NIST 800-53 REV 5 • SYSTEM AND COMMUNICATIONS PROTECTION

SC-3(4)Module Coupling and Cohesiveness

Implement security functions as largely independent modules that maximize internal cohesiveness within modules and minimize coupling between modules.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

The reduction of inter-module interactions helps to constrain security functions and manage complexity. The concepts of coupling and cohesion are important with respect to modularity in software design. Coupling refers to the dependencies that one module has on other modules. Cohesion refers to the relationship between functions within a module. Best practices in software engineering and systems security engineering rely on layering, minimization, and modular decomposition to reduce and manage complexity. This produces software modules that are highly cohesive and loosely coupled.

Practitioner Notes

Security functions should be built as independent modules that do not depend heavily on each other. If one module has a bug, it should not cascade into other security functions.

Example 1: Design your security architecture so that your authentication system (Active Directory), your encryption service (certificate authority), and your logging system (SIEM) each operate independently. A failure in your SIEM should not prevent users from authenticating.

Example 2: When developing custom security applications, follow modular design principles — separate input validation, authentication, authorization, and audit logging into distinct code modules with clean interfaces between them.

More System and Communications Protection Controls

SC-1 Policy and Procedures SC-2 Separation of System and User Functionality SC-2(1) Interfaces for Non-privileged Users SC-2(2) Disassociability