Multi Assurance Evaluations for Real Products (A21c)
We see more and more multi-component products and systems protecting different kinds of assets and requiring different levels of assurance (consumer devices, cars, sensor networks, etc.). Stakeholders demand suitable security evaluation frameworks. Within CC, composition & modularity are key to address targets with various sensitivity levels. We propose to enhance the PP-module/configuration concept to allow a combination of different assurance levels and, ultimately, to align the evaluation methodology with current technology. Promoted in ISO/JTC1/SC27.