Modern hardware and software is generally composed of many different (hardware and software) components, some of these themselves composed of multiple sub-components. Keeping track of the provenance and trustworthiness of all of these can be an extremely difficult problem. Any of them might be compromised in a "supply chain" attack to compromise the integrity of a finished product. A classic example was the introduction of explosives into pagers and walkie-talkies supplied to Hezbollah in 2024, but purely software examples are increasingly a concern.