Multiple Stages of System Development Life Cycle
Supply Chain Risk Management
NIST Control Text
Employ anti-tamper technologies, tools, and techniques throughout the system development life cycle.
NIST Discussion
The system development life cycle includes research and development, design, manufacturing, acquisition, delivery, integration, operations and maintenance, and disposal. Organizations use a combination of hardware and software techniques for tamper resistance and detection. Organizations use obfuscation and self-checking to make reverse engineering and modifications more difficult, time-consuming, and expensive for adversaries. The customization of systems and system components can make substitutions easier to detect and therefore limit damage.
SL5 Supplemental Guidance
Chip providers employ anti-tamper technologies throughout the accelerator development lifecycle, including design, manufacturing, and integration phases. An attacker who can modify the chip during manufacturing can install hardware backdoors that bypass all other security mechanisms.