Test and Evaluation, Including High Assurance Evaluations and Trusted Delivery

Threats to IT and Critical Infrastructure continue to advance at an alarming rate. Critical industries targeted include Government, Finance, Energy, Food Processing and Telecommunications. For the past decade, IIT has provided the Independent High Assurance Evaluations and Trusted Delivery (HATD) Program to a U.S. Tier 1 Carrier with close oversight by a USG agency and to a major telecommunications vendor. IIT developed the policy framework and methodology required to implement the methodology, and continues to mature it to counter constantly evolving Advanced Persistent Threats (APTs), including very dangerous ransomware attacks.

High Assurance Evaluation includes:
• Comprehensive, standards based assessment of SW,FW,HW
• Threat-driven approach
• Static and dynamic testing and analysis of source code, firmware and binaries
• System level vulnerability testing
• Hardware analysis, testing and validation

Trusted Delivery includes:
• Validation of software binaries being delivered for deployment
• Countermeasures against supply chain integrity breaches
• Integration into patch and new release deployment processes
• Continuous verification, pre-deployment checks, and field testing

The US Government determined that HATD fully mitigated, validated, national security threats related to foreign investment in the telecom sector. Ongoing application of the HATD methodology was required in a formal National Security Agreement. The graphic below describes the flow of this process:

Want to know more about “Test and Evaluation, Including High Assurance Evaluations and Trusted Delivery”

or one of our other Cyber Security Solutions Services?