Navigate

SA-10 (6)

SA-10 (6): Trusted Distribution

The organization requires the developer of the information system, system component, or information system service to execute procedures for ensuring that security-relevant hardware, software, and firmware updates distributed to the organization are exactly as specified by the master copies.

Supplemental

The trusted distribution of security-relevant hardware, software, and firmware updates helps to ensure that such updates are faithful representations of the master copies maintained by the developer and have not been tampered with during distribution.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
Cross Domain (Access), Cross Domain (Multilevel), Cross Domain (Transfer), NC3

Related Controls

The controls below (if any) were marked by NIST as being related to SA-10 (6).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of SA-10 (6).

Control	Description
No controls

Related CCIs

The CCIs below are tied to SA-10 (6).

CCI	Definition
CCI-003170	The organization requires the developer of the information system, system component, or information system service to execute procedures for ensuring that security-relevant hardware, software, and firmware updates distributed to the organization are exactly as specified by the master copies.