Evaluation according to Common Criteria

Evaluation according to Common Criteria

Common Criteria – The certification concept for the international comparability of IT security

They offer IT hardware or software with unique but complex security features. This is where their products differ from those of their competitors. At the same time, their customers expect internationally recognised, simple and comprehensible proof of the information technology security of their products. As providers, they want to differentiate themselves. Your customers expect standardisation. A dilemma.

The Common Criteria for Information Technology Security Evaluation (also known as Common Criteria or CC for short) was established internationally in ISO/IEC standard 15408.

CC certification follows a three-stage procedure:

  1. Definition of the security target by the manufacturer
  2. Evaluation by a recognised testing laboratory
  3. Certification by the Federal Office for Information Security (BSI)

Control over the functionality of the evaluated system and over the unique selling propositions remains consistently their responsibility as manufacturers. The separation of evaluation and certification ensures the dual control principle in the testing of the product. The resulting CC certification meets the highest internationally recognised standards.

Our offer

SRC offers evaluations of all types of IT products, whereby all test levels of the Common Criteria can be mapped; for example, electronic ID cards and passports, smart metering systems, healthcare products, software, network devices, payment transaction terminals, signature components, tachograph components and biometric systems are examined.
In addition, we offer manufacturers and users of IT security products consulting services around the Common Criteria. These include e.g.

  • Common Criteria trainings
  • Common Criteria-Workshops
  • Creation of protection profiles
  • Definition der Sicherheitsziele
  • Support with the compilation of the required manufacturer’s certificates

Our recognition

The Federal Office for Information Security (BSI) has approved SRC for the areas of

  • CC: Gemeinsame Kriterien
  • SC: Requirements for the technical domain „Smartcards and similar Devices“ are fulfilled.
  • HD: Requirements for the technical domain „Hardware Devices with Security Boxes“ are met.

Your contact

Oliver Borcherding

Vertriebsbeauftragter

Are you looking for a specific certification?

Find out which certifications SRC GmbH can offer in this area.

We have the perfect solution for you

Find out about the solutions we offer in this subject area.

Common Criteria security evaluation of eHealth card platforms.

Training on this topic

Experience exciting talks and networking at our event. Register now and become part of the community!

Our partners in this area

Your career at SRC - Discover your opportunities!