A strategy for achievement of secure system function that embodies proactive and reactive protection capability of the system. Note 1: This strategy strives to prevent, minimize, or detect the events and conditions that can lead to the loss of an asset and the resultant adverse impact; prevent, minimize, or detect the loss of an asset or adverse asset impact; continuously deliver system capability at some acceptable level despite the impact of threats or uncertainty; and recover from an adverse asset impact to restore full system capability or to recover to some acceptable level of system capability. Note 2: The concept of secure function is adapted from historical and other secure system concepts such as Philosophy of Protection, Theory of Design and Operation, and Theory of Compliance.
Source(s):
NIST SP 800-160 Vol. 1

  A strategy for achievement of secure system function that embodies proactive and reactive protection capability of the system. Note 1: This strategy strives to prevent, minimize, or detect the events and conditions that can lead to the loss of an asset and the resultant adverse impact; prevent, minimize, or detect the loss of an asset or adverse asset impact; continuously deliver system capability at some acceptable level despite the impact of threats or uncertainty; and recover from an adverse asset impact to restore full system capability or to recover to some acceptable level of system capability. Note 2: The concept of secure function is adapted from historical and other secure system concepts such as Philosophy of Protection, Theory of Design and Operation, and Theory of Compliance.
Source(s):
NIST SP 800-160 Vol. 1