SC-3(4): Module Coupling And Cohesiveness

Control Family:

System And Communications Protection

Parent Control:

SC-3: Security Function Isolation

Priority:

P1: Implement P1 security controls first.

Threats Addressed:

Elevation of Privilege

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
SC-3(4): Module Coupling and Cohesiveness

Control Statement

The organization implements security functions as largely independent modules that maximize internal cohesiveness within modules and minimize coupling between modules.

Supplemental Guidance

The reduction in inter-module interactions helps to constrain security functions and to manage complexity. The concepts of coupling and cohesion are important with respect to modularity in software design. Coupling refers to the dependencies that one module has on other modules. Cohesion refers to the relationship between the different functions within a particular module. Good software engineering practices rely on modular decomposition, layering, and minimization to reduce and manage complexity, thus producing software modules that are highly cohesive and loosely coupled.