CC

Common Criteria

PP and cPP Overview

OVERVIEW

The Common Criteria (ISO 15408) is the only global mutually recognized product security standard. The Common Criteria evaluation process has changed significantly with the evolution of Common Criteria to PP based evaluation and strict compliance requirements. What used to be a flexible and malleable process where requirements could be added and/or dropped based on production functionality has now become rigid leaving no room for errors. This is where Acumen’s experience and the process driven approach helps. We engage early, and adopt risk mitigating processes where by non-compliance is identified early on, fixes are discussed and planned, testing methodology is defined in advance to allow your test teams to plan accordingly and schedule is tracked religiously to ensure our progress is in step with your development and test plans.

    Service Offerings:
  • Gap Analysis and Strategy Workshop
  • Design Consulting
  • Documentation Development
  • Evaluation Services
  • Post-Certification Support

OVERVIEW

While CC is moving to a PP/cPP based approached there are still a handful of markets globally that require an EAL based CC evaluation (the traditional way of performing CC evaluation). Additionally there are product categories that are not covered by existing PPs/cPPs. In such cases we can use our partnerships in Europe to achieve EAL 1-4+ certification. We partner with a number of laboratories across a varied set of national schemes to provide you with the most flexibility.

Service Offerings:

  • Gap Analysis and Strategy Workshop
  • Design Consulting
  • Documentation Development
  • Evaluation Services

PROCESS