SR-9(1): Multiple Stages of System Development Life Cycle
Control Family:
Parent Control:
CSF v1.1 References:
Baselines:
- High
Control is new to this version of the control set and incorporates the following control from the previous version: SA-18(1): Multiple Phases Of Sdlc.
Control Statement
Employ anti-tamper technologies, tools, and techniques throughout the system development life cycle.
Supplemental Guidance
The system development life cycle includes research and development, design, manufacturing, acquisition, delivery, integration, operations and maintenance, and disposal. Organizations use a combination of hardware and software techniques for tamper resistance and detection. Organizations use obfuscation and self-checking to make reverse engineering and modifications more difficult, time-consuming, and expensive for adversaries. The customization of systems and system components can make substitutions easier to detect and therefore limit damage.