SR-11 · Component Authenticity

Control Description

Develop and implement anti-counterfeit policy and procedures that include the means to detect and prevent counterfeit components from entering the system; and Report counterfeit system components to {{ insert: param, sr-11_odp.01 }}.

Impact Baselines
Security baselines where this control applies
Not in any baseline
Control Properties
SP800-53
organization
Assurance
Control Statement
The control requirements

a. Develop and implement anti-counterfeit policy and procedures that include the means to detect and prevent counterfeit components from entering the system; and

b. Report counterfeit system components to {{ insert: param, sr-11_odp.01 }}.

Supplemental Guidance

Sources of counterfeit components include manufacturers, developers, vendors, and contractors. Anti-counterfeiting policies and procedures support tamper resistance and provide a level of protection against the introduction of malicious code. External reporting organizations include CISA.

Related NIST Controls
Other NIST 800-53 controls related to this one
PE-03
SA-04
SI-07
SR-09
SR-10
References
International Organization for Standardization/International Electrotechnical Commission 20243-1:2018, *Information technology — Open Trusted Technology Provider™ Standard (O-TTPS) — Mitigating maliciously tainted and counterfeit products — Part 1: Requirements and recommendations* , February 2018.