Navigate

PE-3 (5)

PE-3 (5): Tamper Protection

The organization employs [Assignment: organization-defined security safeguards] to [Selection (one or more): detect; prevent] physical tampering or alteration of [Assignment: organization-defined hardware components] within the information system.

Supplemental

Organizations may implement tamper detection/prevention at selected hardware components or tamper detection at some components and tamper prevention at other components. Tamper detection/prevention activities can employ many types of anti-tamper technologies including, for example, tamper-detection seals and anti-tamper coatings. Anti-tamper programs help to detect hardware alterations through counterfeiting and other supply chain-related risks.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
Int-C

Related Controls

The controls below (if any) were marked by NIST as being related to PE-3 (5).

Control	Description
SA-12	The organization protects against supply chain threats to the information system, system component, or information system service by employing [Assignment: organization-defined security safeguards] as part of a comprehensive, defense-in-breadth information security strategy.

Enhancements

The controls below (if any) add on to the requirements of PE-3 (5).

Control	Description
No controls

Related CCIs

The CCIs below are tied to PE-3 (5).

CCI	Definition
CCI-000933	The organization employs organization-defined security safeguards to deter and/or prevent physical tampering or alteration of organization-defined hardware components within the information system.
CCI-002928	The organization defines security safeguards to detect and prevent physical tampering or alteration of organization-defined hardware components within the information system.
CCI-002929	The organization defines hardware components within the information system for which to employ organization-defined security safeguards to detect and prevent physical tampering or alteration.