EU Common Criteria Information Sharing and Analysis Centre (EU CC ISAC) (L10c)
A proposal to support the maintenance of the EU CC Scheme.
Implementing the EU Common Criteria Scheme (EU CC Scheme) under the European Cybersecurity Certification Framework will take over the current SOGIS-MRA. This transposal poses the challenge of determining the right conditions to ensure continuity between the two certification schemes. Necessary sustainability implies the scheme’s maintenance, and it’s here a major question for the European Criteria Community stakeholders.
The security certification community (CABs, evaluation laboratories, ITSEFs, manufacturer or provider of certified ICT products) must stay one step ahead of the attackers. An Information Sharing and Analysis Centre (ISAC) assisting the EU CC Scheme is a future-proof structure to guarantee the optimal support to the scheme’s maintenance. At the same time, the ISAC will ensure consistency for the execution of security evaluations in line with the defined attack methods and attack catalogues and the evaluation criteria. The overall goal of the ISAC is to provide assistance to the ECCG – EUCC subgroup on elements that reflect on the quality of the EUCC scheme.