Accreditation and Testing Services

A Market Leader in IT Security Evaluation and Testing

SAIC is accredited to provide required IT security evaluation and testing services for commercial companies and the DoD under four international certification standards. Our technical excellence has allowed our Common Criteria and Federal Information Processing Standard laboratories to dominate their markets.

Common Criteria Testing

SAIC provides a complete range of testing and support services, including design reviews, security target creation, and CC evaluation at all Evaluation Assurance Levels (EAL) Levels 1-7. We can also provide documentation consulting and creation for all the required assurance documentation that includes user, design, delivery, configuration, and test. Learn more »

FIPS 140-2 and FIPS 201 Cryptographic Testing

SAIC provides Federal Information Processing Standard (FIPS) 140-2 testing and support services including validation testing, design reviews, security policy documentation guidance, FIPS 140-2 cryptographic module testing for Security Levels 1-4, and algorithm validation testing. We also can provide documentation strategy and support for security policies, user and crypto-officer manuals, design documentation, design assurance, and attack mitigation. Learn more »

SAIC provides FIPS 201 testing and support services in support of PIV Middleware and Card Application as specified in the GSA FIPS 201 Evaluation Program and the NIST Personal Identity Verification Program (NPIVP). Learn more »

Payment Card Industry Data Security Standard Validation

The Payment Card Industry (PCI) Data Security Standard (DSS) is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures. This comprehensive standard is required by the major credit card issuers to help organizations proactively protect customer account data. Learn more »

Secure Content Automation Protocol Accreditation and Testing

The Secure Content Automation Protocol (SCAP) tests and monitors systems for security issues such as software deficiencies, configuration issues and other vulnerabilities. SCAP testing helps to ensure that a computer's configuration is within the guidelines set by the Federal Desktop Core Configuration, a group of security-sensitive configuration settings developed by the National Institute of Standards and Technology (NIST) and the National Security Agency. Learn more »

Side Channel Vulnerability Analysis

SAIC's CSTL offers side channel vulnerability analysis. We can review and test your cryptographic implementations to determine whether they are vulnerable to side channel attacks. Learn more »

Transportation Worker Identification Credential (TWIC) Testing

SAIC is accredited to perform Transportation Worker Identification Credential (TWIC) card reader evaluations. Our laboratories, which offer cryptographic and security testing, has been accredited under National Voluntary Laboratory Accreditation Program (NVLAP) and Transportation Security Administration (TSA) to offer TWIC testing and evaluation according to the guidelines of the Department of Homeland Security Identity and Privilege Credential Management (DHSIPCM) program. Learn more »

Certification and Accreditation (C&A) Planning and Support

SAIC also assists federal agencies with all phases of their certification and accreditation (C&A) planning to comply with all government regulations and guidance, including Appendix III of OMB A-130, National Institute of Standards and Technology Certification and Accreditation Process guidelines (NIST 800 series) and the Defense Information Assurance Certification and Accreditation Process (DIACAP). Learn more »