SI-7
Software, Firmware, and Information Integrity
System and Information Integrity
The organization employs integrity verification tools to detect unauthorized changes to software, firmware, and information.
High PriorityAI-Relevant Control
Purpose
Ensure the integrity of software, firmware, and information to prevent unauthorized modifications.
AI Relevance
Critical for ensuring AI model integrity, preventing model tampering, and maintaining trust in AI system outputs and behavior.
Implementation Guidance
Implement file integrity monitoring, code signing, secure boot, and cryptographic integrity checks for all software and firmware components.
Assessment
Test integrity verification tools, verify integrity checks, review integrity monitoring logs, and validate integrity protection mechanisms.
Requirements
- 1Employ integrity verification tools to detect unauthorized changes to software
- 2Employ integrity verification tools to detect unauthorized changes to firmware
- 3Employ integrity verification tools to detect unauthorized changes to information
- 4Employ integrity verification tools to detect unauthorized changes to system configuration
- 5Employ integrity verification tools to detect unauthorized changes to system documentation
- 6Employ integrity verification tools to detect unauthorized changes to system procedures
- 7Employ integrity verification tools to detect unauthorized changes to system policies
- 8Employ integrity verification tools to detect unauthorized changes to system standards
- 9Employ integrity verification tools to detect unauthorized changes to system guidelines
Related Controls
Framework Context
NIST 800-53 Rev 5
Security and Privacy Controls for Federal Information Systems
Official Documentation →