A system that collects actual state data and compares the collected actual state data to the desired state specification to find security defects.
Sources:
NISTIR 8011 Vol. 1