Control: The organisation implements a tamper protection program for the information system, system component, or information system service.
Tamper Resistance and Detection Supplemental Guidance:
Anti-tamper technologies and techniques provide a level of protection for critical information systems, system components, and information technology products against a number of related threats including modification, reverse engineering, and substitution. Strong identification combined with tamper resistance and/or tamper detection is essential to protecting information systems, components, and products during distribution and when in use.
Tamper Resistance and Detection Control Enhancements:
SA-18 (1) Tamper Resistance and Detection - Multiple phases of SDLC
The organisation employs anti-tamper technologies and techniques during multiple phases in the system development life cycle including design, development, integration, operations, and maintenance.
Supplemental Guidance: Organisations use a combination of hardware and software techniques for tamper resistance and detection. Organisations employ obfuscation and self-checking, for example, to make reverse engineering and modifications more difficult, time-consuming, and expensive for adversaries. Customisation of information systems and system components can make substitutions easier to detect and therefore limit damage.
Related control: SA-3.
SA-18 (2) Tamper Resistance and Detection - Inspection of Information Systems, components, or devices
The organisation inspects [Assignment: organisation-defined information systems, system components, or devices] [Selection (one or more): at random; at [Assignment: organisation- defined frequency], upon [Assignment: organisation-defined indications of need for inspection]] to detect tampering.
Supplemental Guidance: This control enhancement addresses both physical and logical tampering and is typically applied to mobile devices, notebook computers, or other system components taken out of organisation-controlled areas. Indications of need for inspection include, for example, when individuals return from travel to high-risk locations.
Related control: SI-4.