Infineon - NXP - STMicroelectronics - ENISA - Common Position on Cybersecurity

29 May 2017

Infineon, NXP, STMicroelectronics and ENISA have published a Common Position on Cybersecurity to address topics such as security certification and labelling.

They advocate for the extension of the Common Criteria (CC, ISO/IEC 15408) and SOG-IS MRA (Mutual Recognition Agreement) to all Member States for high assurance security levels.

A Baseline security certification (a “lightweight” certification) should be developed for ICT products and agreed by all Member States to address IoT, Commercial of-the-shelf (COTS) and products with short life cycle.

The introduction of a European trust label for connected devices should be built on defined baseline security requirements and existing internationally recognized certification schemes. This should be supported by a European Certification Framework.