Issues of an Assured Tool-Chain

We do not have any assurance that our basic tools are not compromised.

  • Compilers
  • Operating Systems
  • Hardware Platforms
  • Verilog and Other Tools to Produce Chips

At the base, is the compiler. The fear was first formally expressed in Ken Thompson's 1984 Turing Award Lecture Reflections on Trusting Trust.

David A. Wheeler's PhD thesis, Fully Countering Trusting Trust through Diverse Double-Compiling outlines how we might deal with the compiler trust conundrum.