Common Criteria evaluation

  • CC security evaluations (ISO 15408) up to EAL7 level and AVA_VLA.4/VAN.5 with High attack potential
  • Protection Profiles writing and evaluation

Some world breakthroughs achieved by our iTSEF:

  • First evaluation with a formal product design (EAL7 components)
  • First CC V3.1 EAL5+ evaluation of a smart card controller


What are the Common Criteria ?

« The Common Criteria is useful as a guide for the development of products or systems with IT security functions and for the procurement of commercial products and systems with such functions. During evaluation, such an IT product or system is known as a Target of Evaluation (TOE). Such TOEs include, for example, operating systems, computer networks, distributed systems, and applications.
The CC is applicable to IT security measures implemented in hardware, firmware or software. Where particular aspects of evaluation are intended only to apply to certain methods of implementation, this will be indicated within the relevant criteria statements.”

CC, Part 1, Scope

Common Criteria is a worldwide recognized norm for the security evaluation of your product. International mutual recognition agreements guarantee that evaluation results provided by SERMA TECHNOLOGIES ITSEF are recognized worldwide by other industrial and governmental actors…

We offer the full Common Criteria evaluation including documentary evaluation, independent functional testing, customer site audit and penetration testing through a theoretical vulnerability analysis followed by software, cryptographic and/or hardware attacks. None of our activities are subcontracted to any external party.

All evaluations tasks are concluded with a detailed report and remarks that help the developer to improve the security of its product.

As an official ITSEF accredited by ANSSI (the official French Certification Body), our ITSEF guarantees to its customers the confidentiality of the evaluations and their contents. The whole evaluation process is followed, controlled and validated by ANSSI. At the end of the evaluation process the ANSSI delivers an evaluation certificate for the product.