Unsteady Ground: Certification to Unstable Criteria

Cross Domain Systems for handling classified information complicate the certification test and evaluation problem, because along with multiple data owners comes duplicate responsibility for residual risk. Over-reliance on independent verification and validation by certifiers and accreditors representing different government agencies is interpreted as conflating the principle of defence-in-depth with the practice of repeated verification and validation testing. Using real-world examples of successful and unsuccessful certification test and evaluation efforts to guide the development of a new communication tool for accreditors, this research aims to reduce time and cost wasted on unnecessary retesting of the same or similar security requirements during security test and evaluation in multi-level environments