NIST 800-53 REV 5 • SYSTEM AND INFORMATION INTEGRITY
SI-13 — Predictable Failure Prevention
Determine mean time to failure (MTTF) for the following system components in specific environments of operation: {{ insert: param, si-13_odp.01 }} ; and Provide substitute system components and a means to exchange active and standby components in accordance with the following criteria: {{ insert: param, si-13_odp.02 }}.
Supplemental Guidance
While MTTF is primarily a reliability issue, predictable failure prevention is intended to address potential failures of system components that provide security capabilities. Failure rates reflect installation-specific consideration rather than the industry-average. Organizations define the criteria for the substitution of system components based on the MTTF value with consideration for the potential harm from component failures. The transfer of responsibilities between active and standby components does not compromise safety, operational readiness, or security capabilities. The preservation of system state variables is also critical to help ensure a successful transfer process. Standby components remain available at all times except for maintenance issues or recovery failures in progress.
Practitioner Notes
Predictable failure prevention means planning for component failures before they happen — using redundancy, monitoring, and replacement schedules to prevent outages.
Example 1: Monitor hard drive health using S.M.A.R.T. data and proactively replace drives that show signs of impending failure (increasing bad sectors, rising temperature). Use your monitoring tool to alert when any drive health metric crosses a warning threshold.
Example 2: Maintain a replacement schedule for critical infrastructure components. UPS batteries have a 3-5 year lifespan — replace them before they fail. Server hardware should be refreshed every 5-7 years. Document these schedules and budget for replacements.