default banner
Go back to events

The International Conference on the EU Cybersecurity Act has been developed to help standards community prepare for the evolution of risk-based frameworks meant to address market fragmentation in the EU. The EU Cybersecurity Act, now in the early stages of development, will eventually create a wide-ranging, independent European body of cybersecurity regulation as part of the “single digital market” goal. This landmark regulatory mandate will have a wide-ranging effect on the international standards community—now is the time to begin planning for and participating in ongoing changes.

Secure-IC invites you in our next conference on “Leveraging Common Criteria for Products’ Security Specification (I11a)” at EUCA:

  • 🕔 10:50 am
  • 📅 29 Mar 2023

Over time, Common Criteria (CC) have shown to be excellent tools to foster the development of highly secure products corresponding to a given market use-case. This talk will illustrate another virtue of the CC: the ability to generate products matching the necessary and sufficient level of security. Indeed, it is believed that the practice of CC shall not be seen as “exploits” after a “certification marathon”, but rather as a methodology to maintain “certification-ready” product lines. Such “left shift” is mandatory for industries leveraging Security Sub-Systems (3S), which shall accommodate to various products. This talk will show that the adoption of CC “within core products” instead of “per project” allows for a fine-grain control of the security functionalities to be instantiated, thereby offering a clear path to successful certification process. This talk illustrates the systematic use of attack-countermeasure trees to yield early quotations at the specification level. Thereby, products’ configurations are generated to match exactly with the targeted Evaluation Assurance Level. Such methodology allows to select the right amount of protections, in terms both of breadth and depth, and therefore to minimize the overall product cost. This talk will show examples of this methodology for the reuse of the same 3S in various contexts (namely automotive with PP 0114 and smartphone with PP 0117).

Meet Sylvain GUILLEY, CTO of Secure-IC, Frederik Himschoot, Sales EMEA and Ritu-Ranjan, Certification & Standardization Program Manager at Secure-IC and discuss your embedded cybersecurity needs.

Book a meeting with our team during the event

Practicals details:

  • 📅 29 – 30 March 2023
  • 📍 Table 3

TO REGISTER

 

Go back to events
Contact