BSI-CC-PP-0084-V2-2026and BSI-CC-PP-0125-2026

13 Mar 2026 BSI-CC-PP-0084-V2-2026and BSI-CC-PP-0125-2026

Eurosmart developed new Security IC Platform Protection Profile Protection Profile and Security IC Platform Multi-assurance PP-Configurations certified by BSI

Eurosmart, the European association representing the digital security industry, welcomes the publication by the German Federal Office for Information Security (BSI) of the updated Common Criteria Protection Profile “Security IC Platform Protection Profile including Functional Packages “ BSI-CC-PP-0084-V2-2026 and the new Security IC Platform Multi-assurance PP-Configurations BSI-CC-PP-0125-2026.

Both Protection Profiles are targeting the Common Criteria 2022 (CC:2022), reflecting the latest evolution of the international Common Criteria standard for IT security evaluation.

This Security IC Platform Protection Profile v2.0 (BSI-CC-PP-0084-V2-2026) is an updated version of the Eurosmart Security IC Platform Protection Profile, Version 1.0 (February 2014, certified under BSI-CC-PP-0084-2014). It has been aligned with the requirements of Common Criteria Version 2022, Revision 1. It describes a tamper-resistant Security IC comprising a processor unit, security-relevant hardware components, contact and contactless I/O interfaces (as well as comparable interfaces such as USB), and volatile and non-volatile memory elements. The Target of Evaluation may additionally include proprietary dedicated software, provided this software is supplied by the IC manufacturer. The Protection Profile defines the core security requirements for Security ICs and also includes five optional functional packages covering authentication of the TOE to external entities, secure data loading in controlled or uncontrolled environments, cryptographic services, and address-based access control.

Complementing this profile, the Security IC Platform Multi-assurance PP-Configurations (BSI-CC-PP-0125-2026) defines a family of multi-assurance PP-Configurations and set of PP-Modules for the Security IC Platform Protection Profile (PP). The PP-Modules address functionality in the scope of the PP at a strictly higher assurance level including ADV_SPM.1. The PP-Modules cover the authentication of the TOE to external entities, secure data loading in controlled or uncontrolled environments, address-based access control and the limitation of the testing features.

Together, Security IC Platform PP and Security IC Platform Multi-assurance PP-Configurations form a coherent framework for the certification of Security IC platforms, allowing both a common security baseline and modular extensions that support different product capabilities and assurance configurations.

Eurosmart acted as the issuer of Protection Profiles BSI-CC-PP-0084-V2-2026 and BSI-CC-PP-0125-2026, supported by leading members of the European semiconductor and digital security industry. The development of the profile was sponsored by Infineon Technologies AG, NXP Semiconductors, STMicroelectronics and Thales, demonstrating the strong commitment of industry stakeholders to maintaining high-assurance security standards for security IC platforms.

Building on this work, a next revision of the Security IC Platform Protection Profile (PP-0084 V3) is currently under preparation, with the objective of incorporating the essential requirements of the European Cyber Resilience Act.

The certified Protection Profiles are available on the BSI website:

• BSI-CC-PP-0084-V2-2026
  https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/PP/aktuell/PP_0084.html
• BSI-CC-PP-0125-2026
  https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/PP/aktuell/PP_0125.html  

Eurosmart welcomes the continued efforts of European certification authorities and industry stakeholders in maintaining robust and internationally recognised security evaluation frameworks that support the development and deployment of trusted digital technologies.