Issues of an Assured Tool-Chain
We do not have any assurance that our basic tools are not compromised.
- Compilers
- Operating Systems
- Hardware Platforms
- Verilog and Other Tools to Produce Chips
At the base, is the compiler. The fear was first formally expressed in Ken Thompson's 1984 Turing Award Lecture Reflections on Trusting Trust.
David A. Wheeler's PhD thesis, Fully Countering Trusting Trust through Diverse Double-Compiling outlines how we might deal with the compiler trust conundrum.