SR 9 TAMPER RESISTANCE AND DETECTION - NIST-SP-800-53-R5/NIST-SP-800-53-R5.github.io GitHub Wiki

Control: Implement a tamper protection program for the system, system component, or system service.

Discussion: Anti-tamper technologies, tools, and techniques provide a level of protection for systems, system components, and services against many threats, including reverse engineering, modification, and substitution. Strong identification combined with tamper resistance and/or tamper detection is essential to protecting systems and components during distribution and when in use.

Related Controls: PE-3 , PM-30 , SA-15 , SI-4 , SI-7 , SR-3 , SR-4 , SR-5 , SR-10 , SR-11.

Control Enhancements:

• (1) TAMPER RESISTANCE AND DETECTION / MULTIPLE STAGES OF SYSTEM DEVELOPMENT LIFE CYCLE
  Employ anti-tamper technologies, tools, and techniques throughout the system development life cycle.

  Discussion: The system development life cycle includes research and development, design, manufacturing, acquisition, delivery, integration, operations and maintenance, and disposal. Organizations use a combination of hardware and software techniques for tamper resistance and detection. Organizations use obfuscation and self-checking to make reverse engineering and modifications more difficult, time-consuming, and expensive for adversaries. The customization of systems and system components can make substitutions easier to detect and therefore limit damage.

  Related Controls: SA-3.

References: [ISO 20243].