25 May 2022
Assurance Beyond the Initial Certificate (N13c)
Currently the assurance given in product (security) certificates is normally limited to the exact version certified. This presentation will give a short overview how current schemes (e.g. CC, NESAS) try to partially address the problem of security updates. It will then show what kind of developments are currently under way (e.g. Patch Management for Common Criteria, Life Cycle aspects for FiT CEM / EN 17640). The final part will be an experts presentation on how a future CSA scheme (e.g., for FiT CEM/EN 17640) could extend the current ideas for true continuous assurance.