Send E-Mail to NVLAP at: NVLAP@nist.gov
[31/2011]
Testing based on criteria in 45 CFR Part 170, Health Information Technology: Initial Set of Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology; Final Rule (July 28, 2010).
[31/2014]
Testing based on criteria in 45 CFR Part 170, Health Information Technology: Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology, 2014 Edition;
[ ]
Revisions to the Permanent Certification Program for Health Information Technology; Final Rule (September 4, 2012).
[31/NOTE1]
For 2011 Testing Criteria, test procedures are taken from "Approved Test Procedures Version 1.1", with each associated erratum where applicable effective October 24, 2010.
[31/NOTE2]
For 2014 Testing Criteria, test procedures are taken from the approved "2014 Edition Test Method", effective December 14, 2012, and include subsequent ONC-approved revisions of the Test Procedures, Test Data and Test Tools, as applicable.
[17BCS]
Basic Cryptographic and Security Testing
[17CAV]
Cryptographic Algorithm Validation Testing
[17CAV/01]
NIST - Cryptographic Algorithm Validation System (CAVS) for all FIPS-approved and NIST-recommended security functions as required in FIPS PUB 140-2 Annex A (and all superseded versions)
[17CMH1]
Cryptographic Modules – Hardware 1 Testing (FIPS 140-2 or successor, Security Level 1 to 3)
[17CMH1/01]
All test methods in accordance with FIPS 140-1, except those listed in 17CMH2/01
[17CMH1/02]
All test methods in accordance with FIPS 140-2, except those listed in 17CMH2/02 and CAVS
[17CMH2]
Cryptographic Modules – Hardware 2 Testing (FIPS 140-2 or successor, Security Level 4 and above)
[17CMH2/01]
Test methods for Physical Security Level 4, in accordance with FIPS 140-1
[17CMH2/02]
Test methods for Physical Security Level 4, in accordance with FIPS 140-2
[17CMS1]
Cryptographic Modules – Software 1 Testing (FIPS 140-2 or successor, Security Level 1 to 3)
[17CMS1/01]
All test methods in accordance with FIPS 140-1, except those listed in 17CMS2/01
[17CMS1/02]
All test methods in accordance with FIPS 140-2, except those listed in 17CMS2/02 and CAVS
[17CMS2]
Cryptographic Modules – Software 2 Testing (FIPS 140-2 or successor, Security Level 4 and above)
[17CMS2/01]
Test methods for Software Security Level 4, in accordance with FIPS 140-1
[17CMS2/02]
Test methods for Software Security Level 4, in accordance with FIPS 140-2
[17PIV]
Personal Identity Verification Testing (NPIVP, FIPS 201)
[17PIV/01]
PIV Card Applications Conformance Test Suite for products meeting specifications in the Federal Information Processing Standard 201 and NIST Special Publication 800-73 or their successors
[17PIV/02]
PIV Middleware Conformance Test Suite for products meeting specifications in the Federal Information Processing Standard 201 and NIST Special Publication 800-73 or their successors
[26/A01] ISO/IEC 15408
Information Tech. - Security Techniques - Evaluation Criteria for IT Security
Common Evaluation Methodology for Information Technology Security:
Part 1 - Introduction and general model
Part 2 - Evaluation methodology
[26/A01a]
APE: Protection Profile evaluation
[26/A01b]
ASE: Security Target evaluation
[26/A01c]
EAL1: Evaluation assurance level 1
[26/A01d]
EAL2: Evaluation assurance level 2
[26/A01e]
EAL3: Evaluation assurance level 3
[26/A01f]
EAL4: Evaluation assurance level 4
Return to NVLAP Program Listing