Cryptographic and Security Testing Laboratory (CSTL)

SCAP Accreditation

The SAIC CSTL is offering Security Content Automation Protocol (SCAP) accreditation testing.

Contact us for information.

Trying to select a cryptographic and security testing laboratory?

SAIC is now your single source for testing and evaluation. We know the Common Criteria, we know the Federal Information Processing Standard (FIPS) 140, and we know how they play together.

The SAIC Cryptographic and Security Testing Laboratory (CSTL) has received accreditation from the National Institute of Standards and Technology (NIST), National Voluntary Laboratory Accreditation Program (NVLAP) for the testing of FIPS 140-1 and FIPS 140-2, Security Requirements for Cryptographic Modules, and for testing FIPS-approved algorithms.

Why evaluate?

Federal agencies that specify cryptography require your module to be certified as compliant with FIPS 140-2. FIPS 140-2 requires the use of cryptography that has been validated for the protection of sensitive data within federal information systems.

FIPS 140-2 Validation Testing

The SAIC process includes a FIPS 140 initial assessment that helps clients define the cryptographic module boundary and assess the state of all required documentation and FIPS 140-2 validation testing for security levels 1-4 for both software and hardware implementations. Your module and the required documentation are verified at the SAIC CSTL to ensure compliance to the derived test requirements (DTR).

As a separate service, SAIC also offers Finite State Model and Security Policy documentation guidance and creation,

Algorithm Validation Testing

SAIC verifies your algorithm implementation is compliant with a FIPS approved algorithm and submits passing results to the Cryptographic Module Validation Program for issuance of algorithm validation certificates.

Cost

  • All FIPS 140-2 cost quotes are firm fixed price.
  • Discount FIPS 140-2 pricing is available to SAIC Common Criteria clients.

Schedule

SAIC CSTL has the ability to take on new work quickly. Our management approach utilizes a large number of expert evaluators and technical personnel who work on multiple projects. This approach enables us to begin new projects without waiting for current evaluations to be completed.

Documentation

FIPS 140-2 security level testing requires specific documentation from the vendor that includes a Security Policy, User and Crypto-Officer manual, design documentation, design assurance, attack mitigation, and other information. The SAIC CSTL can help you find the best strategy for creating these materials.

Select CSTL Customers

AirDefense Logo
Asigra Logo
Foundry Networks Logo
Giritech Logo
Lumension Logo
Midland Logo
Nitro Security Logo
riverbed Logo
Secure Elements Logo
Sun Logo
Tenable Logo
Tripwire Logo
    
Access Data Logo
 
 
    

Related Information

Interested? Contact Us!


SAIC Corporate Headquarters:
10260 Campus Point Drive
San Diego, CA 92121
www.saic.com

Products & Services Phone:
1-800-430-7629
+44 (0) 845 366 7242 in the UK
+44 (0) 1355 845526 all other European locations