Fast Common Criteria Assurance Continuity After Product Updates Finally Gets Real. How to Use Patch Management in ISO/IEC TS 9569 Efficiently. (F11c)
Those who need to keep a Common Criteria Security Certificate valid after security relevant product changes (like after the release of software patches) should integrate the ALC_PAM (Patch Management) assurance family according to ISO document ISO/IEC TS 9569 into the scope of the evaluation, in order to profit from fast re-evaluation cycles. For the first time since the introduction of Common Criteria, a certified product has a real chance of regular and fast assurance continuity after security relevant changes like patch releases, however, it will only work if some preconditions are fulfilled. This talk will inform attendees about ALC_PAM and how fast assurance continuity can become a reality.
