This domain refers to the methodologies, frameworks and tools that provide ground for having confidence that a system,software, service, process or network is working or has been designed to operate at the desired security target or according to a defined security policy.