woodbe
commented
1 year ago Overall Goals:
- well-understood time for completion
- reproducibility for any level between labs (and vendors)
- same vendor going to 2 labs should end up with same result
- transparent results (easy to understand)
PADv1:
- publicly known
- Basic AP
PADv2:
-
includes PADv1 (some or all not clear)
-
publicly known
-
Basic-Enhanced/Medium AP
-
ATE_IND.1 only uses PADv2 PAI (derived only from PADv2, not PADv1 unless in combination)
What happens if the lab creates something for ATE_IND that actually causes a failure in the system that isn't actually part of the current toolkit?
According to the last meeting minutes, “Brian stated that to him, the goal would be to try to generally align the two sets of requirements such that they would be accepted by the other party (with minimal additional work if any). If this can be accomplished, then vendors would be able to perform one evaluation and know it would be valid for multiple purposes. This does not mean they have to be perfectly aligned, but close enough to be considered acceptable”.
I would like to suggest understanding main difference or commonality between the Bio-iTC evaluation and FIDO evaluation first to achieve the goal stated above.
Goals of the Bio-iTC PAD (or PADv1) evaluation are as follows.
The Bio-iTC prepared the detail recipes (i.e., toolboxes) for producing the PAIs to achieve these goals. I would like to know the goals of FIDO evaluations (I reviewed the FIDO spec but I am not sure if the FIDO evaluation has the same goals (espacially 2, 3 and 4)). If the FIDO evaluation can share the same goals as we have, we can safely work together to start harmonization between us.