The following is an archive of the agenda for ICCC20, held 16-18 November. Additional information can be found under “About ICCC>ICCC20 Archive”
All times shown in Central European Time (CET).
13:00 CET Introduction, Jose Ruiz Gualda, Program Director, ICCC, Co-founder, jtsec Beyond IT Security, Spain; Opening Welcome (P00a) Martin Schaffer, Global Head of Cybersecurity Services, SGS Group, Austria
13:05 CET Keynote: Securing the Edge: The Role of Third-Party Security Verification (P00b) Wolfgang Steinbauer, Vice-President, Head of Competence Centre Crypto and Security, NXP, Austria
13:35 CET CCDB Update (P00c) Rob Huisman, Netherlands National Communications Security Agency, Netherlands
13:50 CET CCRA Update (P00d) Colin Whorlow, Head of International Standards, National Cyber Security Centre (NCSC), United Kingdom
14:05 CET CCUF Update (P00e) Petra Manche, Product Security Certification Engineer, Cisco, United Kingdom
14:40 CET Panel Discussion on EUCC and CCRA: Market Impact (P00f) Moderator: Miguel Bañón, Convenor, ISO/IEC JTC 1/SC 27/WG 3, Spain Panelists: Roberto Cascella, Senior Policy Manager, European Cyber Security Organisation (ECSO), Belgium; Michael Grimm, Principal Security Program Manager, Microsoft, United States; Jonathan Sage, Government and Regulatory Affairs, IBM, United Kingdom; Aristotelis Tzafalias, Policy Officer, European Commission, Greece
New CC ISO Revision Update |
Moderator: Dr. Michael Vogel, Principal Consultant, COO, atsec information security GmbH, Germany |
16:00 CET ISO/IEC JTC 1/SC 27/WG 3, Current Status, Roadmap and Challenges (R01a) Miguel Bañon, Convenor, ISO/IEC JTC 1/SC 27/WG 3, Spain
16:30 CET Changes in the ISO/IEC 15408 General Model (R01b) Elzbieta Andrukiewicz, KSO3C Project Manager, National Institute of Telecommunications, Poland
17:00 CET Adopting the New Evaluation Methods and Activities in ISO/IEC 15408-4 (R01c) Tony Boswell, Senior Principal Consultant, CyTAL, United Kingdom
Meeting Customer Requirements |
Moderator: Petra Manche, Product Security Certification Engineer, Cisco, United Kingdom |
16:00 CET FIA’s OTP Security—a Common Criteria Approach (M01a) Markus Bartsch, Business Development, TUViT, Germany; Markus Wagner, TÜV Informationstechnik GmbH
16:30 CET The Road to Smart Meter Security Requirements Acceptance (M01b) Willem Strabbing, Technical Director, ESMIG, Belgium; Olaf Tettero, CTO, Brightsight, The Netherlands
17:00 CET eHealth: Infrastructure and Evaluation in Germany (M01c) Sebastian Hoppach, Security Consultant/Evaluator, TÜV Informationstechnik GmbH, Germany
17:30 CET SGS and Graz University of Technology Announcing Launch of New Cybersecurity Research Center (P01d) Martin Schaffer, Global Head of Cybersecurity Services of SGS, Austria; Stefan Mangard, Professor and Head of the Institute of Applied Information Processing and Communications at Graz University of Technology, Austria
SPONSORED
Updates from Schemes and ITCs |
Moderator: Dr. Michael Vogel, Principal Consultant, COO, atsec information security GmbH, Germany |
18:00 CET Biometrics Security iTC Update (U02a) Brian Wood, Device Security Certification Manager, Samsung Research America, United States
18:30 CET Network Device iTC Update (U02b) Kristy Knowles, Product Security Certification Engineer, Cisco, United States
19:00 CET German Scheme Update (U02c) Fritz Bollmann, BSI (Federal Office for Information Security), Germany
Meeting Customer Requirements |
Moderator: Nithya Rachamadugu, Senior Director, Cygnacom Solutions, United States |
18:00 CET FIPS vs CC: What Drives Certification Demand for HSMs? (M02a) Ignacio Dieguez, Senior Principal Security Certifications Engineer, Entrust, United Kingdom. Natalya Robert, Principal Security Certifications Engineer, Entrust, United Kingdom
18:30 CET Protection Profile for SaaS Multi-Tenant Cryptographic Isolation (M02b) Richard Tychansky, Security Architect, Identity Dynamics Corp, United States
Updates from Schemes and ITCs |
Moderator: Naisby Camponeschi, NIAP, United States |
13:00 CET Japanese Scheme Update (U10a) Toru Hashimoto, Assistant Manager, IPA, Japan
13:30 CET Hardcopy Devices iTC Update (U10b) Kwangwoo Lee, Security Architect, HP, South Korea
14:00 CET KSO3C: Polish Schema for Evaluation and Certification Compliant with Common Criteria—Last Step Towards Recognition (U10c) Elzbieta Andrukiewicz, KSO3C Project Manager, National Institute of Telecommunications, Poland
Meeting Customer Requirements |
Moderator: Ahmad Zuraimi bin Mohamad, Technical Director, Cybersecurity & Common Criteria, Securelytics, Malaysia |
13:00 CET Track Keynote: Meeting Customer Requirements with Unified Verification Standard (M10a) Bob Xie, Cyber Security Officer, Huawei Western European Region, Director, Huawei Cyber Security Transparency Centre, Huawei, Belgium
13:30 CET Trust Model for Verticals Over 5G (M10b) Claire Loiseaux, CEO, Internet of Trust, France
14:00 CET You want what? By when?? …. Ok! (M10c) Wouter Slegers, CEO, TrustCB, Netherlands
14:30 CET atsec – All You Would be Looking For (P10d) Michael Vogel, atsec Germany; Garibaldi Conte, atsec Italy; Rasma Mozuraite Araby, atsec Sweden; Yan Liu, atsec China; Ken Hake, atsec US; Yi Mao, atsec US
SPONSORED
Updates from Schemes and ITCs |
Moderator: Erin Connor, Consultant, Canada |
15:00 CET Spanish Scheme Update (U11a) Pablo Franco, CCN (Centro Criptológico Nacional), Spain
15:30 CET ISCI-WG1 Contribution to the Common Criteria Methodology Improvement and Usage (U11b) Francois Guerin, ISCI-WG1 Chairman, Representative of Thales in ISCI-WG1, ISCI-WG1, France
16:00 CET 2020 Statistics Report. Is the Industry Surviving to Lockdown? (U11c) José Pulido, jtsec, Spain
16:30 CET Using the Common Criteria in Canada (U11d)
Assurance |
Moderator: Brian Wood, Device Security Certification Manager, Samsung Research America, United States |
15:00 CET Reading Between the Lines, A Biometric Acceptance in Malaysia Voyage (S11a) Nur Iylia Roslan, Security Analyst, CyberSecurity Malaysia, Malaysia; Nor Zarina Zamri, CyberSecurity Malaysia, Malaysia
15:30 CET Outbreak Impact in CC (S11b) Alvaro Ortega Chamorro, Cybersecurity Lab Manager, DEKRA Testing and Certification S.A.U., Spain
16:00 CET End-to-End Side-Channel Detection Methodology (S11c) Sylvain Guilley, CTO, Secure-IC S.A.S., France
16:30 CET JHAS Rating Approach and Assessment of SW Vulnerabilities—All ITSEFs Will Become Hackers (S11d) Jasmina Omic, Product Manager Services, Riscure, Netherlands
Updates from Schemes and ITCs |
Moderator: Nithya Rachamadugu, Senior Director, Cygnacom Solutions, United States |
17:30 CET NIAP Update (U12a) Mary Baish, Director, NIAP, United States
18:00 CET A Transition to New Algorithms: Encryption, Key Establishment and Entropy—the CMVP Perspective (U12b) Allen Roginsky, Mathematician, NIST, United States
18:30 CET NIAP Automation Work Update and Demo (U12c) Robert Clemons, Director, NIAP, United States
Assurance |
Moderator: Brian Wood, Device Security Certification Manager, Samsung Research America, United States |
17:30 CET Towards Creating an Extension for Patch Management for ISO/IEC 15408 and ISO/IEC 18045 (S12a) Sebastian Fritsch, Head of Laboratory, secuvera GmbH, Germany; Javier Tallón, jtsec, Spain
18:00 CET The Changes of Change Management (S12b) Gabor Hornyak, CTO & Head of Budapest laboratory, CCLab Ltd., Hungary
18:30 CET Results on Automating National Information Assurance Partnership (NIAP) Requirements Testing for Mobile App Vetting (S12c) Vincent Sritapan, Program Manager, U.S. Department of Homeland Security, United States; Angelos Stavrou, Kryptowire, United States
Advances in the Use of Common Criteria |
Moderator: Gonzalo Erro Iribarren, Data Privacy and Cybersecurity Officer, Huawei Technologies, Spain |
13:00 CET EUCC Scheme Update (A20a) Philippe Blot, Lead Certification Expert, ENISA, France
13:30 CET State of Play and Way Forward (A20b) Aristotelis Tzafalias, Policy Officer, European Commission, Greece
14:00 CET Cryptographic Agility in Security Standards (A20c) Tomislav Nad, Head of Cryptography & System Security, SGS Digital Trust Services GmbH, Austria
Cybersecurity Certification Schemes Landscape |
Moderator: Juan Manuel Gonzalez Nieto, Laboratory Director and Co-founder,Teron Labs, Australia |
13:00 CET Automotive Cyber Security (L20a) Xavier Vilarrubla, General Manager, Brightsight Barcelona, Spain
13:30 CET What About 5G Certification (L20b) Boutheina Chetali, Security Certification Sr. Expert, Huawei Technologies France, France
14:00 CET Update on NESAS/SCAS Scheme (L20c) James Moran, Head of Security, GSMA, Ireland
Advances in the Use of Common Criteria |
Moderator: Thomas Billeau, Senior Manager–Head of Certification, Competence Center Crypto & Security/BU: Chief Technology Office, NXP Semiconductors, Germany |
15:00 CET Application of the Common Criteria to Building Trustworthy Automotive SDLC (A21a) Seungyeon Jeong, Ms.C Student, Korea University, South Korea, Sooyoung Kang, Ph.D. Student, Korea University, South Korea; Seungjoo Kim, Professor, Korea University, South Korea.
15:30 CET Evolution Towards Evaluation of HW IP Blocks (A21b) Gordon Caffrey, Head of Site Certification, Eurosmart ITSC – Chairman (NXP), United Kingdom; Jean-Philippe Galvan, Principal Engineer, Qualcomm, Vice-Chairman, Eurosmart ITSC , France; Rachel Menda-Shabat, Director of Security Certification, Winbond, Israel
16:00 CET How ‘By-Parts’ Evaluation Achieves Certification Scheme Scalability (A21c) Gil Bernabeu, GlobalPlatform, France
16:30 CET Soft IP Certification, a Glimpse into the Future (A21d) Joop van de Pol, Senior Security Evaluator, Brightsight, Netherlands
Cybersecurity Certification Schemes Landscape |
Moderator: Alicia Squires, Global Certifications Team–Manager, FIPS/Common Criteria, Cisco Systems, United States |
15:00 CET Strong Digital Identity as an Enabler for Adaptive Security and How It Fits into Certification (L21a) John Boggie, Director, Head of Cybersecurity Certification, NXP Semiconductors, United Kingdom; Georg Stutz, Security Certification Expert, Senior Principal, NXP Semiconductors, Austria
15:30 CET Composite Evaluations: The Way Forward for IoT Security and Compliance (L21b) Dirk-Jan Out, CEO, Brightsight, The Netherlands
16:00 CET Certifying IoT Devices: Challenges from the Real World (L21c) Raphael Spreitzer, Principal Security Expert, SGS Digital Trust Services, Austria
16:30 CET The EMVCo Security Evaluation Processes for IoT (L21d) Gary Hemmings, Member, EMVCo Security Evaluation Group, Director, MasterCard, United Kingdom
17:00 CET Securyzr iSE: An integrated Secure Element to Easily Reach your CC Certification (P21d)
SPONSORED
Advances in the Use of Common Criteria |
Moderator: Dianne Hale, NIAP, United States |
17:30 CET Formal Models for High-Assurance: Why and How (A22a) Carolina Lavatelli, CTO, Internet of Trust, France
18:00 CET Qualcomm’s View on EUCC and Importance of Composition and Re-Use in Certification (A22b) Anne-Lise Thieblemont, Vice President, Qualcomm, United States
18:30 CET Cloud and Common Criteria: NWI ISO Proposal (A22c ) Joshua Brickman, Director, Security Evaluations, Oracle, United States
Cybersecurity Certification Schemes Landscape |
Moderator: Petra Manche, Product Security Certification Engineer, Cisco, United Kingdom |
17:30 CET Industrial Automation Control Systems Cybersecurity Certification – Chapter II (L22a) Georgios Theodoridis, Scientific/Technical Project Officer, European Commission, DG Joint Research Centre Greece; Jose Ruiz Gualda, Co-founder, jtsec Beyond IT Security, Spain
18:00 CET Common Criteria Vs FedRAMP (L22b) Ravi Jagannathan, Cloud Security Architect, VMware, United States
18:30 CET You, Me and FIPS 140-3: Open for Business! (L22c) Ryan Thomas, CST Laboratory Manager, Acumen Security, United States
19:00 CET Summary Presentation (P22d) Nithya Rachamadugu, Senior Director, Cygnacom Solutions, United States