diff --git a/fsw/crypto_util/app/et_dt_validation.c b/fsw/crypto_util/app/et_dt_validation.c
index c905e39e..ee4be7ba 100644
--- a/fsw/crypto_util/app/et_dt_validation.c
+++ b/fsw/crypto_util/app/et_dt_validation.c
@@ -21,7 +21,7 @@
 
 #include "et_dt_validation.h"
 #include "utest.h"
-#include <python3.8/Python.h>
+#include <Python.h>
 
 #include "sadb_routine.h"
 #include "crypto_error.h"
@@ -82,20 +82,19 @@ void python_auth_encryption(char* data, char* key, char* iv, char* header, char*
 UTEST(ET_VALIDATION, AUTH_ENCRYPTION_TEST)
 {
     //Setup & Initialize CryptoLib
-    Crypto_Init();
+    Crypto_Init_Unit_Test();
 
     uint8* expected = NULL;
     long expected_length = 0;
 
     char *activate_sa4_h  = "2003002000ff000100001880d2c9000e197f0b001b0004000400003040d95ea61a";
-    char *enc_test_ping_h = "20030415001880d2ca0008197f0b0031000039c5a111";               
+    char *enc_test_ping_h = "2003041600ff1880d2ca0008197f0b0031000039c5082d";               
 
     uint8 *activate_sa4_b, *enc_test_ping_b = NULL;
     int activate_sa4_len, enc_test_ping_len = 0;
 
     hex_conversion(activate_sa4_h, &activate_sa4_b, &activate_sa4_len);
     hex_conversion(enc_test_ping_h, &enc_test_ping_b, &enc_test_ping_len);
-
     SecurityAssociation_t* test_association = NULL;
     test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(unsigned char));
 
@@ -106,16 +105,12 @@ UTEST(ET_VALIDATION, AUTH_ENCRYPTION_TEST)
     TC_t *tc_sdls_processed_frame;
     tc_sdls_processed_frame = malloc(sizeof(uint8) * TC_SIZE);
     memset(tc_sdls_processed_frame, 0, (sizeof(uint8) * TC_SIZE));
-
     // Ensure that Process Security can activate SA 4
     Crypto_TC_ProcessSecurity(activate_sa4_b, &activate_sa4_len, tc_sdls_processed_frame);
-    
     // Expose SA 1 for testing
     expose_sadb_get_sa_from_spi(1,&test_association);
-
     // Deactive SA 1
     test_association->sa_state = SA_NONE;
-
     // Expose SA 4 for testing
     expose_sadb_get_sa_from_spi(4, &test_association);
     test_association->arc_len = 0;
@@ -123,17 +118,16 @@ UTEST(ET_VALIDATION, AUTH_ENCRYPTION_TEST)
     test_association->iv[11] = 1;
     test_association->ast = 1;
     test_association->est = 1;
-    Crypto_TC_ApplySecurity(enc_test_ping_b, enc_test_ping_len, &ptr_enc_frame, &enc_frame_len);
-
+    
+    int32 ret_status = Crypto_TC_ApplySecurity(enc_test_ping_b, enc_test_ping_len, &ptr_enc_frame, &enc_frame_len);
     // Get Truth Baseline
     python_auth_encryption("1880d2ca0008197f0b0031000039c5", "FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210", "000000000000000000000001", "2003043400FF0004", "00", &expected, &expected_length);
 
     for(int i = 0; i < expected_length; i++)
     {
-        //printf("[%d]: %02x -> %02x \n", i, expected[i], ptr_enc_frame[i]);
+        printf("[%d]: %02x -> %02x \n", i, expected[i], ptr_enc_frame[i]);
         ASSERT_EQ(expected[i], ptr_enc_frame[i]);
     }
-
     free(activate_sa4_b);
     free(enc_test_ping_b);
     free(ptr_enc_frame); 
@@ -145,11 +139,11 @@ UTEST(ET_VALIDATION, AUTH_ENCRYPTION_TEST)
 UTEST(DT_VALIDATION, AUTH_DECRYPTION_TEST)
 {
     //Setup & Initialize CryptoLib
-    Crypto_Init();
+    Crypto_Init_Unit_Test();
 
     char *activate_sa4_h  = "2003002000ff000100001880d2c9000e197f0b001b0004000400003040d95ea61a"; 
-    char *dec_test_ping_h = "2003043400FF00040000000000000000000000017E1D8EEA8D45CEBA17888E0CDCD747DC78E5F372F997F2A63AA5DFC168395DC987"; 
-    char *enc_test_ping_h = "1880d2ca0008197f0b0031000039c5";              
+    char *dec_test_ping_h = "2003043400FF00040000000000000000000000017E1D8EEA8D45CEBA17888E0CDCD747DC78E5F372F997F2A63AA5DFC168395DC987";   
+    char *enc_test_ping_h = "1880d2ca0008197f0b0031000039c5";
 
     uint8 *activate_sa4_b, *dec_test_ping_b, *enc_test_ping_b = NULL;
     int activate_sa4_len, dec_test_ping_len, enc_test_ping_len = 0;
@@ -186,6 +180,7 @@ UTEST(DT_VALIDATION, AUTH_DECRYPTION_TEST)
 
     Crypto_TC_ProcessSecurity(dec_test_ping_b, &dec_test_ping_len, tc_sdls_processed_frame);
 
+    Crypto_Shutdown();
     for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++)
     {
         ASSERT_EQ(enc_test_ping_b[i], tc_sdls_processed_frame->tc_pdu[i]);
@@ -204,11 +199,15 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    //Crypto_Init_Unit_Test();
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8";
-    char *buffer_nist_pt_h  = "2003001100722ee47da4b77424733546c2d400c4e51069";
+    char *buffer_nist_pt_h  = "2003001600722ee47da4b77424733546c2d400c4e567a8";
     char *buffer_nist_iv_h  = "b6ac8e4963f49207ffd6374c";
     char *buffer_nist_ct_h  = "1224dfefb72a20d49e09256908874979";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL;
@@ -242,8 +241,10 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0)
     // Note: For comparison, interested in the TF payload (exclude headers and FECF if present)
     // Calc payload index: total length - pt length
     uint16 enc_data_idx = enc_frame_len - buffer_nist_ct_len - 2;
+    Crypto_Shutdown();
     for (int i=0; i<buffer_nist_pt_len-7; i++)
     {
+        printf("[%d]: %02x -> %02x \n", i, *(ptr_enc_frame+enc_data_idx), buffer_nist_ct_b[i]);
         ASSERT_EQ(*(ptr_enc_frame+enc_data_idx), buffer_nist_ct_b[i]);
         enc_data_idx++;
     }
@@ -261,11 +262,14 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8";
-    char *buffer_nist_pt_h  = "2003001100722ee47da4b77424733546c2d400c4e51069";
+    char *buffer_nist_pt_h  = "2003001600722ee47da4b77424733546c2d400c4e567a8";
     char *buffer_nist_iv_h  = "b6ac8e4963f49207ffd6374c";
     char *buffer_nist_et_h  = "2003002500FF0009B6AC8E4963F49207FFD6374C1224DFEFB72A20D49E09256908874979AD6F";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL;
@@ -301,8 +305,11 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0)
 
     Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame);
 
+    Crypto_Shutdown();
+
     for(int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++)
     {
+        printf("[%d]: %02x -> %02x \n", i, buffer_nist_pt_b[i+5], tc_nist_processed_frame->tc_pdu[i]);
         ASSERT_EQ(buffer_nist_pt_b[i+5], tc_nist_processed_frame->tc_pdu[i]);
     }
 
@@ -318,11 +325,14 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399";
-    char *buffer_nist_pt_h  = "2003001100419635e6e12b257a8ecae411f94480ffa02a";
+    char *buffer_nist_pt_h  = "2003001600419635e6e12b257a8ecae411f94480ff56be";
     char *buffer_nist_iv_h  = "1af2613c4184dbd101fcedce";
     char *buffer_nist_ct_h  = "9cd21f414f1f54d5f6f58b1f2f77e5b6";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL;
@@ -356,6 +366,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1)
     // Note: For comparison, interested in the TF payload (exclude headers and FECF if present)
     // Calc payload index: total length - pt length
     uint16 enc_data_idx = enc_frame_len - buffer_nist_ct_len - 2;
+    Crypto_Shutdown();
     for (int i=0; i<buffer_nist_pt_len-7; i++)
     {
         ASSERT_EQ(*(ptr_enc_frame+enc_data_idx), buffer_nist_ct_b[i]);
@@ -373,11 +384,14 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399";
-    char *buffer_nist_pt_h  = "2003001100419635e6e12b257a8ecae411f94480ffa02a";
+    char *buffer_nist_pt_h  = "2003001600419635e6e12b257a8ecae411f94480ff56be";
     char *buffer_nist_iv_h  = "1af2613c4184dbd101fcedce";
     char *buffer_nist_et_h  = "2003002500FF00091AF2613C4184DBD101FCEDCE9CD21F414F1F54D5F6F58B1F2F77E5B66987";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL;
@@ -413,6 +427,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1)
 
     Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame);
 
+    Crypto_Shutdown();
     for(int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++)
     {
         ASSERT_EQ(buffer_nist_pt_b[i+5], tc_nist_processed_frame->tc_pdu[i]);
@@ -430,11 +445,14 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "7ecc9dcb3d5b413cadc3af7b7812758bd869295f8aaf611ba9935de76bd87013";
-    char *buffer_nist_pt_h  = "200300110073d4d7984ce422ac983797c0526ac6f9ba60";
+    char *buffer_nist_pt_h  = "200300160073d4d7984ce422ac983797c0526ac6f9446b";
     char *buffer_nist_iv_h  = "6805be41e983717bf6781052";
     char *buffer_nist_ct_h  = "487211dd440f4d09d00bc5c3158a822c";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL;
@@ -468,6 +486,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2)
     // Note: For comparison, interested in the TF payload (exclude headers and FECF if present)
     // Calc payload index: total length - pt length
     uint16 enc_data_idx = enc_frame_len - buffer_nist_ct_len - 2;
+    Crypto_Shutdown();
     for (int i=0; i<buffer_nist_pt_len-7; i++)
     {
         ASSERT_EQ(*(ptr_enc_frame+enc_data_idx), buffer_nist_ct_b[i]);
@@ -485,11 +504,14 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "7ecc9dcb3d5b413cadc3af7b7812758bd869295f8aaf611ba9935de76bd87013";
-    char *buffer_nist_pt_h  = "200300110073d4d7984ce422ac983797c0526ac6f9ba60";
+    char *buffer_nist_pt_h  = "200300160073d4d7984ce422ac983797c0526ac6f9446b";
     char *buffer_nist_iv_h  = "6805be41e983717bf6781052";
     char *buffer_nist_et_h  = "2003002500FF00096805BE41E983717BF6781052487211DD440F4D09D00BC5C3158A822C46E3";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL;
@@ -525,6 +547,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2)
 
     Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame);
 
+    Crypto_Shutdown();
     for(int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++)
     {
         ASSERT_EQ(buffer_nist_pt_b[i+5], tc_nist_processed_frame->tc_pdu[i]);
@@ -542,11 +565,14 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "a881373e248615e3d6576f5a5fb68883515ae72d6a2938e3a6f0b8dcb639c9c0";
-    char *buffer_nist_pt_h  = "200300110007d1dc9930e710b1ebe533c81f671101ba60";
+    char *buffer_nist_pt_h  = "200300160007d1dc9930e710b1ebe533c81f671101e43c";
     char *buffer_nist_iv_h  = "f0b744f157087df4e41818a9";
     char *buffer_nist_ct_h  = "b65a2878b9dddbd4a0204dae6a6a6fc0";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL;
@@ -580,6 +606,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3)
     // Note: For comparison, interested in the TF payload (exclude headers and FECF if present)
     // Calc payload index: total length - pt length
     uint16 enc_data_idx = enc_frame_len - buffer_nist_ct_len - 2;
+    Crypto_Shutdown();
     for (int i=0; i<buffer_nist_pt_len-7; i++)
     {
         ASSERT_EQ(*(ptr_enc_frame+enc_data_idx), buffer_nist_ct_b[i]);
@@ -597,11 +624,14 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "a881373e248615e3d6576f5a5fb68883515ae72d6a2938e3a6f0b8dcb639c9c0";
-    char *buffer_nist_pt_h  = "200300110007d1dc9930e710b1ebe533c81f671101ba60";
+    char *buffer_nist_pt_h  = "200300160007d1dc9930e710b1ebe533c81f671101e43c";
     char *buffer_nist_iv_h  = "f0b744f157087df4e41818a9";
     char *buffer_nist_et_h  = "2003002500FF0009F0B744F157087DF4E41818A9B65A2878B9DDDBD4A0204DAE6A6A6FC0C327";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL;
@@ -637,6 +667,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3)
 
     Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame);
 
+    Crypto_Shutdown();
     for(int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++)
     {
         ASSERT_EQ(buffer_nist_pt_b[i+5], tc_nist_processed_frame->tc_pdu[i]);
@@ -654,11 +685,14 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "84c90349539c2a7989cb24dfae5e4182382ae94ba717d385977017f74f0d87d6";
-    char *buffer_nist_pt_h  = "200300110031c4e1d0ccece6b7a999bfc31f38559ab87b";
+    char *buffer_nist_pt_h  = "200300160031c4e1d0ccece6b7a999bfc31f38559af5dd";
     char *buffer_nist_iv_h  = "eeddeaf4355c826dfd153393";
     char *buffer_nist_ct_h  = "5c6cfbdd06c19445ecf500c21aeca173";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL;
@@ -692,6 +726,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4)
     // Note: For comparison, interested in the TF payload (exclude headers and FECF if present)
     // Calc payload index: total length - pt length
     uint16 enc_data_idx = enc_frame_len - buffer_nist_ct_len - 2;
+    Crypto_Shutdown();
     for (int i=0; i<buffer_nist_pt_len-7; i++)
     {
         ASSERT_EQ(*(ptr_enc_frame+enc_data_idx), buffer_nist_ct_b[i]);
@@ -709,11 +744,14 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "84c90349539c2a7989cb24dfae5e4182382ae94ba717d385977017f74f0d87d6";
-    char *buffer_nist_pt_h  = "200300110031c4e1d0ccece6b7a999bfc31f38559ab87b";
+    char *buffer_nist_pt_h  = "200300160031c4e1d0ccece6b7a999bfc31f38559af5dd";
     char *buffer_nist_iv_h  = "eeddeaf4355c826dfd153393";
     char *buffer_nist_et_h  = "2003002500FF0009EEDDEAF4355C826DFD1533935C6CFBDD06C19445ECF500C21AECA1738A7D";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL;
@@ -749,6 +787,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4)
 
     Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame);
 
+    Crypto_Shutdown();
     for(int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++)
     {
         ASSERT_EQ(buffer_nist_pt_b[i+5], tc_nist_processed_frame->tc_pdu[i]);
@@ -778,14 +817,17 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223";
-    char *buffer_nist_pt_h  = "200300040028C2"; // Empty Transfer frame
+    char *buffer_nist_pt_h  = "200300060028C2"; // Empty Transfer frame
     char *buffer_nist_iv_h  = "d79cf22d504cc793c3fb6c8a";
     char *buffer_nist_aad_h = "b96baa8c1c75a671bfb2d08d06be5f36"; // Zeroed out by abm
-    char *buffer_cyber_chef_mac_h = "79238ca36970658073f5d59d7aa874ef";
+    char *buffer_cyber_chef_mac_h = "77e98911a1704df3d9745bc7b97cc66d";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_nist_aad_b, *buffer_cyber_chef_mac_b = NULL;
     int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_key_len, buffer_nist_aad_len, buffer_cyber_chef_mac_len = 0;
 
@@ -801,7 +843,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0)
     test_association->est = 0;
     test_association->arc_len = 0;
     test_association->shivf_len = 12;
-    test_association->abm_len = 20;
+    test_association->abm_len = 19;
     test_association->stmacf_len = 16;
     test_association->sa_state = SA_OPERATIONAL;
 
@@ -824,6 +866,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0)
     // Note: For comparison, interested in the TF payload (exclude headers and FECF if present)
     // Calc payload index: total length - pt length
     uint16 enc_data_idx = enc_frame_len - buffer_cyber_chef_mac_len - 2;
+    Crypto_Shutdown();
     for (int i=0; i<buffer_cyber_chef_mac_len; i++)
     {
         // printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_cyber_chef_mac_b[i], *(ptr_enc_frame+enc_data_idx));
@@ -847,13 +890,16 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1)
     uint8 *ptr_enc_frame = NULL;
     uint16 enc_frame_len = 0;
     // Setup & Initialize CryptoLib
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_NO_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     // NOTE: Added Transfer Frame header to the plaintext
     char *buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223";
-    char *buffer_nist_pt_h  = "200300040028C2"; // Empty Transfer frame
+    char *buffer_nist_pt_h  = "200300060028C2"; // Empty Transfer frame
     char *buffer_nist_iv_h  = "d79cf22d504cc793c3fb6c8a";
-    char *buffer_cyber_chef_mac_h = "08b3adfaa8305fe08a6bf6a12507ea39";
+    char *buffer_cyber_chef_mac_h = "629c2143c30e2f8450b059cd559a7102";
     uint8 *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b = NULL;
     int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_key_len, buffer_cyber_chef_mac_len = 0;
 
@@ -869,7 +915,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1)
     test_association->est = 0;
     test_association->arc_len = 0;
     test_association->shivf_len = 12;
-    test_association->abm_len = 20;
+    test_association->abm_len = 19;
     memset(test_association->abm, 0xFF, (test_association->abm_len*sizeof(unsigned char))); // Bitmask
     test_association->stmacf_len = 16;
     test_association->sa_state = SA_OPERATIONAL;
@@ -892,9 +938,11 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1)
     // Note: For comparison, primarily interested in the MAC
     // Calc payload index: total length - pt length
     uint16 enc_data_idx = enc_frame_len - buffer_cyber_chef_mac_len - 2;
+    Crypto_Shutdown();
+
     for (int i=0; i<buffer_cyber_chef_mac_len; i++)
     {
-        //printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_cyber_chef_mac_b[i], *(ptr_enc_frame+enc_data_idx));
+        printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_cyber_chef_mac_b[i], *(ptr_enc_frame+enc_data_idx));
         ASSERT_EQ(*(ptr_enc_frame+enc_data_idx), buffer_cyber_chef_mac_b[i]);
         enc_data_idx++;
     }
@@ -911,7 +959,10 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0)
 {
     // Setup & Initialize CryptoLib
     uint16 enc_frame_len = 0;
-    Crypto_Init();  
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Init();
     // NIST supplied vectors
     char *buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223";
     char *buffer_nist_iv_h  = "d79cf22d504cc793c3fb6c8a";
@@ -979,6 +1030,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0)
         printf("\n");
     #endif
 
+    Crypto_Shutdown();
     // Verify the MAC
     for (int i=0; i < tc_nist_processed_frame->tc_pdu_len; i++)
     {
@@ -995,5 +1047,5 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0)
     free(buffer_nist_mac_frame_b);
     free(buffer_nist_cp_b);
 }
-
+ 
 UTEST_MAIN();
diff --git a/fsw/crypto_util/app/ut_tc_apply.c b/fsw/crypto_util/app/ut_tc_apply.c
index 88982a44..34beec5a 100644
--- a/fsw/crypto_util/app/ut_tc_apply.c
+++ b/fsw/crypto_util/app/ut_tc_apply.c
@@ -39,7 +39,7 @@ UTEST(TC_APPLY_SECURITY, NO_CRYPTO_INIT)
     int raw_tc_sdls_ping_len = 0;
 
     hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len);
-    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE,0x3F);
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, 0x3F);
     Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
 
     uint8 *ptr_enc_frame = NULL;
diff --git a/fsw/public_inc/crypto.h b/fsw/public_inc/crypto.h
index 0117b747..65113223 100644
--- a/fsw/public_inc/crypto.h
+++ b/fsw/public_inc/crypto.h
@@ -41,7 +41,7 @@
 */
 
 // Crypto Library Configuration functions
-extern int32 Crypto_Config_CryptoLib(uint8 sadb_type, uint8 crypto_create_fecf, uint8 process_sdls_pdus, uint8 has_pus_hdr, uint8 ignore_sa_state, uint8 ignore_anti_replay, uint8 vcid_bitmask);
+extern int32 Crypto_Config_CryptoLib(uint8 sadb_type, uint8 crypto_create_fecf, uint8 process_sdls_pdus, uint8 has_pus_hdr, uint8 ignore_sa_state, uint8 ignore_anti_replay, uint8 unique_sa_per_mapid, uint8 vcid_bitmask);
 extern int32 Crypto_Config_MariaDB(char* mysql_username, char* mysql_password, char* mysql_hostname, char* mysql_database, uint16 mysql_port);
 extern int32 Crypto_Config_Add_Gvcid_Managed_Parameter(uint8 tfvn, uint16 scid, uint8 vcid, uint8 has_fecf, uint8 has_segmentation_hdr);
 
diff --git a/fsw/public_inc/crypto_config_structs.h b/fsw/public_inc/crypto_config_structs.h
index 808ade46..4f3d22de 100644
--- a/fsw/public_inc/crypto_config_structs.h
+++ b/fsw/public_inc/crypto_config_structs.h
@@ -35,6 +35,7 @@ typedef enum { TC_PROCESS_SDLS_PDUS_FALSE, TC_PROCESS_SDLS_PDUS_TRUE } TcProcess
 typedef enum { TC_NO_PUS_HDR, TC_HAS_PUS_HDR } TcPusHdrPresent;
 typedef enum { TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_SA_STATE_TRUE } TcIgnoreSaState;
 typedef enum { TC_IGNORE_ANTI_REPLAY_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE } TcIgnoreAntiReplay;
+typedef enum { TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE } TcUniqueSaPerMapId;
 
 /*
 ** Main Crypto Configuration Block
@@ -47,6 +48,7 @@ typedef struct
     TcPusHdrPresent has_pus_hdr;
     TcIgnoreSaState ignore_sa_state; //TODO - add logic that uses this configuration
     TcIgnoreAntiReplay ignore_anti_replay; //TODO - add logic that uses this configuration
+    TcUniqueSaPerMapId unique_sa_per_mapid;
     uint8 vcid_bitmask;
 } CryptoConfig_t;
 #define CRYPTO_CONFIG_SIZE (sizeof(CryptoConfig_t))
diff --git a/fsw/public_inc/crypto_structs.h b/fsw/public_inc/crypto_structs.h
index fce80e88..61c07012 100644
--- a/fsw/public_inc/crypto_structs.h
+++ b/fsw/public_inc/crypto_structs.h
@@ -250,7 +250,8 @@ typedef struct
     uint16	fl		:10;		// The whole transfer frame length (max 1024)
     uint8	fsn		:8;			// Frame sequence number, also N(S), zeroed on Type-B frames
 } TC_FramePrimaryHeader_t;
-#define TC_FRAME_PRIMARYHEADER_SIZE     (sizeof(TC_FramePrimaryHeader_t))
+#define TC_FRAME_PRIMARYHEADER_STRUCT_SIZE     (sizeof(TC_FramePrimaryHeader_t))
+#define TC_FRAME_HEADER_SIZE    5
 
 typedef struct
 {
diff --git a/fsw/src/crypto.c b/fsw/src/crypto.c
index c302540c..2da3bc1d 100644
--- a/fsw/src/crypto.c
+++ b/fsw/src/crypto.c
@@ -129,8 +129,9 @@ static uint16 crc16Table[256];
 int32 Crypto_Init_Unit_Test(void)
 {
     int32 status = OS_SUCCESS;
-    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE,0x3F);
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, 0x3F);
     Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
+    Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,1,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
     status = Crypto_Init();
     return status;
 }
@@ -233,7 +234,7 @@ int32 Crypto_Shutdown(void)
 }
 
 
-int32 Crypto_Config_CryptoLib(uint8 sadb_type, uint8 crypto_create_fecf, uint8 process_sdls_pdus, uint8 has_pus_hdr, uint8 ignore_sa_state, uint8 ignore_anti_replay, uint8 vcid_bitmask)
+int32 Crypto_Config_CryptoLib(uint8 sadb_type, uint8 crypto_create_fecf, uint8 process_sdls_pdus, uint8 has_pus_hdr, uint8 ignore_sa_state, uint8 ignore_anti_replay, uint8 unique_sa_per_mapid, uint8 vcid_bitmask)
 {
     int32 status = OS_SUCCESS;
     crypto_config = (CryptoConfig_t*) calloc(1, CRYPTO_CONFIG_SIZE);
@@ -243,6 +244,7 @@ int32 Crypto_Config_CryptoLib(uint8 sadb_type, uint8 crypto_create_fecf, uint8 p
     crypto_config->has_pus_hdr=has_pus_hdr;
     crypto_config->ignore_sa_state=ignore_sa_state;
     crypto_config->ignore_anti_replay=ignore_anti_replay;
+    crypto_config->unique_sa_per_mapid = unique_sa_per_mapid;
     crypto_config->vcid_bitmask=vcid_bitmask;
     return status;
 }
@@ -843,7 +845,7 @@ static int32 Crypto_Get_tcPayloadLength(TC_t* tc_frame, SecurityAssociation_t *s
     int seg_hdr = 0;if(current_managed_parameters->has_segmentation_hdr==TC_HAS_SEGMENT_HDRS){seg_hdr=1;}
     int fecf = 0;if(current_managed_parameters->has_fecf==TC_HAS_FECF){fecf=FECF_SIZE;}
     int spi = 2;
-    int iv_size = sa_ptr->shivf_len; if(crypto_config->has_pus_hdr==TC_HAS_PUS_HDR){iv_size=sa_ptr->shivf_len - 1;} //For some reason, the interoperability tests with PUS header frames work with a 12 byte TC IV, so we'll use that for those.
+    int iv_size = sa_ptr->shivf_len;
     int mac_size = sa_ptr->stmacf_len;
 
     #ifdef TC_DEBUG
@@ -858,7 +860,7 @@ static int32 Crypto_Get_tcPayloadLength(TC_t* tc_frame, SecurityAssociation_t *s
         OS_printf("\tTOTAL LENGTH: %d\n", (tc_frame->tc_header.fl - (tf_hdr + seg_hdr + spi + iv_size ) - (mac_size + fecf)));
     #endif
 
-    return (tc_frame->tc_header.fl - (tf_hdr + seg_hdr + spi + iv_size ) - (mac_size + fecf) );
+    return (tc_frame->tc_header.fl + 1 - (tf_hdr + seg_hdr + spi + iv_size ) - (mac_size + fecf) );
 }
 
 static int32 Crypto_Get_tmLength(int len)
@@ -2263,6 +2265,7 @@ static int32 Crypto_Get_Managed_Parameters_For_Gvcid(uint8 tfvn,uint16 scid,uint
     }
     else
     {
+        OS_printf(KRED "Error: Managed Parameters for GVCID(TFVN: %d, SCID: %d, VCID: %d) not found. \n" RESET,tfvn,scid,vcid);
         return status;
     }
 }
@@ -2294,6 +2297,7 @@ int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_len
     uint8 aad[20];
     gcry_cipher_hd_t tmp_hd;
     gcry_error_t gcry_error = GPG_ERR_NO_ERROR;
+    uint16 new_enc_frame_header_field_length = 0;
 
     #ifdef DEBUG
         OS_printf(KYEL "\n----- Crypto_TC_ApplySecurity START -----\n" RESET);
@@ -2437,27 +2441,31 @@ int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_len
         {
             case SA_PLAINTEXT:
                 // Ingest length + spi_index (2) + some variable length fields
-                    *p_enc_frame_len = in_frame_length + 2 + sa_ptr->shplf_len;
+                *p_enc_frame_len = temp_tc_header.fl + 1 + 2 + sa_ptr->shplf_len;
+                new_enc_frame_header_field_length = (*p_enc_frame_len) - 1;
             case SA_AUTHENTICATION:
                 // Ingest length + spi_index (2) + shivf_len (varies) + shsnf_len (varies) \
                 //   + shplf_len + arc_len + pad_size + stmacf_len
-                *p_enc_frame_len = in_frame_length + 2 + sa_ptr->shivf_len + sa_ptr->shsnf_len + \
+                *p_enc_frame_len = temp_tc_header.fl + 1 + 2 + sa_ptr->shivf_len + sa_ptr->shsnf_len + \
                 sa_ptr->shplf_len + sa_ptr->arc_len + TC_PAD_SIZE + sa_ptr->stmacf_len;
+                new_enc_frame_header_field_length = (*p_enc_frame_len) - 1;
             case SA_ENCRYPTION:
                 // Ingest length + spi_index (2) + shivf_len (varies) + shsnf_len (varies) \
                 //   + shplf_len + arc_len + pad_size
-                *p_enc_frame_len = in_frame_length + 2 + sa_ptr->shivf_len + sa_ptr->shsnf_len + \
+                *p_enc_frame_len = temp_tc_header.fl + 1 + 2 + sa_ptr->shivf_len + sa_ptr->shsnf_len + \
                 sa_ptr->shplf_len + sa_ptr->arc_len + TC_PAD_SIZE;
+                new_enc_frame_header_field_length = (*p_enc_frame_len) - 1;
             case SA_AUTHENTICATED_ENCRYPTION:
                 // Ingest length + spi_index (2) + shivf_len (varies) + shsnf_len (varies) \
                 //   + shplf_len + arc_len + pad_size + stmacf_len
-                *p_enc_frame_len = in_frame_length + 2 + sa_ptr->shivf_len + sa_ptr->shsnf_len + \
+                *p_enc_frame_len = temp_tc_header.fl + 1 + 2 + sa_ptr->shivf_len + sa_ptr->shsnf_len + \
                 sa_ptr->shplf_len + sa_ptr->arc_len + TC_PAD_SIZE + sa_ptr->stmacf_len;
+                new_enc_frame_header_field_length = (*p_enc_frame_len) - 1;
         }
 
         #ifdef TC_DEBUG
             OS_printf(KYEL "DEBUG - Total TC Buffer to be malloced is: %d bytes\n" RESET, *p_enc_frame_len);
-            OS_printf(KYEL "\tlen of TF\t = %d\n" RESET, in_frame_length);
+            OS_printf(KYEL "\tlen of TF\t = %d\n" RESET, temp_tc_header.fl);
             //OS_printf(KYEL "\tsegment hdr\t = 1\n" RESET); // TODO: Determine presence of this so not hard-coded
             OS_printf(KYEL "\tspi len\t\t = 2\n" RESET);
             OS_printf(KYEL "\tshivf_len\t = %d\n" RESET, sa_ptr->shivf_len);
@@ -2467,9 +2475,9 @@ int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_len
             OS_printf(KYEL "\tpad_size\t = %d\n" RESET, TC_PAD_SIZE);
             OS_printf(KYEL "\tstmacf_len\t = %d\n" RESET, sa_ptr->stmacf_len);
         #endif
-
+        
         // Accio buffer
-        p_new_enc_frame = (uint8 *)malloc(*p_enc_frame_len * sizeof (unsigned char));
+        p_new_enc_frame = (uint8 *)malloc((*p_enc_frame_len) * sizeof (unsigned char));
         if(!p_new_enc_frame)
         {
             OS_printf(KRED "Error: Malloc for encrypted output buffer failed! \n" RESET);
@@ -2479,27 +2487,27 @@ int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_len
         CFE_PSP_MemSet(p_new_enc_frame, 0, *p_enc_frame_len);
 
         // Copy original TF header
-        CFE_PSP_MemCpy(p_new_enc_frame, p_in_frame, TC_FRAME_PRIMARYHEADER_SIZE);
+        CFE_PSP_MemCpy(p_new_enc_frame, p_in_frame, TC_FRAME_PRIMARYHEADER_STRUCT_SIZE);
 
         // Set new TF Header length
         // Recall: Length field is one minus total length per spec
-        *(p_new_enc_frame+2) = ((*(p_new_enc_frame+2) & 0xFC) | (((*p_enc_frame_len - 1) & (0x0300)) >> 8));
-        *(p_new_enc_frame+3) = ((*p_enc_frame_len - 1) & (0x00FF));
+        *(p_new_enc_frame+2) = ((*(p_new_enc_frame + 2) & 0xFC) | (((new_enc_frame_header_field_length) & (0x0300)) >> 8));
+        *(p_new_enc_frame+3) = ((new_enc_frame_header_field_length) & (0x00FF));
 
         #ifdef TC_DEBUG
             OS_printf(KYEL "Printing updated TF Header:\n\t");
-            for (int i=0; i<TC_FRAME_PRIMARYHEADER_SIZE; i++)
+            for (int i=0; i<TC_FRAME_HEADER_SIZE; i++)
             {
                 OS_printf("%02X", *(p_new_enc_frame+i));
             }
             // Recall: The buffer length is 1 greater than the field value set in the TCTF
-            OS_printf("\n\tLength set to 0x%02X\n" RESET, *p_enc_frame_len-1);
+            OS_printf("\n\tLength set to 0x%02X\n" RESET, new_enc_frame_header_field_length);
         #endif
 
         /*
         ** Start variable length fields
         */
-        uint16_t index = TC_FRAME_PRIMARYHEADER_SIZE;
+        uint16_t index = TC_FRAME_HEADER_SIZE; //Frame header is 5 bytes
 
         if(current_managed_parameters->has_segmentation_hdr==TC_HAS_SEGMENT_HDRS){
             index++; //Add 1 byte to index because segmentation header used for this gvcid.
@@ -2585,11 +2593,11 @@ int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_len
         // Will be over-written if using encryption later
         // and if it was present in the original TCTF
         //if FECF
-        // Even though FECF is not part of apply_security payload, we still have to subtract the length from the in_frame_length since that includes FECF length & segment header length.
-        tf_payload_len = in_frame_length - TC_FRAME_PRIMARYHEADER_SIZE - segment_hdr_len - fecf_len;
+        // Even though FECF is not part of apply_security payload, we still have to subtract the length from the temp_tc_header.fl since that includes FECF length & segment header length.
+        tf_payload_len = temp_tc_header.fl - TC_FRAME_HEADER_SIZE - segment_hdr_len - fecf_len + 1;
         //if no FECF
-        //tf_payload_len = in_frame_length - TC_FRAME_PRIMARYHEADER_SIZE;
-        CFE_PSP_MemCpy((p_new_enc_frame+index), (p_in_frame+TC_FRAME_PRIMARYHEADER_SIZE), tf_payload_len);
+        //tf_payload_len = temp_tc_header.fl - TC_FRAME_PRIMARYHEADER_STRUCT_SIZE;
+        CFE_PSP_MemCpy((p_new_enc_frame+index), (p_in_frame+TC_FRAME_PRIMARYHEADER_STRUCT_SIZE), tf_payload_len);
         //index += tf_payload_len;
 
         /*
@@ -2691,12 +2699,12 @@ int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_len
                 (sa_service_type == SA_AUTHENTICATED_ENCRYPTION))
             {
                 // TODO: More robust calculation of this location
-                // uint16 output_loc = TC_FRAME_PRIMARYHEADER_SIZE + 1 + 2 + temp_SA.shivf_len + temp_SA.shsnf_len + temp_SA.shplf_len;
+                // uint16 output_loc = TC_FRAME_PRIMARYHEADER_STRUCT_SIZE + 1 + 2 + temp_SA.shivf_len + temp_SA.shsnf_len + temp_SA.shplf_len;
                 #ifdef TC_DEBUG
                     OS_printf("Encrypted bytes output_loc is %d\n", index);
                     OS_printf("tf_payload_len is %d\n", tf_payload_len);
                     OS_printf(KYEL "Printing TC Frame prior to encryption:\n\t");
-                    for(int i=0; i < *p_enc_frame_len; i++)
+                    for(int i=0; i < new_enc_frame_header_field_length; i++)
                     {
                         OS_printf("%02X", *(p_new_enc_frame + i));
                     }
@@ -2707,7 +2715,7 @@ int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_len
                     tmp_hd,
                     &p_new_enc_frame[index],                              // ciphertext output
                     tf_payload_len,		 		                    // length of data
-                    (p_in_frame + TC_FRAME_PRIMARYHEADER_SIZE + segment_hdr_len),       // plaintext input
+                    (p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len),       // plaintext input
                     tf_payload_len                                  // in data length
                 );
 
@@ -2722,7 +2730,7 @@ int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_len
                     OS_printf("Encrypted bytes output_loc is %d\n", index);
                     OS_printf("tf_payload_len is %d\n", tf_payload_len);
                     OS_printf(KYEL "Printing TC Frame after encryption:\n\t");
-                    for(int i=0; i < *p_enc_frame_len; i++)
+                    for(int i=0; i < new_enc_frame_header_field_length; i++)
                     {
                         OS_printf("%02X", *(p_new_enc_frame + i));
                     }
@@ -2734,7 +2742,7 @@ int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_len
                 (sa_service_type == SA_AUTHENTICATED_ENCRYPTION))
             {
                 // TODO - Know if FECF exists
-                mac_loc = *p_enc_frame_len - sa_ptr->stmacf_len - FECF_SIZE;
+                mac_loc = TC_FRAME_HEADER_SIZE + segment_hdr_len + 2 + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len + tf_payload_len;
                 #ifdef MAC_DEBUG
                     OS_printf(KYEL "MAC location is: %d\n" RESET, mac_loc);
                     OS_printf(KYEL "MAC size is: %d\n" RESET, MAC_SIZE);
@@ -2776,11 +2784,11 @@ int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_len
         {
             // Set FECF Field if present
             #ifdef FECF_DEBUG
-            OS_printf(KCYN "Calcing FECF over %d bytes\n" RESET, *p_enc_frame_len - 2);
+            OS_printf(KCYN "Calcing FECF over %d bytes\n" RESET, new_enc_frame_header_field_length - 1);
             #endif
-            new_fecf = Crypto_Calc_FECF(p_new_enc_frame, *p_enc_frame_len - 2);
-            *(p_new_enc_frame + *p_enc_frame_len - 2) = (uint8) ((new_fecf & 0xFF00) >> 8);
-            *(p_new_enc_frame + *p_enc_frame_len - 1) = (uint8) (new_fecf & 0x00FF);
+            new_fecf = Crypto_Calc_FECF(p_new_enc_frame, new_enc_frame_header_field_length - 1);
+            *(p_new_enc_frame + new_enc_frame_header_field_length - 1) = (uint8) ((new_fecf & 0xFF00) >> 8);
+            *(p_new_enc_frame + new_enc_frame_header_field_length ) = (uint8) (new_fecf & 0x00FF);
             index += 2;
         }
 
@@ -2790,7 +2798,7 @@ int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_len
             {
                 OS_printf("%02X", *(p_new_enc_frame + i));
             }
-            OS_printf("\n\tThe returned length is: %d\n" RESET, *p_enc_frame_len);
+            OS_printf("\n\tThe returned length is: %d\n" RESET, new_enc_frame_header_field_length);
         #endif
 
         *pp_in_frame = p_new_enc_frame;
@@ -2816,6 +2824,13 @@ int32 Crypto_TC_ProcessSecurity( char* ingest, int* len_ingest,TC_t* tc_sdls_pro
     gcry_error_t gcry_error = GPG_ERR_NO_ERROR;
     SecurityAssociation_t* sa_ptr = NULL;
 
+    if(crypto_config == NULL)
+    {
+        OS_printf(KRED "ERROR: CryptoLib Configuration Not Set! -- CRYPTO_LIB_ERR_NO_CONFIG, Will Exit\n" RESET);
+        status = CRYPTO_LIB_ERR_NO_CONFIG;
+        return status;
+    }
+
     #ifdef DEBUG
         OS_printf(KYEL "\n----- Crypto_TC_ProcessSecurity START -----\n" RESET);
     #endif
@@ -3202,7 +3217,7 @@ int32 Crypto_TC_ProcessSecurity( char* ingest, int* len_ingest,TC_t* tc_sdls_pro
         }
 
         tc_sdls_processed_frame->tc_pdu_len = Crypto_Get_tcPayloadLength(tc_sdls_processed_frame, sa_ptr);
-
+        
         x = x + tc_sdls_processed_frame->tc_pdu_len;
 
         #ifdef TC_DEBUG
@@ -3375,6 +3390,7 @@ int32 Crypto_TC_ProcessSecurity( char* ingest, int* len_ingest,TC_t* tc_sdls_pro
         #ifdef TC_DEBUG
             OS_printf(KYEL "IV: \n\t");
         #endif
+        
         for (x = byte_idx; x < (byte_idx + sa_ptr->shivf_len); x++)
         {
             tc_sdls_processed_frame->tc_sec_header.iv[x-byte_idx] = (uint8)ingest[x];
@@ -3382,6 +3398,7 @@ int32 Crypto_TC_ProcessSecurity( char* ingest, int* len_ingest,TC_t* tc_sdls_pro
                 OS_printf("%02x", tc_sdls_processed_frame->tc_sec_header.iv[x-byte_idx]);
             #endif
         }
+       
         #ifdef TC_DEBUG
             OS_printf("\n"RESET);
         #endif
@@ -3453,14 +3470,13 @@ int32 Crypto_TC_ProcessSecurity( char* ingest, int* len_ingest,TC_t* tc_sdls_pro
             return status;
         }
         tc_sdls_processed_frame->tc_pdu_len = Crypto_Get_tcPayloadLength(tc_sdls_processed_frame, sa_ptr);
-        
+    
         // Copy pdu data from ingest into memory
         for(int i=0; i<tc_sdls_processed_frame->tc_pdu_len; i++)
         {
             tc_sdls_processed_frame->tc_pdu[i] = ingest[x];
             x++;
         }
-
         // x = x + tc_sdls_processed_frame->tc_pdu_len;
         
         #ifdef TC_DEBUG
diff --git a/fsw/src/sadb_routine_inmemory.template.c b/fsw/src/sadb_routine_inmemory.template.c
index a9fad1e3..bea0fc91 100644
--- a/fsw/src/sadb_routine_inmemory.template.c
+++ b/fsw/src/sadb_routine_inmemory.template.c
@@ -290,7 +290,8 @@ static int32 sadb_get_operational_sa_from_gvcid(uint8 tfvn,uint16 scid,uint16 vc
 
     for (int i=0; i<10; i++)
     {
-        if ((sa[i].gvcid_tc_blk.tfvn == tfvn) && (sa[i].gvcid_tc_blk.scid == scid) && (sa[i].gvcid_tc_blk.vcid == vcid) && (sa[i].gvcid_tc_blk.mapid == mapid && sa[i].sa_state == SA_OPERATIONAL))
+        if ((sa[i].gvcid_tc_blk.tfvn == tfvn) && (sa[i].gvcid_tc_blk.scid == scid) && (sa[i].gvcid_tc_blk.vcid == vcid) && (sa[i].sa_state == SA_OPERATIONAL) &&
+                (crypto_config->unique_sa_per_mapid==TC_UNIQUE_SA_PER_MAP_ID_FALSE || sa[i].gvcid_tc_blk.mapid == mapid)) //only require MapID match is unique SA per MapID set (only relevant when using segmentation hdrs)
         {
             *security_association = &sa[i];
 
diff --git a/python/encryption_test.py b/python/encryption_test.py
index a03933ba..0380fffd 100644
--- a/python/encryption_test.py
+++ b/python/encryption_test.py
@@ -2,7 +2,13 @@
 import codecs
 import sys
 
-
+"""
+Function: crc16
+Calculates the CRC16 for a set of byte data
+@param data: byte array
+@param offset: int
+@param length: int
+"""
 def crc16(data : bytearray, offset , length):
     if data is None or offset < 0 or offset > len(data)- 1 and offset+length > len(data):
         return 0
@@ -16,6 +22,11 @@ def crc16(data : bytearray, offset , length):
                 crc = crc << 1
     return crc & 0xFFFF
 
+"""
+Class: Encryption
+This class is used to perform AES, GCM encryption in order to provide a truth baseline.
+The baseline is compared against output created by gcrypt within TC_ApplySecurity
+"""
 class Encryption:
     def __init__(self):
         self.results = 0x00
@@ -51,6 +62,7 @@ def encrypt(self, data, key, iv, header, bitmask):
         check_sum = crc16(bytearray(final_val), 0, len(final_val))
         final_val += check_sum.to_bytes(2, byteorder = "big")
 
+        print(final_val.hex())
         # Padding for Later
         # while (len(final_val.hex()) %8) != 0:
         #     final_val += bytes.fromhex("00")