An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
110/172
)
CCIs
Number
Definition
Status
Related
CCI-003301
Require the developer of the system, system component, or system service to define security-relevant hardware.
Draft
SA-17(2)
CCI-003302
The organization requires the developer of the information system, system component, or information system service to define security-relevant hardware.
Deprecated
SA-17(2)
CCI-003303
Require the developer of the system, system component, or system service to define security-relevant software.
Draft
SA-17(2)
CCI-003304
Require the developer of the system, system component, or system service to define security-relevant firmware.
Draft
SA-17(2)
CCI-003305
Require the developer of the system, system component, or system service to provide a rationale that the definition for security-relevant hardware is complete.
Draft
SA-17(2)
CCI-003306
Require the developer of the system, system component, or system service to provide a rationale that the definition for security-relevant software is complete.
Draft
SA-17(2)
CCI-003307
Require the developer of the system, system component, or system service to provide a rationale that the definition for security-relevant firmware is complete.
Draft
SA-17(2)
CCI-003308
Require the developer of the system, system component, or system service to produce, as an integral part of the development process, a formal top-level specification that specifies the interfaces to security-relevant hardware in terms of exceptions, error messages, and effects.
Draft
SA-17(3)
CCI-003309
Require the developer of the system, system component, or system service to produce, as an integral part of the development process, a formal top-level specification that specifies the interfaces to security-relevant software in terms of exceptions, error messages, and effects.
Draft
SA-17(3)
CCI-003310
Require the developer of the system, system component, or system service to produce, as an integral part of the development process, a formal top-level specification that specifies the interfaces to security-relevant firmware in terms of exceptions, error messages, and effects.
Draft
SA-17(3)
CCI-003311
Require the developer of the system, system component, or system service to show via proof to the extent feasible with additional informal demonstration as necessary, that the formal top-level specification is consistent with the formal policy model.
Draft
SA-17(3)
CCI-003312
Require the developer of the system, system component, or system service to show via informal demonstration, that the formal top-level specification completely covers the interfaces to security-relevant hardware.
Draft
SA-17(3)
CCI-003313
Require the developer of the system, system component, or system service to show via informal demonstration, that the formal top-level specification completely covers the interfaces to security-relevant software.
Draft
SA-17(3)
CCI-003314
Require the developer of the system, system component, or system service to show via informal demonstration, that the formal top-level specification completely covers the interfaces to security-relevant firmware.
Draft
SA-17(3)
CCI-003315
Require the developer of the system, system component, or system service to show that the formal top-level specification is an accurate description of the implemented security-relevant hardware.
Draft
SA-17(3)
CCI-003316
Require the developer of the system, system component, or system service to show that the formal top-level specification is an accurate description of the implemented security-relevant software.
Draft
SA-17(3)
CCI-003317
Require the developer of the system, system component, or system service to show that the formal top-level specification is an accurate description of the implemented security-relevant firmware.
Draft
SA-17(3)
CCI-003318
Require the developer of the system, system component, or system service to describe the security-relevant hardware mechanisms not addressed in the formal top-level specification but strictly internal to the security-relevant hardware.
Draft
SA-17(3)
CCI-003319
Require the developer of the system, system component, or system service to describe the security-relevant software mechanisms not addressed in the formal top-level specification but strictly internal to the security-relevant software.
Draft
SA-17(3)
CCI-003320
Require the developer of the system, system component, or system service to describe the security-relevant firmware mechanisms not addressed in the formal top-level specification but strictly internal to the security-relevant firmware.
Draft
SA-17(3)
CCI-003321
Require the developer of the system, system component, or system service to produce, as an integral part of the development process, an informal descriptive top-level specification that specifies the interfaces to security-relevant hardware in terms of exceptions, error messages, and effects.
Draft
SA-17(4)
CCI-003322
Require the developer of the system, system component, or system service to produce, as an integral part of the development process, an informal descriptive top-level specification that specifies the interfaces to security-relevant software in terms of exceptions, error messages, and effects.
Draft
SA-17(4)
CCI-003323
Require the developer of the system, system component, or system service to produce, as an integral part of the development process, an informal descriptive top-level specification that specifies the interfaces to security-relevant firmware in terms of exceptions, error messages, and effects.
Draft
SA-17(4)
CCI-003324
Require the developer of the system, system component, or system service to show via informal demonstration or convincing argument with formal methods as feasible that the descriptive top-level specification is consistent with the formal policy model.
Draft
SA-17(4)
CCI-003325
Require the developer of the system, system component, or system service to show via informal demonstration, that the descriptive top-level specification completely covers the interfaces to security-relevant hardware.
Draft
SA-17(4)
CCI-003326
Require the developer of the system, system component, or system service to show via informal demonstration, that the descriptive top-level specification completely covers the interfaces to security-relevant software.
Draft
SA-17(4)
CCI-003327
Require the developer of the system, system component, or system service to show via informal demonstration, that the descriptive top-level specification completely covers the interfaces to security-relevant firmware.
Draft
SA-17(4)
CCI-003328
Require the developer of the system, system component, or system service to show that the descriptive top-level specification is an accurate description of the interfaces to security-relevant hardware.
Draft
SA-17(4)
CCI-003329
Require the developer of the system, system component, or system service to show that the descriptive top-level specification is an accurate description of the interfaces to security-relevant software.
Draft
SA-17(4)
CCI-003330
Require the developer of the system, system component, or system service to show that the descriptive top-level specification is an accurate description of the interfaces to security-relevant firmware.
Draft
SA-17(4)
Prev
1...
106
107
108
109
110
111
112
113
114
...172
Next