SP-T-1 — Attacker modifies startup-loaded configuration artifacts on disk
Component: Policy Engine. Mitigations: Configuration artifacts loaded at startup; file access controlled by OS. Action: Sign or checksum startup-loaded configuration files; detect changes at startup
| Property | Value |
|---|---|
| Section | Tampering |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-OPS-05 | Secure Configuration Management |
| SID-ACCESS-04 | SPOCP Policy-Based Query Authorization |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md