Common Criteria Testing
Accredited Testing & Evaluation Lab
Overview
The Leidos Common Criteria Testing Laboratory (CCTL) offers a variety of services to assist your organization’s security certification requirements including:
- Gap analysis and consulting – Leidos analysts can identify certification pathways for your products and identify areas where potential non-conformities should be addressed in order to ensure a smooth certification process. Leidos also advises on the specific claims that must be made as prerequisites for Commercial Solutions for Classified (CSfC) approval.
- Pre-Testing and Preparatory Evaluation – review of product functionality and development of test procedures prior to the actual evaluation can minimize your risk by identifying potential nonconformities on your own development schedule.
- Protection Profile Evaluation – Leidos is an NVLAP-accredited Common Criteria test laboratory, able to perform the full suite of CC validation services against the US-based Common Criteria Evaluation and Validation Scheme.
Leidos also has a certified Cryptographic and Security Testing Lab (CSTL) that can assist with the cryptographic and entropy-related requirements for Common Criteria certification, allowing for a single point of contact for all of your federal certification needs. Leidos CCTL has been an industry leader in CC certification since the standard’s inception, and our experienced staff bring decades of expertise across a diverse range of products.
At Leidos, our top priority is ensuring that your certification strategy aligns with your overall product strategy and business needs. Your success is our success, and we work with you to ensure that your investment in product certification meets your strategic goals.
Our Capabilities
The Leidos CCTL provides a full range of certification and consulting services across multiple disciplines, including:
Gap Analysis and Consulting
- Initial product assessment: Leidos will conduct a gap analysis to determine the most appropriate conformance claim for your product, evaluate your current functionality against the appropriate requirements, and provide a clear report on the expectations of the certification process and any potential product updates.
- Protection Profile consulting: Leidos will assist you in the creation of the vendor evidence for Protection Profile evaluation, including the product Security Target, entropy documentation, supplemental administrative guidance, and any other associated documentation that the claimed Protection Profile may require.
- Evaluation Assurance Level (EAL) consulting: For Common Criteria evaluations performed overseas that make EAL claims, Leidos can assist in scoping appropriate product functional claims and assist in the creation of required evidence.
- Commercial Solutions for Classified (CSfC): Leidos familiarity with the CSfC process allows us to give you appropriate guidance to ensure that your Common Criteria certification includes the necessary claims for CSfC conformance.
Pre-Testing and Preparatory Evaluation
-
Leidos will dry-run product functionality in a sample configuration to validate the product functional claims made during the gap analysis to ensure that the correct claims are being made prior to starting the formal evaluation.
Protection Profile Evaluation
- Documentation Review: Leidos will perform the required documentation evaluation and provide clear and actionable communication on any required product updates, including coordination with your subject matter experts and any Leidos staff acting in a consulting role.
- Product Testing: Leidos will perform the necessary functional and vulnerability testing to ensure that your product meets its functional claims to the required level.
Don’t see what you’re looking for? Contact Leidos through the form below with your specific needs and we can discuss how we can provide the needed assistance to help meet your objectives.
Applicability
Common Criteria, also known as ISO 15408, is an important product certification standard both in the US and internationally. Domestically, CNSSP #11 requires Common Criteria certification for “IA enabled” products in national security systems, which includes defense and Intelligence Community uses. Internationally, the Common Criteria is recognized by over 30 member nations in the Common Criteria Recognition Arrangement (CCRA), making this certification a critical part of government procurement worldwide.
Proven Success
With a legacy spanning more than two decades of demonstrated IT industry success, Leidos Accreditation Testing & Evaluation (AT&E) teams continue to reinforce our significant contributions as a frontrunner. We take immense pride in leading the industry not only in terms of volume but also in nurturing long-term partnerships, all while showcasing our widely recognized expertise. Our AT&E lab stands as a testament to our unwavering commitment to excellence, with a history of effectively certifying over 1,500 IT products across several diverse IT fields.
Leidos CCTL is accredited through the National Voluntary Lab Accreditation Program (NVLAP code 200427-0), demonstrating our own commitment to standards conformance.