Cybersecurity Certification: Candidate EUCC Scheme V1.1.1

Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to the existing schemes operating under the SOG-IS MRA. This has been named EUCC scheme (Common Criteria based European candidate cybersecurity certification scheme) and it looks into the certification of ICT products cybersecurity, based on the Common Criteria, the Common Methodology for Information Technology Security Evaluation, and corresponding standards, respectively, ISO/IEC 15408 and ISO/IEC 18045. This version -V.1.1.1- of the scheme has been updated based on the comments received through the public consultation and from the ECCG.

Published
May 25, 2021
Language
English

ENISA published also the report presenting the outcome of the public consultation on the first draft of the cybersecurity certification candidate EUCC scheme.

Public Consultation on the draft Candidate EUCC Scheme

As result some major changes were implemented to the candidate EUCC scheme, mostly related to the:

  • addition and clarification of definitions;
  • systematic cooperation with the ECCG for the development of guidance documents supporting the scheme;
  • clarification of activities related to the maintenance of certificates;
  • clarification of deadlines associated to the handling of non-conformities, non-compliances and vulnerabilities;
  • modification of the status of the new patch management process, now in annex and for trial use;
  • modification of the logo associated to the certificates, allowing to establish an additional specific logo for the scheme and to mention the evaluation level achieved in addition to the CSA level;
  • clarification of the peer assessment requirements and simplification of the associated annex;
  • update of annexes 7 and 9 based on their recent evolution within the SOG-IS, and the addition of one annex related to ST sanitization.

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information