diff --git a/features/fedramp_extensions.feature b/features/fedramp_extensions.feature
index 29eefbf85..b16a89b71 100644
--- a/features/fedramp_extensions.feature
+++ b/features/fedramp_extensions.feature
@@ -113,6 +113,7 @@ Examples:
| leveraged-authorization-nature-of-agreement |
| marking |
| missing-response-components |
+ | network-component-has-connection-security-prop |
| network-component-has-implementation-point |
| party-has-name |
| privilege-level |
@@ -334,6 +335,8 @@ Examples:
| marking-PASS.yaml |
| missing-response-components-FAIL.yaml |
| missing-response-components-PASS.yaml |
+ | network-component-has-connection-security-prop-FAIL.yaml |
+ | network-component-has-connection-security-prop-PASS.yaml |
| network-component-has-implementation-point-FAIL.yaml |
| network-component-has-implementation-point-PASS.yaml |
| party-has-name-FAIL.yaml |
diff --git a/src/validations/constraints/content/ssp-all-VALID.xml b/src/validations/constraints/content/ssp-all-VALID.xml
index 973e154a5..2137e2783 100644
--- a/src/validations/constraints/content/ssp-all-VALID.xml
+++ b/src/validations/constraints/content/ssp-all-VALID.xml
@@ -349,8 +349,10 @@
Secure connection to an external API for data enrichment.
+
-
+
+
Some description of the authentication method.
@@ -373,9 +375,10 @@
Briefly describe the external system.
+
-
+
diff --git a/src/validations/constraints/content/ssp-network-component-has-connection-security-prop-INVALID.xml b/src/validations/constraints/content/ssp-network-component-has-connection-security-prop-INVALID.xml
new file mode 100644
index 000000000..1475cf502
--- /dev/null
+++ b/src/validations/constraints/content/ssp-network-component-has-connection-security-prop-INVALID.xml
@@ -0,0 +1,25 @@
+
+
+
+
+ External API Connection
+
+ Secure connection to an external API for data enrichment.
+
+
+
+
+
+
+ 11111111-0000-4000-9000-000000000001
+
+
+ This connection is used for secure data exchange with external systems.
+
+
+
+
+
\ No newline at end of file
diff --git a/src/validations/constraints/fedramp-external-constraints.xml b/src/validations/constraints/fedramp-external-constraints.xml
index 108afb7ee..1a520be94 100644
--- a/src/validations/constraints/fedramp-external-constraints.xml
+++ b/src/validations/constraints/fedramp-external-constraints.xml
@@ -535,6 +535,11 @@
Leveraged Authorization Has System Identifier
A FedRAMP SSP MUST define exactly one system identifier for each leveraged authorization entry.
+
+
+ Network Component Has Connection Security Property
+
+ All network components in a FedRAMP SSP system implementation MUST define at least one interconnection security property.
Unique Asset Identifier
diff --git a/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-FAIL.yaml b/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-FAIL.yaml
new file mode 100644
index 000000000..bfebea130
--- /dev/null
+++ b/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-FAIL.yaml
@@ -0,0 +1,9 @@
+test-case:
+ name: Negative Test for network-component-has-connection-security-prop
+ description: >-
+ This test case validates the behavior of constraint
+ network-component-has-connection-security-prop
+ content: ../content/ssp-network-component-has-connection-security-prop-INVALID.xml
+ expectations:
+ - constraint-id: network-component-has-connection-security-prop
+ result: fail
diff --git a/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-PASS.yaml b/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-PASS.yaml
new file mode 100644
index 000000000..b9987997d
--- /dev/null
+++ b/src/validations/constraints/unit-tests/network-component-has-connection-security-prop-PASS.yaml
@@ -0,0 +1,9 @@
+test-case:
+ name: Positive Test for network-component-has-connection-security-prop
+ description: >-
+ This test case validates the behavior of constraint
+ network-component-has-connection-security-prop
+ content: ../content/ssp-all-VALID.xml
+ expectations:
+ - constraint-id: network-component-has-connection-security-prop
+ result: pass