An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
111/172
)
CCIs
Number
Definition
Status
Related
CCI-003331
Require the developer of the system, system component, or system service to describe the security-relevant hardware mechanisms not addressed in the descriptive top-level specification but strictly internal to the security-relevant hardware.
Draft
SA-17(4)
CCI-003332
Require the developer of the system, system component, or system service to describe the security-relevant software mechanisms not addressed in the descriptive top-level specification but strictly internal to the security-relevant software.
Draft
SA-17(4)
CCI-003333
Require the developer of the system, system component, or system service to describe the security-relevant firmware mechanisms not addressed in the descriptive top-level specification but strictly internal to the security-relevant firmware.
Draft
SA-17(4)
CCI-003334
Require the developer of the system, system component, or system service to design and structure the security-relevant hardware to use a complete, conceptually simple protection mechanism with precisely defined semantics.
Draft
SA-17(5)
CCI-003335
Require the developer of the system, system component, or system service to design and structure the security-relevant software to use a complete, conceptually simple protection mechanism with precisely defined semantics.
Draft
SA-17(5)
CCI-003336
Require the developer of the system, system component, or system service to design and structure the security-relevant firmware to use a complete, conceptually simple protection mechanism with precisely defined semantics.
Draft
SA-17(5)
CCI-003337
Require the developer of the system, system component, or system service to internally structure the security-relevant hardware with specific regard for the complete, conceptually simple protection mechanism with precisely defined semantics.
Draft
SA-17(5)
CCI-003338
Require the developer of the system, system component, or system service to internally structure the security-relevant software with specific regard for the complete, conceptually simple protection mechanism with precisely defined semantics.
Draft
SA-17(5)
CCI-003339
Require the developer of the system, system component, or system service to internally structure the security-relevant firmware with specific regard for the complete, conceptually simple protection mechanism with precisely defined semantics.
Draft
SA-17(5)
CCI-003340
Require the developer of the system, component, or system service to structure security-relevant hardware to facilitate testing.
Draft
SA-17(6)
CCI-003341
Require the developer of the system, component, or system service to structure security-relevant software to facilitate testing.
Draft
SA-17(6)
CCI-003342
Require the developer of the system, component, or system service to structure security-relevant firmware to facilitate testing.
Draft
SA-17(6)
CCI-003343
Require the developer of the system, component, or system service to structure security-relevant hardware to facilitate controlling access with least privilege.
Draft
SA-17(7)
CCI-003344
Require the developer of the system, component, or system service to structure security-relevant software to facilitate controlling access with least privilege.
Draft
SA-17(7)
CCI-003345
Require the developer of the system, component, or system service to structure security-relevant firmware to facilitate controlling access with least privilege.
Draft
SA-17(7)
CCI-003346
The organization implements a tamper protection program for the information system, system component, or information system service.
Draft
SA-18
CCI-003347
The organization employs anti-tamper technologies and techniques during multiple phases in the system development life cycle including design.
Draft
SA-18(1)
CCI-003348
The organization employs anti-tamper technologies and techniques during multiple phases in the system development life cycle including development.
Draft
SA-18(1)
CCI-003349
The organization employs anti-tamper technologies and techniques during multiple phases in the system development life cycle including integration.
Draft
SA-18(1)
CCI-003350
The organization employs anti-tamper technologies and techniques during multiple phases in the system development life cycle including operations.
Draft
SA-18(1)
CCI-003351
The organization employs anti-tamper technologies and techniques during multiple phases in the system development life cycle including maintenance.
Draft
SA-18(1)
CCI-003352
The organization inspects organization-defined information systems, system components, or devices at random, at an organization-defined frequency, and/or upon organization-defined indications of need for inspection to detect tampering.
Draft
SA-18(2)
CCI-003353
The organization defines the information systems, system components, or devices to inspect at random, at an organization-defined frequency, and/or upon organization-defined indications of need for inspection to detect tampering.
Draft
SA-18(2)
CCI-003354
The organization defines the frequency on which to inspect organization-defined information systems, system components, or devices to detect tampering.
Draft
SA-18(2)
CCI-003355
The organization defines indications of need for inspection to detect tampering during inspections of organization-defined information systems, system components, or devices.
Draft
SA-18(2)
CCI-003356
The organization develops an anti-counterfeit policy that includes the means to detect counterfeit components from entering the information system.
Draft
SA-19
CCI-003357
The organization develops an anti-counterfeit policy that includes the means to prevent counterfeit components from entering the information system.
Draft
SA-19
CCI-003358
The organization develops anti-counterfeit procedures that include the means to detect counterfeit components from entering the information system.
Draft
SA-19
CCI-003359
The organization develops anti-counterfeit procedures that include the means to prevent counterfeit components from entering the information system.
Draft
SA-19
CCI-003360
The organization implements an anti-counterfeit policy that includes the means to detect counterfeit components from entering the information system.
Draft
SA-19
Prev
1...
107
108
109
110
111
112
113
114
115
...172
Next