Building Trustworthy, High-Quality Products and Solutions

Information communication technology (ICT) is evolving from a vertical industry to a platform industry, supporting the digital transformation of various industries, and creating a fully connected, intelligent world. New technology trends, such as cloud, artificial intelligence (AI), and software-defined everything require highly reliable ICT infrastructure, and customers will continue to value trustworthiness as a basic requirement when investing in ICT products. Trustworthiness does not only refer to producing successful results, but it also refers to providing quality process assurance and designing products in an inherently quality way. Trustworthiness stems from verifiable quality – both in process and results.

Cyber security and privacy protection are Huawei’s top priorities. Huawei is building an effective management system using the ISO 9000 quality management system and ISO/IEC/IEEE 15288 and 12207 system engineering and software development standards. This ensures that every customer will be provided with a high-quality product, while employees continue to value product security and earn our customers’ trust.

In the future, what standards will be needed in the telecom industry to ensure the fully connected world remains secure? Huawei has been involved in the development of more than 150 documents, including mainstream security standards, and process specification guides, as well as regulatory directives, white papers, and academic papers. Huawei has found that there are no all-encompassing standards, rather different standards value different aspects of security. Huawei has experience in large-scale development, network deployment, and operations and maintenance (O&M), as well as the knowledge to design large and complex products. We define Huawei’s trustworthiness framework based on common knowledge in system engineering and using the following four principles: explainability, implementability, verifiability, and considerable industry consensus.

Figure 1-1 Huawei trustworthiness framework

We are committed to building trust and high quality into every ICT infrastructure product and solution we develop. Here are some key areas we as a company will work on:

Security: Huawei will strengthen the defensive capabilities of its products, including their ability to protect the confidentiality, integrity, and availability of services and data.

Resilience: This is the ability of the system to continue to be in a known state while under attack, even if in a degraded state, and to rapidly recover after an attack.

Privacy: Protecting privacy is a regulatory requirement, and also the expression of Huawei’s values as a company. Users should also be able to appropriately control how their data is used. Information use policies should be transparent to users. Users should be able to appropriately control when and if they want to receive information based on their own individual needs. There must be a set of capabilities and mechanisms to fully protect user private data.

Safety: System failures should not cause unacceptable risks or cause harm to the safety of any individual person, either directly or indirectly, through damaging environments or properties.

Reliability & availability: We need to ensure long-term, fault-free operations for the entire lifecycle of our products. They must be able to rapidly recover and self-manage, as well as provide predictable and consistent services.

Trustworthiness should be incorporated from the very beginning and throughout the development, implementation, and innovation of each product. We must ensure the integrity and bidirectional traceability of each product, from the product’s innovation to the customer’s premise, and provide proper confidentiality protection mechanisms (such as permission separation, trust, and behavior monitoring mechanisms) when necessary to ensure that products are not faked or tampered with. We must also ensure that deployment, maintenance, and disposal processes and tools can protect sensitive data from leakage. Trustworthy system design, trustworthy software implementation, trustworthy delivery and O&M, and product lifecycle management transformation needs to be implemented in each domain to achieve trustworthiness.

Over the past 100 years, many of the world’s most successful companies have fallen because they were not able to adapt to change. Choosing to evolve is the only way for a company to remain adaptive to changes in the outside world. Huawei needs to stay open and keep evolving if we hope to remain relevant. Our Board of Directors has decided to begin a broad transformation program to fundamentally enhance our software engineering capabilities and practices over the next five years. Our rotating chairman, Xu Zhijun (Eric Xu), will take overall accountability for the program. We will allocate an initial budget of US$2 billion to this program, which will cover all products in our ICT infrastructure business. Our goal is to develop trustworthy, quality products. Only in this way can we fulfill our vision and mission: to bring digital to every person, home and organization for a fully connected, intelligent world.