SA-18: Tamper Resistance And Detection

CSF v1.1 References:

Threats Addressed:


  • Low


  • Moderate


  • High


Warning icon.

Control is withdrawn in the next version of this control set and incorporated into: SR-9: Tamper Resistance and Detection.

Control Statement

The organization implements a tamper protection program for the information system, system component, or information system service.

Supplemental Guidance

Anti-tamper technologies and techniques provide a level of protection for critical information systems, system components, and information technology products against a number of related threats including modification, reverse engineering, and substitution. Strong identification combined with tamper resistance and/or tamper detection is essential to protecting information systems, components, and products during distribution and when in use.

Control Enhancements

SA-18(1): Multiple Phases Of Sdlc


(Not part of any baseline)

The organization employs anti-tamper technologies and techniques during multiple phases in the system development life cycle including design, development, integration, operations, and maintenance.

SA-18(2): Inspection Of Information Systems, Components, Or Devices


(Not part of any baseline)

The organization inspects [Assignment: organization-defined information systems, system components, or devices] [Selection (one or more): at random; at [Assignment: organization-defined frequency], upon [Assignment: organization-defined indications of need for inspection]] to detect tampering.