← Back to catalog
SI-7

Software, Firmware, and Information Integrity

System and Information Integrity (SI)
Baselines
Low · Not includedModerate · IncludedHigh · Included
Description

Employ integrity verification tools to detect unauthorized changes to the following software, firmware, and information: [assignment] ; and Take the following actions when unauthorized changes to the software, firmware, and information are detected: [assignment].

Discussion

Unauthorized changes to software, firmware, and information can occur due to errors or malicious activity. Software includes operating systems (with key internal components, such as kernels or drivers), middleware, and applications. Firmware interfaces include Unified Extensible Firmware Interface (UEFI) and Basic Input/Output System (BIOS). Information includes personally identifiable information and metadata that contains security and privacy attributes associated with information. Integrity-checking mechanisms—including parity checks, cyclical redundancy checks, cryptographic hashes, and associated tools—can automatically monitor the integrity of systems and hosted applications.

Implementation guidance

No content available.

CSF 2.0 crosswalk
DE.CM-09Detect
ID.RA-09The authenticity and integrity of hardware and software are assessed prior to acquisition and useIdentify
PR.DS-01The confidentiality, integrity, and availability of data-at-rest are protectedProtect
PR.DS-02The confidentiality, integrity, and availability of data-in-transit are protectedProtect
PR.DS-10Protect
PR.PS-02Protect