Skip to content

SR-11: Component Authenticity

An OSCAL Control

Statement

    • a.

      Develop and implement anti-counterfeit policy and procedures that include the means to detect and prevent counterfeit components from entering the system; and

    • b.

      Report counterfeit system components to .

      • Requirement:

        CSOs must ensure that their supply chain vendors provide authenticity of software and patches and the vendor must have a plan to protect the development pipeline.