23-25 March, 2027 | Steigenberger Wiltcher's, Brussels

Beyond the Standard Wars: a Laboratory’s Universal Approach to Product Security Evaluation (S13c)

Learn a universal evaluation approach that transcends competing security standards.
25 Mar 2026
4:20 pm
Ballroom C

Beyond the Standard Wars: a Laboratory’s Universal Approach to Product Security Evaluation (S13c)

As a security evaluation laboratory, attendees encounter a wide range of evaluation standards, but in practice, the objective remains the same: is the product secure enough, and can this be demonstrated through analysis and testing? The underlying standards span from checklists drawn up by risk owners (e.g., PCI-PTS, cPP), to technology-based analyses and tests (e.g., EN303645, EMVCo), and even holistic approaches (e.g., Common Criteria VAN.5). When developing harmonised standards for the Cyber Resilience Act (CRA), it is vital to establish how a specific product should be evaluated. Key considerations include the effectiveness of the required depth, the duration and effort involved in assessment, and quality control. This talk provides guidelines for security evaluation standards to help determine the most suitable approach for both the product and the evaluation objective.