Cyber Resilience

NIST 800-53 r5 · Controls catalogue · Family SR

SR-10Inspection of Systems or Components

Inspect the following systems or system components {{ insert: param, sr-10_odp.02 }} to detect tampering: {{ insert: param, sr-10_odp.01 }}.

Last updated: 04 July 2026 00:28 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: partial · 1 mapping(s) from 1 framework(s): CSF 2.0 1 (partial)

See the full cumulative-coverage rollup →

Implementations targeting this control (0)

ATT&CK techniques this control mitigates (0)

Weaknesses this control addresses (7)AI

CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.

CWE Name CVEs Why this control addresses it
CWE-829Inclusion of Functionality from Untrusted Control Sphere298Inspection can detect malicious functionality that was included from an untrusted sphere through tampering or supply-chain attack.
CWE-494Download of Code Without Integrity Check252Post-download inspection serves as a compensating control that detects code tampering when integrity checks were not performed at acquisition time.
CWE-506Embedded Malicious Code85Direct inspection of components can detect embedded malicious code inserted through supply-chain or runtime tampering.
CWE-912Hidden Functionality79Inspection can reveal hidden functionality that an attacker has introduced via tampering or unauthorized modification.
CWE-1191On-Chip Debug and Test Interface With Improper Access Control20Inspection of on-chip debug/test interfaces can identify tampering or unauthorized access that those interfaces enable.
CWE-1242Inclusion of Undocumented Features or Chicken Bits14Inspection can uncover undocumented features or chicken bits that result from tampering or malicious insertion.
CWE-1263Improper Physical Access Control13Physical inspection directly detects tampering that occurs when physical access controls are absent or bypassed.

Top CVEs where this control is the strongest mitigation

CVE Risk CVSS EPSS Match
CVE-2026-43003 UPD5.58.00.0084good

Other controls in family SR

SR-1 SR-11 SR-12 SR-2 SR-3 SR-4 SR-5 SR-6 SR-7 SR-8 SR-9