Least Functionality | Authorized Software — Allow-by-exception
Configuration Management
NIST Control Text
Identify [Assignment: organization-defined software programs authorized to execute on the system];
Employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs on the system; and
Review and update the list of authorized software programs [Assignment: organization-defined frequency].
NIST Discussion
Authorized software programs can be limited to specific versions or from a specific source. To facilitate a comprehensive authorized software process and increase the strength of protection for attacks that bypass application level authorized software, software programs may be decomposed into and monitored at different levels of detail. These levels include applications, application programming interfaces, application modules, scripts, system processes, system services, kernel functions, registries, drivers, and dynamic link libraries. The concept of permitting the execution of authorized software may also be applied to user actions, system ports and protocols, IP addresses/ranges, websites, and MAC addresses. Organizations consider verifying the integrity of authorized software programs using digital signatures, cryptographic checksums, or hash functions. Verification of authorized software can occur either prior to execution or at system startup. The identification of authorized URLs for websites is addressed in CA-3(5) and SC-7.
SL5 Supplemental Guidance
Weight Enclaves employ deny-all, permit-by-exception policies ensuring only vetted code executes with direct access to covered models. Authorized software undergoes testing and evaluation appropriate to the nation-state threat model (see SA-11) and cryptographic signing per SC-12 before deployment. Interactive coding environments are prohibited within Weight Enclaves; all code must complete testing and signing before enclave deployment.
The broader SL5 Network (outside Weight Enclaves) supports rapid prototyping and experimentation by enabling the execution of code that has not passed the full human review process. A primary use case is automated AI R&D where covered models generate and execute research experiments; these experiments execute in confined physical or virtual machine environments with limited privileges in the broader SL5 Network, not within Weight Enclaves. Organizations apply allow-by-exception principles for software executing outside confined environments, balancing development velocity with security.