The Chinese vendor said customers will be able to have access to the source code of its products
BARCELONA–ZTE plans to open three labs during 2018, with the aim of allowing customers to have access to the source code of the vendor’s products, ZTE’s Chief Scientist Xiang Jiying told reporters.
The first security lab will be opened in the city of Nanjing, China in approximately two months.
The vendor also expects to open two additional labs in Italy and Belgium during 2019. Moving forward, ZTE said it will be considering the establishment of new labs in accordance with its customers’ needs and business development.
In these facilities, customers will be able to view and evaluate the source code of ZTE products in a secure environment, the executive said.
Customers will also have access to important technical documentation of ZTE products and services. The labs will also provide manual and automated security testing of the vendor’s products and services.
Xiang Jiying also said that ZTE does not have intentional malicious code in its products.
“We might have some black holes but this is inevitable. Every company can have black holes,” he said.
“If anybody is concerned about the security of our products, we can open the source code for customers and governments. If they want, they can take a view of the source code and even scan the source code of our products for monitoring,” the executive added.
Xiang Jiying added that the company has not yet received any requests to see source code from a customer or government agency.
ZTE’s Chief Security Officer Zhong Hong said that ZTE has never received any requests from any Chinese government agency to set up backdoors in its products.
“The source code of our products can be opened to security audits by customers and professional organizations through our security labs,” he added.
In order to achieve an end-to-end secure delivery of products and services, ZTE said it integrates security policies and controls into every phase of its product lifecycle, which establishes a cybersecurity assurance mechanism covering areas such as product development, supply chain and manufacturing, engineering services, security incident management and verification and audits.
The move by ZTE to increase its transparency around its products comes as the U.S. government continues to press its case to the international community that using equipment from Chinese equipment vendors poses both privacy and national security risks, with Huawei as a particular target.