home || catalog: SP800-53rev3 / class: Operational / family: (SI) System and Information Integrity ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA
SA
SC
SI

SI-01
SI-02
SI-03
SI-04
SI-05
SI-06
SI-07
SI-08
SI-09
SI-10
SI-11
SI-12
SI-13 *
MMMMM

  SI-13: Predictable Failure Prevention  

base control objective:
The organization:
a. Protects the information system from harm by considering mean time to failure for [Assignment: organization-defined list of information system components] in specific environments of operation; and
b. Provides substitute information system components, when needed, and a mechanism to exchange active and standby roles of the components.

supplemental objective information:
While mean time to failure is primarily a reliability issue, this control focuses on the potential failure of specific components of the information system that provide security capability. Mean time to failure rates are defendable and based on considerations that are installation-specific, not industry average. The transfer of responsibilities between active and standby information system components does not compromise safety, operational readiness, or security (e.g., state variables are preserved). The standby component is available at all times except where a failure recovery is in progress, or for maintenance reasons.

enhancements to the base objective:

(1) The organization takes the information system component out of service by transferring component responsibilities to a substitute component no later than [Assignment: organization-defined fraction or percentage] of mean time to failure.

(2) The organization does not allow a process to execute without supervision for more than [Assignment: organization-defined time period].

(3) The organization manually initiates a transfer between active and standby information system components at least once per [Assignment: organization-defined frequency] if the mean time to failure exceeds [Assignment: organization-defined time period].

(4) The organization, if an information system component failure is detected:
(a) Ensures that the standby information system component successfully and transparently assumes its role within [Assignment: organization-defined time period]; and
(b) [Selection (one or more): activates [Assignment: organization-defined alarm]; automatically shuts down the information system].
Enhancement Supplemental Guidance: Automatic or manual transfer of roles to a standby unit may occur upon detection of a component failure.

mapping to FIPS199 baseline:

  LOW: null     MOD: null     HIGH: null  

related (regimented) controls:

CP-02   Contingency Plan

documents referenced in SP800-53rev3 for SI-13:

None.

Document Date Status Title

Search SP800-53rev3 catalog: