I had flashbacks to physical chip security trainings. The full ecosystem security needed to protect and validate that no malicious injection from fab to end user. I recall a chip replacement from manufacturer to client that had a ORG in the middle that replaced chips to compromised encryption. Trust is needed, by verification keeps all legit