The National Cybersecurity Center of Excellence (NCCoE) has finalized its project description on the Automation of the Cryptographic Module Validation Program (CMVP). Increased automation is necessary because a number of elements of the current validation processes are manual in nature, making third-party testing and government validation of cryptographic modules often incompatible with industry requirements.
The NCCoE will solicit participation from industry to demonstrate first-party and third-party tests and test tools for automation of the CMVP, as well as first-party processes and means for communicating the results to NIST. In addition, this project will also result in practice descriptions in the form of papers, playbook generation, and implementation demonstrations, which aim to improve the ability and efficiency of organizations.
