{ "$TMF_VERSION": "1.4", "PublicationDateTime": "2021-04-26T00:00:00.000Z", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SI-6: Security Function Verification. Applicable to HIGH impact systems.", "Keywords": [ "800-53", "High", "Information Integrity", "NIST", "P1", "Security", "Security Function Verification", "System" ], "Issuer": { "Identifier": "https://trustmarkinitiative.org/", "PrimaryContact": { "Email": "help@trustmarkinitiative.org", "Telephone": "555-555-5555", "Kind": "PRIMARY", "WebsiteURL": "https://trustmarkinitiative.org/", "Responder": "" }, "Name": "TMI" }, "Sources": [{ "Identifier": "SP800-53R4", "Reference": "NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4<\/a>.", "$id": "source-2112165102" }], "Name": "NIST SP 800-53 r4 Security Control SI-6: Security Function Verification", "TrustExpression": "TD_ref1 and TD_ref2 and TD_ref3 and TD_ref4 and TD_ref5 and TD_ref6 and TD_ref7 and TD_ref8", "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-si-6_-security-function-verification/4/", "Version": "4", "References": {"TrustmarkDefinitionRequirements": [ { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---system-actions-on-anomaly-discovery/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system performs organization-defined action(s) when anomalies are discovered.", "Number": 1, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---system-actions-on-anomaly-discovery/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system performs organization-defined action(s) when anomalies are discovered.", "Number": 1, "Version": "1.0", "Name": "Security Function Verification - System Actions on Anomaly Discovery" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Security Function Verification - System Actions on Anomaly Discovery", "$id": "TD_ref1" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---performed-based-on-system-state/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system verifies the correct operation of organization-defined security functions upon organization-defined system transitional states.", "Number": 2, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---performed-based-on-system-state/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system verifies the correct operation of organization-defined security functions upon organization-defined system transitional states.", "Number": 2, "Version": "1.0", "Name": "Security Function Verification - Performed Based on System State" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Security Function Verification - Performed Based on System State", "$id": "TD_ref2" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---performed-periodically/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system verifies the correct operation of organization-defined security functions at an organization-defined frequency.", "Number": 3, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---performed-periodically/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system verifies the correct operation of organization-defined security functions at an organization-defined frequency.", "Number": 3, "Version": "1.0", "Name": "Security Function Verification - Performed Periodically" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Security Function Verification - Performed Periodically", "$id": "TD_ref3" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---performed-manually/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system verifies the correct operation of organization-defined security functions upon command by user with appropriate privilege.", "Number": 4, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---performed-manually/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system verifies the correct operation of organization-defined security functions upon command by user with appropriate privilege.", "Number": 4, "Version": "1.0", "Name": "Security Function Verification - Performed Manually" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Security Function Verification - Performed Manually", "$id": "TD_ref4" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---system-shutdown-on-anomaly-discovery/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system shuts the information system down when anomalies are discovered.", "Number": 5, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---system-shutdown-on-anomaly-discovery/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system shuts the information system down when anomalies are discovered.", "Number": 5, "Version": "1.0", "Name": "Security Function Verification - System Shutdown on Anomaly Discovery" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Security Function Verification - System Shutdown on Anomaly Discovery", "$id": "TD_ref5" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification-of-defined-functions/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system verifies the correct operation of organization-defined security functions.", "Number": 6, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification-of-defined-functions/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system verifies the correct operation of organization-defined security functions.", "Number": 6, "Version": "1.0", "Name": "Security Function Verification of Defined Functions" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Security Function Verification of Defined Functions", "$id": "TD_ref6" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---system-restart-on-anomaly-discovery/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system restarts the information system when anomalies are discovered.", "Number": 7, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---system-restart-on-anomaly-discovery/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system restarts the information system when anomalies are discovered.", "Number": 7, "Version": "1.0", "Name": "Security Function Verification - System Restart on Anomaly Discovery" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Security Function Verification - System Restart on Anomaly Discovery", "$id": "TD_ref7" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---notification/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system notifies organization-defined personnel or roles of failed security verification tests.", "Number": 8, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/security-function-verification---notification/1.0/", "Description": "Defines conformance and assessment criteria for verifying that an information system notifies organization-defined personnel or roles of failed security verification tests.", "Number": 8, "Version": "1.0", "Name": "Security Function Verification - Notification" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Security Function Verification - Notification", "$id": "TD_ref8" } ]}, "Primary": "false", "LegalNotice": "This document and the information contained herein is provided on an \"AS IS\" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.", "$Type": "TrustInteroperabilityProfile" }