FedRAMP Control Explorer

Controls

Access Control

Assessment, Authorization, and Monitoring

Audit and Accountability

Awareness and Training

Configuration Management

Contingency Planning

Identification and Authentication

Incident Response

Maintenance

Media Protection

Personnel Security

Physical and Environmental Protection

Planning

Risk Assessment

Supply Chain Risk Management

System and Communications Protection

System and Information Integrity

System and Services Acquisition

SR-9 Tamper Resistance and Detection

Control

Implement a tamper protection program for the system, system component, or system service.

Requirement:

CSOs must ensure vendors provide authenticity of software and patches supplied to the service provider including documenting the safeguards in place.

Discussion

Anti-tamper technologies, tools, and techniques provide a level of protection for systems, system components, and services against many threats, including reverse engineering, modification, and substitution. Strong identification combined with tamper resistance and/or tamper detection is essential to protecting systems and components during distribution and when in use.

FedRAMP-Defined Assignment / Selection Parameters

N/A