All services

Common Criteria Certification

Common Criteria (CC) is one of the most known and most internationally recognized certification schemes for the evaluation of IT products.

Common criteria

The process of evaluation and certification is based on the CC standard, which includes clear requirements for the preparation and assessment of products in scope. In principle, any IT product that offers an amount of security relevant functionalities can be evaluated based on CC.

The scope of possible products includes:

  • Embedded devices (IoT, ICS SCADA, medical devices, automotive components, smart meters, etc.)
  • Software products
  • Operating systems
  • Web and mobile applications
  • Network and telecommunication devices
  • Smart cards and ICs
  • Printers and copy machines

A main advantage of CC is that the resulting certificate is automatically recognized in a wide range of countries, spread across multiple continents. Examples in this sense include EU, USA, Australia, UK or parts of Asia. A CC certificate can enable important advantages and market recognition for the certified product. The certification is particularly useful for selling the product to local governments, where the security of the product is of high importance. At the same time, such a certification could allow in partnerships with major players in the supply chain industry, for example network and telecommunication providers. Finally, a CC certification for your product allows to match (or surpass) the competitors on a particular domain in terms of brand value and recognition.

A Common Criteria evaluation can be conducted at various levels, named Evaluation Assurance Levels (EALs)
. There are 7 available EAL levels for conducting the evaluation, each of them increasing progressively in the depth and scope of the evaluation. While high risk products (for example smart cards) are suitable for the higher levels of evaluation, general software or embedded products can well benefit from a CC certificate in the range of EAL1 – EAL4.

Secura offers Common Criteria evaluation services under the Dutch CC scheme – NSCIB.
We can support you along the whole process of evaluation, starting with the proper preparation and documentation support, all the way to the testing and certification support phases.

Fact sheets

Common Criteria

Overview of Common Criteria and our services.

Download fact sheet file_download

White papers

Implementation Guide Common Criteria for Software and Embedded Products

Download white paper file_download
Industrial Products Standard and Certification

What are the best options for your products?

Download white paper file_download
Consumer IoT Standards and Certification

What are the best options for your products?

Download white paper file_download
Secura Contact Shape

Raising Your Cyber Resilience

Discover your best next steps to protect your organization from cyber attacks.

+31 (0) 88 888 31 00 Monday – Friday 9:00-17:00 CET
Partners of Secura

Cybersecurity is more than technology alone. Secura collaborates with partners in compliance and risk management, integrated application security, privacy, IT- and internet law and certification.