DoD Cybersecurity T&E Guidebook

Department of Defense (DoD) systems increasingly depend upon complex, interconnected information technology (IT) environments. These environments are inherently vulnerable, providing opportunities for adversaries to compromise systems and negatively impact DoD missions. Potential cyber vulnerabilities, when combined with a determined and capable threat, pose a significant
security problem for the DoD and its warfighters. Cybersecurity test and evaluation (T&E) assists in the development and fielding of more secure, resilient systems to address this problem.

The purpose of this guidebook is to provide guidance to Chief Developmental Testers, Lead Developmental Test and Evaluation (DT&E) Organizations, Operational Test Agencies (OTAs) and the larger test community on planning, analysis, and implementation of cybersecurity T&E. Cybersecurity T&E consists of iterative processes, starting at the initiation of an acquisition and continuing throughout the entire life cycle.