Sources Sought Notice for Computer-Based Testing for the Cryptographic Validation Program

Active

Contract Opportunity

NOTICE ID NUMBER: NIST-SSN-25-770012

Title: Sources Sought Notice for Computer-Based Testing for the Cryptographic Validation Program (CVP)

The purpose of this sources sought notice is to conduct market research and identify potential sources of commercial products/services that satisfy the Government’s anticipated needs.

BACKGROUND

The National Institute of Science and Technology (NIST) Cryptographic Module Validation Program (CMVP) is required to validate cryptographic modules and cryptographic algorithms and to ensure independent National Voluntary Laboratory Accreditation Program (NVLAP) accredited laboratories meet competence and performance criteria for conducting algorithm and module testing. Cryptographic and Security Testing (CST) Laboratories are independent laboratories accredited by NVLAP. CST Labs verify each module meets a set of testable cryptographic and security requirements, with each CST laboratory submission reviewed and validated by CMVP. These labs are located around the world, including North America, Asia, Australia, and Europe.

NIST is seeking information from sources that may be capable of providing a solution that will achieve the objectives described below.

REQUIREMENTS

NIST requires contractor support to publish, administer, and update computer-based competency tests to testing centers near NVLAP accredited laboratories. The contractor is required to provide the following services:

• Computer-based competency exam publishing and administration to NVLAP accredited laboratory testers for the Security Testing, Validation and Measurement (STVM) Group’s cryptographic validation programs


• Competency exam maintenance, including vetting of new questions, balancing questions, removing or editing questions, and updating exams to incorporate changes


• Secure locations for taking exams worldwide


• ID verification capabilities


• On-line registration capabilities


• Majority of test centers shall be located within 50 miles of a lab (required for accessibility purposes)


• Capability to add new testing locations as new CST Labs come online
  
  

HOW TO RESPOND TO THIS NOTICE

In responding to this notice, please DO NOT PROVIDE PROPRIETARY INFORMATION. Please include only the information identified in the bullets below, readable in either Microsoft Word 365, Microsoft Excel 365, or Adobe .pdf format in the response. Submit the response by email to the Primary Point of Contact and, if specified, to the Secondary Point of Contact listed in this notice as soon as possible, and preferably before the closing date and time of this notice. Please note that to be considered for award under any official solicitation, the entity must be registered and “active” in SAM at the time of solicitation response.

• Provide the complete name of your company, address, name of contact for follow-up questions, their email, their phone number and, if your company has an active registration in https://sam.gov, your company’s Unique Entity ID (UEI).

• Describe performance capabilities of the service(s) your company recommends to meet the Government’s requirements. Additionally, if there are other features or functions that you believe would assist NIST in meeting its objectives described above, please discuss in your response.

• Identify any aspects of this market research notice that you cannot meet and state why. Please offer suggestions for how the market research notice and draft specifications could be made more competitive.

• For the NAICS code listed in this notice:

• 
  
  
  
  • Indicate whether your company is (a) a small business or (b) other than small business. See the Table of Small Business Size Standards and the associated .pdf download file for small business size standards and additional information.
  
  
  
  

• 
  
  
  
  • If you believe the NAICS code listed in this notice is not the best NAICS code for the type of product addressed in this notice, identify an alternative NAICS code that you believe would be more appropriate for the planned procurement.
  
  
  
  

• If the recommended services are available for purchase on any existing Federal Supply Schedule contract(s) or other contracts against which NIST may be able to place orders, identify the contract number(s) and other relevant information.

• Identify any customers in the public or private sectors to which you provided the recommended or similar services. Include customer(s) information: company name, phone number, point of contact, email address.

• Provide any other information that you believe would be valuable for NIST to know as part of its market research for this requirement.

• State if you require NIST to provide additional information to improve your understanding of the government’s requirement and/or would like to meet with NIST representatives to discuss the requirement and the capabilities of the identified equipment.

QUESTIONS REGARDING THIS NOTICE

Questions regarding this notice may be submitted via email to the Primary Point of Contact and the Secondary Point of Contact listed in this notice. Questions should be submitted so that they are received by January 22, 2025. If the Contracting Officer determines that providing a written amendment to this notice to document question(s) received would benefit other potential respondents, the questions would be anonymized, and a written response to such question(s) would be provided via an amendment to this notice.

IMPORTANT NOTES

This notice is for market research purposes and should not be construed as a commitment by NIST to issue a solicitation or ultimately award a contract. There is no solicitation available at this time.

This notice does not obligate the Government to award a contract or otherwise pay for the information provided in response.

NIST reserves the right to use information provided by respondents for any purpose deemed necessary and legally appropriate.

Any organization responding to this notice should ensure that its response is complete and sufficiently detailed to allow the Government to determine the organization’s capability.

Respondents are advised that the Government is under no obligation to acknowledge receipt of the information received or provide feedback to respondents with respect to any information submitted.

After a review of the responses received, a synopsis and solicitation may be published on GSA’s eBuy or SAM.gov. However, responses to this notice will not be considered an adequate response to any such solicitation(s).

The responses shall not exceed three (3) pages including all attachments, charts, etc.

Thank you for taking the time to submit a response to this request!

Attachments/Links