15-17 November 2022 | Toledo, Spain

ICCC21 Conference Agenda

All times shown in Central European Time (CET).

Tuesday 19 October

13:00-14:55 Plenary Conference Session

13:00 Introduction, Jose Ruiz Gualda, Program Director, ICCC, Co-founder, jtsec Beyond IT Security, Spain; Thomas Jorgensen, Chief Commercial Officer, SGS Brightsight, Netherlands 
13:10 Industry Keynote (P00b) Sridhar Mullapudi, Senior Vice President, Product Management, Citrix, United States

13:40 Government Keynote (P00c) Sandro Amendola, Head of Standardization/Certification Department, BSI, Germany

14:10 CCDB Update (P00d) Rob Huisman, NCCA Senior Security Specialist, Ministry of Economic Affairs and Climate Policy, Radiocommunications Agency Netherlands, Netherlands
14:25 CCRA Update (P00d) Colin Whorlow, Head of International Standards, National Cyber Security Centre, United Kingdom
14:40 CCUF Update (P00d) Petra Manche, Engineering Technical Leader, Cisco, United Kingdom

14:55-15:00 Break

15:00-16:00 Plenary Conference Session

15:00 Panel Discussion on EUCC (P00f) Moderator: Roberto Cascella, Senior Policy Manager, European Cyber Security Organisation (ECSO), Belgium; Panelists: Shantel Powell, CISSP, Acting Director NIAP, United States; Alicia Squires, Global Certifications Team – Manager, FIPS/Common Criteria, Cisco Systems, United States; John Boggie, Director, Head of Cybersecurity Certification, NXP Semiconductors; Elzbieta Andrukiewicz, ITSEF Manager, National Institute of Telecommunications, Poland

16:00-16:30 Break

SPECIAL PRESENTATION
Brightsight is now part of SGS: An introduction of SGS Brightsight (P00g) Dyantha Vriens, Global Marketing Manager, SGS Brightsight, Netherlands

16:30-18:00 Track Sessions

Track R02 New CC ISO Revision
Moderator: Petra Manche, Engineering Technical Leader, Cisco Systems, United Kingdom

16:30 Transition to ISO/IEC 15408 and ISO/IEC 18045 : New Concepts and Changes (R02a) Carolina Lavatelli, CTO, Internet of Trust, France


17:00 The ISO/IEC 15408 and 18045 (Common Criteria) Development Road Map (R02b) David Martin, ISO WG3 Editor, University of Bath, United Kingdom


17:30 Trends in Security Assessment (R02c) Teresa MacArthur, Common Criteria Lab Manager, Intertek EWA-Canada, Sweden

Track L02 Cybersecurity Schemes Landscape
Moderator: Alicia Squires, Global Certifications Team – Manager, FIPS/Common Criteria, Cisco Systems, United States

16:30 Security Technology Standards Matrix: A Tool to Understand Global Security Requirements and Simplify Compliance (L02a) Carlos Serratos, Senior Director Strategy, Policy and Advocacy, SGS BrightSight


17:00 Common CC Criteria: Another Key to Efficiency (L02b) Wouter Slegers, CEO, TrustCB, Netherlands


17:30 GlobalPlatform Certifications – Streamlining Security for Connected Industries (L02c) Gil Bernabeu, Technical Director, GlobalPlatform, France

18:00-18:30 Break

SPECIAL PRESENTATION
atsec – the world leader in Common Criteria Software Evaluations (P02d) Michael Vogel, Managing Director, atsec Information Security, Germany

18:30-20:00 Track Sessions

Track U03 Updates from Schemes and ITCs
Moderator:Michael Vogel, Managing Director, atsec Information Security, Germany

18:30 Network Device iTC Update (U03a) Kristy Knowles, Product Security Engineer, Cisco, United States


18:50 Perseverance Always Pays Off—A DBMS iTC Update (U03b) Maureen Barry, Senior Principal Security Analyst, Oracle, Canada


19:10 Biometrics Security iTC Update (U03c) Brian Wood, Program Manager, Google, United States


19:30 Hardcopy Devices iTC Update (U03d) Kwangwoo Lee, Security Architect, HP, South Korea

Track A03 Advances in the Use of Common Criteria
Moderator: Naisby Camponeschi, National Information Assurance Partnership (NIAP), United States

18:30 Augmenting Patch-Management (ALC_PAM) in CC (A03a) Sebastian Fritsch, Head of Laboratory, secuvera GmbH, Germany; Michael Meissner, BSI (German Federal Office for Information Security), Germany 


19:00 Reconciliation of Patch Management Methods for Smartcards and Similar Devices (A03b) Fabien Deboyser, Security Certification Expert, NXP, France; Gabor Hornyak, Head of Site & Process Certification, NXP Semiconductors, Hungary


19:30 Assurance-Oriented Fuzzing: Growing the Requirements and the Practice (A03c) Tony Boswell, Senior Principal Consultant, CyTAL UK Ltd, United Kingdom

Wednesday 20 October

13:00-14:30 Track Sessions

Track U10 Updates from Schemes and ITCs
Moderator: Nithya Rachamadugu, Consultant, VAAN Consultants, United States

13:00 Australia Scheme Update (U10a) Hin Chan, Manager, Australasian Certification Authority (ACA), Australasian Information Security Evaluation Program (AISEP); Director, Cyber Security Services, Technical Uplift Branch, Standards and Guidelines Section, Australian Cyber Security Centre, Australian Signals Directorate, Australia


13:30 Japanese Scheme Update (U10b) Toru Hashimoto, Assistant Manager, IPA, Japan


14:00 India Scheme Update (U10c) Suresh Chandra, Director/Group Head IT & Egov, STQC, Ministry of Electronics & Information Technology, India

Track L10 Cybersecurity Schemes Landscape 
Moderator: José Ruiz Gualda, Co Founder, jtsec Beyond IT Security, Spain

13:00 URWP Update (L10a) Renate Verheijen, Legal Officer Cybersecurity Certification, ENISA, Greece


13:30 Candidate EUCC Scheme V1.1.1 (L10b) Philippe Blot, Lead Expert Certification, ENISA, Greece


14:00  EU Common Criteria Information Sharing and Analysis Centre (EU CC ISAC) (L10c) Pierre-Jean Verrando, Director, Eurosmart, Belgium

14:30-15:00 Break

SPECIAL PRESENTATION
Automating Common Criteria (P01d) Jose Ruiz Gualda, Program Director, ICCC, Co-founder, jtsec Beyond IT Security, Spain

15:00-17:00 Track Sessions

Track U11 Updates from Schemes and ITCs
Moderator: Erin Connor, Consultant, Canada

15:00 Germany Scheme Update (U11a) Fritz Bollmann, Head of Software Certification, German Federal Office for Information Security (BSI), Germany


15:30 France Scheme Update (U11b) Julie Chuzel, Head of the French Certification Body, ANSSI, ANSSI, France


16:00 Unexpected Side Effect of the CSA—How CABs Could Demonstrate Their Competency in Information Security Area? ITSEF Use Case (U11c) Elzbieta Andrukiewicz, ITSEF Manager, National Institute of Telecommunications, Poland


16:30 2021 CC Statistic Report (U11d) José Manuel Pulido, Consulting Leader and Senior Evaluator, jtsec Beyond IT Security, Spain

Track M11 Meeting Customer Requirements
Moderator: Ahmad Zuraimi Mohamad, Chief Operating Officer (COO) | Lab Director, Securelytics, Malaysia

15:00 A Proposal of Security Evaluation for Microcontroller-Based IoT Devices (M11a) Hirotaka Yoshida, Team Leader, National Institute of Advanced Industrial Science and Technology (AIST), Japan; Kenji Yamaya, ECSEC Laboratory, Japan; SeongHan Shin, AIST, Japan (author); Yasuyoshi Uemura, ECSEC TRA, Japan (author)


15:30 Update on Integrated Secure Element Evaluation—Secure Sub-System (3S) in SoC PP (M11b) Rachel Menda-Shabat, Director of Security Solution Certification Division, Winbond, Israel; Jean-Philippe Galvan, Principal Engineer,Qualcomm, France; Monique Bakker, Senior Security Evaluator, SGS Brightsight, Netherlands


16:00 Pwning All the IoT (M11c) Ken Munro, Founder and Partner, Pen Test Partners, United Kingdom


16:30 Automotive Chips Requirements: ISO 26262 & ISO/SAE FDIS 21434 (M11d) Sylvain Guilley, Prof., Secure-IC S.A.S., France

17:00-17:30 Break

17:30-19:00 Track Sessions

Track U12 Automation
Moderator: Brian Wood, Program Manager, Google, United States

17:30 U.S. Scheme Update (U12a) Shantel Powel, Acting Director, NIAP, United States


18:00 Automation Update: Validation Rules and The Big Picture (U12b) Robert Clemons, Technical Lead, NIAP, United States


18:30 CCCAB Tool, Making CABs Life Easy (U12c) Javier Tallón, Technical Director, jtsec Beyond IT Security, Spain

Track L12 Meeting Customer Requirements
Moderator: Juan Gonzalez, Lab Director, Teron Labs, Australia

17:30 A year in the life of Network Equipment Security Assurance Scheme (NESAS) (L12a) James Moran, Head of Security, GSMA, United States


18:00 Network Component Certification—Should I Use NESAS or NDcPP? (L12b) Michael Vogel, Managing Director, atsec Information Security, Germany; Rasma Araby, Head of Evaluation Facility, atsec, Sweden


18:30 Support for QKD Device Evaluations: The Common Criteria Protection Profile for Prepare and Measure Quantum Key Distribution Modules (L12c) Lars Hanke, Security Analyst and Evaluator, DEUTSCHE TELEKOM SECURITY GMBH, Germany

19:00-19:10 Break

19:10 Closing Panel Discussion: ISO Update (P13a) Moderator: Miguel Bañón, Convenor, ISO/IEC JTC 1/SC 27WG 3,Spain; Panelist: Philippe Blot, Lead Expert Certification, ENISA, Greece; David Martin, ISO WG3 Edito, University of Bath, United Kingdom; Ken Elliott, National Information Assurance Partnership (NIAP), United States; Carolina Lavatelli, CTO, Internet of Trust, France

20:10 Closing Presentation (P13b) Carlos Serratos, Senior Director Strategy, Policy and Advocacy, BrightSight

20:15 Adjourn