Navigate

SA-18

SA-18: Tamper Resistance And Detection

The organization implements a tamper protection program for the information system, system component, or information system service.

Supplemental

Anti-tamper technologies and techniques provide a level of protection for critical information systems, system components, and information technology products against a number of related threats including modification, reverse engineering, and substitution. Strong identification combined with tamper resistance and/or tamper detection is essential to protecting information systems, components, and products during distribution and when in use.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
Cross Domain (Access), Cross Domain (Multilevel), Cross Domain (Transfer)

Related Controls

The controls below (if any) were marked by NIST as being related to SA-18.

Control	Description
PE-3	The organization: PE-3a.: Enforces physical access authorizations at [Assignment: organization-defined entry/exit points to the facility where the information system resides] by; PE-3a.1.: Verifying individual access authorizations before granting access to the facility; and PE-3a.2.: Controlling ingress/egress to the facility using [Selection (one or more): [Assignment: organization-defined physical access control systems/devices]; guards]; PE-3b.: Maintains physical access audit logs for [Assignment: organization-defined entry/exit points]; PE-3c.: Provides [Assignment: organization-defined security safeguards] to control access to areas within the facility officially designated as publicly accessible; PE-3d.: Escorts visitors and monitors visitor activity [Assignment: organization-defined circumstances requiring visitor escorts and monitoring]; PE-3e.: Secures keys, combinations, and other physical access devices; PE-3f.: Inventories [Assignment: organization-defined physical access devices] every [Assignment: organization-defined frequency]; and PE-3g.: Changes combinations and keys [Assignment: organization-defined frequency] and/or when keys are lost, combinations are compromised, or individuals are transferred or terminated.
SA-12	The organization protects against supply chain threats to the information system, system component, or information system service by employing [Assignment: organization-defined security safeguards] as part of a comprehensive, defense-in-breadth information security strategy.
SI-7	The organization employs integrity verification tools to detect unauthorized changes to [Assignment: organization-defined software, firmware, and information].

Enhancements

The controls below (if any) add on to the requirements of SA-18.

Control	Description
SA-18 (1)	The organization employs anti-tamper technologies and techniques during multiple phases in the system development life cycle including design, development, integration, operations, and maintenance.
SA-18 (2)	The organization inspects [Assignment: organization-defined information systems, system components, or devices] [Selection (one or more): at random; at [Assignment: organization-defined frequency], upon [Assignment: organization-defined indications of need for inspection]] to detect tampering.

Related CCIs

The CCIs below are tied to SA-18.

CCI	Definition
CCI-003346	The organization implements a tamper protection program for the information system, system component, or information system service.