In 1983, Ken Thompson gave a Turing award lecture titled “Reflections on Trusting Trust” where he discussed supply chain security. He explained how to modify a C compiler binary to insert a backdoor when compiling the “login” program, leaving no trace in the source code. The lecture was later published in Communications of the ACM. The three steps to achieve this are: 1) Write a self-reproducing program, 2) Understand that compilers “learn” details that only appear in the compiler binary, and 3) Teach the compiler to miscompile the target program. Ken Thompson later confirmed that he still has the code for the backdoor.
https://research.swtch.com/nih