Vault/Secure Room Storage Standards - Intrusion Detection System (IDS) / Automated Entry Control System (AECS) Primary and Emergency Power Supply

An XCCDF Rule

Description

<VulnDiscussion>Failure to meet standards for ensuring that there is an adequate commercial and back-up power sources for IDS/AECS with uninterrupted failover to emergency power could result in a malfunction of the physical alarm and access control system. This could result in the undetected breach of classified open storage / secure rooms or vaults containing SIPRNet assets and undetected loss or compromise of classified material. REFERENCES: The Information Security Oversight Office (ISOO): http://www.archives.gov/isoo/ Implementing Directive for Protection of Classified (for Executive Order 13526), 32 CFR Parts 2001 and 2003 Classified National Security Information: paragraph 2001.43 Storage, (2) Secret. CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Enclosure C, paragraph 34. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: MP-4, PE-3, PE-5, PE-6(1) DoD Manual 5200.01, Volume 3, SUBJECT: DoD Information Security Program: Protection of Classified Information: Appendix to Enclosure 3, paragraphs 2.d.(7)(a) and (b). DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016, Chapter 5, Section 9. Intrusion Detection Systems.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-245814r822871_rule
Severity: Medium
Updated: 23 days ago

Fixes - Primary Power:

Fix #1. Ensure primary power for all Intrusion Detection System (IDS) equipment and Automated Entry Control system (AECS) equipment is either commercial AC or DC power. 

Fix #2. Ensure that in the event of commercial power failure at either the secure room/area or monitor station, the equipment changes power sources without causing an intrusion alarm indication. An Uninterrupted Power Supply (UPS) will be required for this to occur.   
Fixes - Emergency (Backup) Power:

Fix #1. Ensure that emergency power consists of a protected independent backup power source that provides a minimum of 8-hours operating battery and/or generator power. When batteries are used for emergency power, they shall be maintained at full charge by automatic charging circuits. The manufacturer's periodic maintenance schedule shall be followed and results documented.

Fix #2.  Power Source and Failure Indication:  Ensure that an illuminated indication exists at the Power Control Unit (PCU) of the power source in use (AC or DC).  

Fix #3. Ensure equipment at the IDS/AECS monitor station indicates a failure in power source, a change in power source, and the location of the failure or change.

Vault/Secure Room Storage Standards - Intrusion Detection System (IDS) / Automated Entry Control System (AECS) Primary and Emergency Power Supply

Description

Remediation - Manual Procedure