Navigate

SA-10 (3)

SA-10 (3): Hardware Integrity Verification

The organization requires the developer of the information system, system component, or information system service to enable integrity verification of hardware components.

Supplemental

This control enhancement allows organizations to detect unauthorized changes to hardware components through the use of tools, techniques, and/or mechanisms provided by developers. Organizations verify the integrity of hardware components, for example, with hard-to-copy labels and verifiable serial numbers provided by developers, and by requiring the implementation of anti-tamper technologies. Delivered hardware components also include updates to such components.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

Related Controls

The controls below (if any) were marked by NIST as being related to SA-10 (3).

Control	Description
SI-7	The organization employs integrity verification tools to detect unauthorized changes to [Assignment: organization-defined software, firmware, and information].

Enhancements

The controls below (if any) add on to the requirements of SA-10 (3).

Control	Description
No controls

Related CCIs

The CCIs below are tied to SA-10 (3).

CCI	Definition
CCI-003165	The organization requires the developer of the information system, system component, or information system service to enable integrity verification of hardware components.