๐ผ SA-17 (4) INFORMAL CORRESPONDENCE
- Contextual name: ๐ผ SA-17 (4) INFORMAL CORRESPONDENCE
- ID:
/frameworks/nist-sp-800-53-r4/sa/17/04 - Located in: ๐ผ SA-17 DEVELOPER SECURITY ARCHITECTURE AND DESIGN
Descriptionโ
The organization requires the developer of the information system, system component, or information system service to: SA-17 (4)(a) Produce, as an integral part of the development process, an informal descriptive top-level specification that specifies the interfaces to security-relevant hardware, software, and firmware in terms of exceptions, error messages, and effects; SA-17 (4)(b) Show via [Selection: informal demonstration, convincing argument with formal methods as feasible] that the descriptive top-level specification is consistent with the formal policy model; SA-17 (4)(c) Show via informal demonstration, that the descriptive top-level specification completely covers the interfaces to security-relevant hardware, software, and firmware; SA-17 (4)(d) Show that the descriptive top-level specification is an accurate description of the interfaces to security-relevant hardware, software, and firmware; and SA-17 (4)(e) Describe the security-relevant hardware, software, and firmware mechanisms not addressed in the descriptive top-level specification but strictly internal to the security-relevant hardware, software, and firmware.
Similarโ
- Internal
- ID:
dec-c-3874d665
- ID:
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|