Require the developer of the system, system component, or system service to produce a design specification and security architecture that accurately and completely describes the allocation of security controls among physical and logical components.
No STIG checks reference this CCI.