On 01 October the “Accelerated Security Certification (BSZ)”, the new certification procedure of the German Federal Office for Information Security (BSI) has started. Already on September 28, SRC was recognized by the BSI as a testing body for this new procedure. Sandro Amendola is head of the department Standardization, Certification and Security of Telecommunication Networks at the BSI. On behalf of the BSI he handed over the certificate of recognition to Peter Jung, who is responsible for the BSZ at SRC.
Accelerated Security Certification is the BSI’s new lightweight procedure for certifying the security of IT products. In contrast to a CC certification, a certification according to BSZ has several advantages: a considerably lower documentation effort, a significantly shortened implementation and thus a lower cost.
The certification scheme follows a risk-based approach. In this process, the security performance of the IT product is tested by a recognized testing body such as SRC within a fixed timeframe using conformance and penetration tests to determine its security performance and its resistance to attacks.
The user also benefits. He receives comprehensible documentation of the security performance and the promise that any vulnerabilities that occur are guaranteed to be remedied within the certificate’s validity period.
“After SRC has already carried out the first successful evaluation according to BSZ, we are very pleased about the recognition as a test center for this innovative certification scheme that has now taken place” says Peter Jung as representative of the test center and topic responsible for the Accelerated Security Certification BSZ at SRC.
SRC was one of the first test centers to be recognized for BSZ. SRC performed the evaluation of the LANCOM-1900EF, the first certified BSZ product ever.