← Back to catalog
SA-17(2)
Security-relevant Components
System and Services Acquisition (SA)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description
Require the developer of the system, system component, or system service to: Define security-relevant hardware, software, and firmware; and Provide a rationale that the definition for security-relevant hardware, software, and firmware is complete.
Discussion
The security-relevant hardware, software, and firmware represent the portion of the system, component, or service that is trusted to perform correctly to maintain required security properties.
Implementation guidance
No content available.
CSF 2.0 crosswalk
No CSF mappings exist for this control.