The amendment to the EU Common Criteria-based cybersecurity certification scheme introduces several updates to Annex I of the Implementing Regulation. These updates include five revised state-of-the-art documents covering: – Minimum site security requirements – Application of attack potentials to smartcards – Application of attack potentials to hardware devices with security boxes – Common criteria for integrated circuits – Composite product evaluation for smartcards and similar devices In addition, five new state-of-the-art documents are added, focusing on: – Composite product evaluation and certification – Reusing evaluation results of site audits – Clarifications on specific protection profiles, such as those for qualified electronic signature creation devices The amendment further includes updates to the main provisions, revising definitions of major and minor product changes and correcting textual inconsistencies.
EU – Draft Commission Implementing Regulation Amending Implementing Regulation (EU) 2024/482 as Regards Definitions, ICT Product Series Certification, Assurance Continuity and state-of-the-art Documents
