Context The number of vulnerable devices on the market has resulted in an increased need for trust. Many new security standards, evaluations and certifications are flourishing, all with different levels of assurance. In this highly competitive market and fast-evolving security threats landscape, it is critical to...
ETSI TC ESI is currently drafting a technical specification on “Security and policy requirements for trust service components providing identity proofing for trust services subjects” (TS 119 461 V005). In this context, Eurosmart decided to draft recommendations for this document. Eurosmart gives the following recommendations: Clarify the...
download the document Document Overview: This document defines a series of additional elements of the security problem definition, security objectives, and security functional requirements (SFRs), to support those architectures of Security ICs according to [1] that use an external NVM for storage. This augmentation package provides guidelines...
It is time to change paradigm. This is what Eurosmart concludes in its newly published guidance document on chip certification. This expert publication describes in a very concrete and illustrative way the ground-breaking developments currently happening in the world of chip-based identity documents. Cyber-threats on...
Since the adoption of the eIDAS Regulation in 2014, 15 Member States have notified at least one electronic identification (eID) scheme. Such a notification entails an obligation of mutual recognition by other Member States within one year. This means that the notified eID scheme can...
Eurosmart welcomes certification of processor cores using a subset of the requirements of Protection Profile (PP) PP-0084. This helps solidify the status of Common Criteria and especially the SOG-IS members as the go-to-centre for high assurance certification in the world. With referencing PP-0084, it shows the critical importance of...
This document presents a mapping of certification schemes selected by Eurosmart that are applicable to IoT (Internet of Things) in Europe. The selection includes national, proprietary certification scheme, security standards, guidelines or framework and they are collectively called 'scheme' in the rest of the document. This...
[vc_row css_animation="" row_type="row" use_row_as_full_screen_section="no" type="grid" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" z_index=""][vc_column css=".vc_custom_1560332194867{padding-left: 30px !important;}"][vc_empty_space height="50px"][vc_column_text] Eurosmart IoT Certification Scheme [/vc_column_text][vc_separator type="small" position="left"][vc_empty_space][vc_column_text]This framework as defined by the European Cybersecurity Act, enables their users to ascertain the level of security assurance (basic, substantial and high), and ensures that these security...
This white paper outlines risks involved in several implementations of external non volatile storage for integrated secure functions in larger Systems on Chip (SoC). The external storage function must include in SoC evaluation and should have a certification level that matches or exceeds the claimed...
Eurosmart wished to make comments on the PwC Impact Study Analysis, which is part of the Cybersecurity Package. This study contains erroneous statements that Eurosmart would like to point out. Please download the document for more details. [pdf-embedder url="https://www.eurosmart.com/wp-content/uploads/2019/01/Eurosmart-Comments-on-PwC-Study.pdf" title="Eurosmart Comments on PwC Study"]...
