Navigate

SA-17 (5)

SA-17 (5): Conceptually Simple Design

The organization requires the developer of the information system, system component, or information system service to:

SA-17 (5)(a): Design and structure the security-relevant hardware, software, and firmware to use a complete, conceptually simple protection mechanism with precisely defined semantics; and

SA-17 (5)(b): Internally structure the security-relevant hardware, software, and firmware with specific regard for this mechanism.

Supplemental

None

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
Cross Domain (Access), Cross Domain (Multilevel), Cross Domain (Transfer)

Related Controls

The controls below (if any) were marked by NIST as being related to SA-17 (5).

Control	Description
SC-3	The information system isolates security functions from nonsecurity functions.

Enhancements

The controls below (if any) add on to the requirements of SA-17 (5).

Control	Description
No controls

Related CCIs

The CCIs below are tied to SA-17 (5).

CCI	Definition
CCI-003334	The organization requires the developer of the information system, system component, or information system service to design and structure the security-relevant hardware to use a complete, conceptually simple protection mechanism with precisely defined semantics.
CCI-003335	The organization requires the developer of the information system, system component, or information system service to design and structure the security-relevant software to use a complete, conceptually simple protection mechanism with precisely defined semantics.
CCI-003336	The organization requires the developer of the information system, system component, or information system service to design and structure the security-relevant firmware to use a complete, conceptually simple protection mechanism with precisely defined semantics.
CCI-003337	The organization requires the developer of the information system, system component, or information system service to internally structure the security-relevant hardware with specific regard for the complete, conceptually simple protection mechanism with precisely defined semantics.
CCI-003338	The organization requires the developer of the information system, system component, or information system service to internally structure the security-relevant software with specific regard for the complete, conceptually simple protection mechanism with precisely defined semantics.
CCI-003339	The organization requires the developer of the information system, system component, or information system service to internally structure the security-relevant firmware with specific regard for the complete, conceptually simple protection mechanism with precisely defined semantics.