2026 CC Statistics Report: A Market Redefined by Regulation and Innovation (B13c)
The Common Criteria (CC) ecosystem is undergoing a period of significant transformation, shaped by regulatory developments, technological shifts, and evolving industry priorities. In this talk,... Read More
From Bottlenecks to Breakthroughs: Redefining EUCC and CRA Throughout (B13b)
As the regulatory landscape-spanning EUCC, CRA, and Critical Infrastructure -continues to evolve, maintaining efficient certification throughput has become a critical challenge for vendors, laboratories, and... Read More
Bridging EUCC Certification and CRA Complaince: A Practical Study on MRTD Products (B13a)
The Cyber Resilience Act (CRA) introduces new essential requirements for critical products, including data minimisation , SBOM, re-testing. This talk explores how an existing EUCC... Read More
When EUCC Over-Delivers: A Pilot Study on CRA Alignment for Class I and II Products (B12c)
This talk presents the findings gained while performing a pilot project to explore the interplay between CRA and EUCC. The pilot project explores for important... Read More
No PP, No Problem: Building ASE_SPD from Risk Management (B12b)
CRA requires developers to perform and document a productspecific risk assessment. ENISA has indicated that ASE_SPD can serve as a simplified way to express the... Read More
Certifiable Random Number Generation in Virtualized Environments According to AIS 20/31 (A31c)
Secure cryptographic mechanisms and protocols fundamentally depend on high-quality random numbers. However, developers often face challenges in finding a suitable random number generator that is... Read More
Quantum Resilient CC: The Impact of PQC and QKD on EUCC (A31b)
The transition to quantum resilient security is reshaping assurance requirements across the EU cybersecurity landscape. This talk examines how Post Quantum Cryptography (PQC) and Quantum... Read More
The Importance of Entropy Source Validation in Common Criteria: Navigating the New Assurance Landscape (A31a)
The security of any cryptographic module fundamentally rests on the quality of its underlying random number generation. In recent years a greater emphasis is being... Read More
ALC Reuse and Evaluation of Sites (A30c)
The process for the reused of evidence and evaluation results for the assurance class ALC was initially detailed for Common Criteria version 2. The site... Read More