Conclusion

To date, the project has:

1. Identified and sorted categories of test evidence required for CMVP validation that can readily be automated in a reporting format that is consistent with current Web CRYPTIK used by CMVP, and identified those test evidence classes for which manual processes are still needed.

2. Identified necessary schemas and protocols for report submission and validation for a scalable API-based architecture.

3. Designed and developed a cloud-based infrastructure required to support validation program automation.

Moving forward, the project staff plans in FY 2025 to:

1. Finalize a coordinated JSON structure for test evidence catalogue

2. Refine the research infrastructure to support enabling automated acceptance of test evidence and processing of functional test evidence from NVLAP-accredited parties

3. Streamline test methods for functional testing

4. Improve test requirement filtering capabilities

5. Demonstrate an ability for the CMVP staff to use an API to handle “comment round” interactions with NVLAP-accredited parties.