eHealth: Infrastructure and Evaluation in Germany (M01c )
Digitalization of health systems is an ongoing process worldwide. This presentation gives an overview of the German eHealth scheme which is currently being established. Interaction... Read More
The Road to Smart Meter Security Requirements Acceptance (M01b)
CEN/CENELEC/ETSI and Smart Meter developers (ESMIG) started 7 years ago an initiative that resulted in a certified smart meter Protection Profile based on requirements from... Read More
FIA’s OTP Security—a Common Criteria Approach (M01a )
The FIA (Fédération Internationale de l’Automobile) is currently publishing a report of the “On-Board Telematics Platform (OTP) Security”. It addresses the importance for Mobility Clubs... Read More
You, Me and FIPS 140-3: Open for Business! (L22c)
September 21st, 2020 FIPS 140-3 was officially declared open for business! After years of waiting CMVP are now accepting validations based on ISO/IEC 19790 and... Read More
Common Criteria Vs FedRAMP (L22b)
Common Criteria squarely targets products meant for on-prem. However, increasingly cloud services and containers are becoming increasingly becoming more and more important. Common Criteria risks... Read More
Industrial Automation Control Systems Cybersecurity Certification – Chapter II (L22a)
At ICCC 2019, we presented the work that had been carried out since 2014 by the ERNCIP (European Reference Network for Critical Infrastructure Protection) IACS... Read More
The EMVCo Security Evaluation Processes for IoT (L21d)
In an increasingly connected world, use cases across various IoT verticals now require payment functionality. This includes retail and e-commerce, smart home and entertainment, consumer... Read More
Certifying IoT Devices: Challenges from the Real World (L21c)
There is no doubt that the state of security of IoT devices, especially Consumer IoT, could be significantly better. Compared to other industries, the security... Read More
Composite Evaluations: The Way Forward for IoT Security and Compliance (L21b)
What do PCI, DTSec, ETSI EN 303645 and IEC 62443-4-2 have in common? As the number of IoT security certification frameworks used in public and... Read More
Strong Digital Identity as an Enabler for Adaptive Security and How It Fits into Certification (L21a)
Data is the lifeblood of the connected world. Data is gathered, stored, analyzed, and acted upon. This data is also an enabler in combating attacks... Read More