SA-10(3): Hardware Integrity Verification

Control Family:

System and Services Acquisition

Parent Control:

SA-10: Developer Configuration Management

CSF v1.1 References:

PR.DS-8
PR.IP-1
PR.IP-2
PR.IP-3

Threats Addressed:

Tampering

Baselines:

(Not part of any baseline)

Previous Version:

NIST Special Publication 800-53 Revision 4:
SA-10(3): Hardware Integrity Verification

Control Statement

Require the developer of the system, system component, or system service to enable integrity verification of hardware components.

Supplemental Guidance

Hardware integrity verification allows organizations to detect unauthorized changes to hardware components using developer-provided tools, techniques, methods, and mechanisms. Organizations may verify the integrity of hardware components with hard-to-copy labels, verifiable serial numbers provided by developers, and by requiring the use of anti-tamper technologies. Delivered hardware components also include hardware and firmware updates to such components.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5