intel Transparent Supply Chain | N | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | N | N | Y | Y |
Conclusion
Lenovo ISG has paired its industry leading supply chain with Intel’s innovative Transparent Supply Chain program to add a layer of protection to your data center and bring peace of mind that the server hardware you bring into it is authentic and with documented, testable, and provable origin.
Ask your Lenovo representative how this feature can be added to your purchase.
Trademarks
Lenovo and the Lenovo logo are trademarks or registered trademarks of Lenovo in the United States, other countries, or both. A current list of Lenovo trademarks is available on the Web at https://www.lenovo.com/us/en/legal/copytrade/.
The following terms are trademarks of Lenovo in the United States, other countries, or both:
Lenovo®
ThinkAgile®
ThinkEdge®
ThinkSystem®
The following terms are trademarks of other companies:
Intel® is a trademark of Intel Corporation or its subsidiaries.
Other company, product, or service names may be trademarks or service marks of others.
Configure and Buy
Full Change History
Changes in the April 5, 2023 update:
- Added new supported ThinkSystem V3 systems
Changes in the August 24, 2021 update:
- Added new supported systems
- SD630 V2
- SD650 V2
- SD650-N V2
- ST250
- ST550
- SR150
- SR250
- SR670
- SR670 V2
Changes in the June 3, 2021 update:
- Added new supported systems
- ThinkAgile HX
- ThinkAgile MX
- ThinkAgile VX
Changes in the March 26, 2021 update:
- Added new systems with ship support
- HR630X v2
- HR650X v2
- ST650 V2
- SN550 V2
- SR630 V2
- SR650 V2
- Added new systems with future support 2Q/2021
- SD630 V2
- SD650 V2
- SD650-N V2
- SR670 V2