Common
Criteria Certification

Certification Body of NASK-PIB as the first and only one in Poland (and this part of Europe), has the right to issue cybersecurity certificates for IT products based on the Common Criteria standard.

Common Criteria (CC) is an international standard (available as PN-EN ISO/IEC 15408 standard) used to assess the security properties of IT products and systems.

Common Criteria certificates confirm that the products for which they are issued meet the requirements of the most important international cybersecurity standard.

Certificates issued by NASK-PIB are recognized in most European countries under the SOG-IS MRA agreement, which includes: Belgium, Croatia, Denmark, Estonia, Finland, France, Germany, Italy, the Netherlands, Luxembourg, Norway, Slovakia, Spain, Sweden, United Kingdom, as well as in other countries of the world under the CCRA agreement.

ATTENTION:

Starting 1st July 2024 all new certification applications have to indicate Common Criteria version 2022 rev. 1.
Certification applications of ICT products for which Security Target is conformant with Protection Profile specific to Common Criteria ver. 3.1 rev. 5 will be accepted until 31st December 2027.
Starting 1st July 2024, re-evaluations and re-assessments based on Common Criteria v3.1 rev. 5 evaluations can be started for up to 2 years from the initial certification date.
Any additional information can be found in the CCRA Transition Policy to CC:2022 and CEM:2022
https://commoncriteriaportal.org/files/ccfiles/CC2022CEM2022TransitionPolicy.pdf

EVALUATION CRITERIA AND METHODOLOGIES

Customer Agreement with the Laboratory licensed by NASK-PIB

Submitting an application for certification to NASK-PIB

Quotation of the Certification Body’s services and signing of the contract

Cybersecurity evaluation carried out by the Laboratory under the supervision of the Certification Body (documentation analysis, research, tests)

Compliance assessment based on the verified Evaluation Technical Report and collected documentation

Certification decision and issuance of the Common Criteria Certificate

EVALUATION CRITERIA AND METHODOLOGIES

CC Common Criteria (for Information Technology Security Evaluation;) CC:2022 Release 1

PN-EN ISO/IEC 15408:2024-05
Information technology – Security techniques – Evaluation criteria for IT security;

PN-EN ISO/IEC 19790:2020-09
Information technology – Security techniques – Security requirements for cryptographic modules

CEM
(Methodology for Information Technology Security Evaluation); CC:2022

PN-EN ISO/IEC 18045:2024-04 Information technology – Security techniques – Methodology for IT security evaluation

ISO/IEC 24759:2017 Test requirements for cryptographic module

IT Security Assessment and Certification Program (PC1)

Detailed certification guidelines, as well as information on the certification process itself.

download

Information for the client

IGeneral information about Common Criteria certification.

download

Product Certification Application Form

Document submitted by the client..

download

License application

Document submitted by a laboratory interested in collaboration.

download

Regulations on fees for certification services provided by the Certification Body under the IT Security Evaluation and Certification Scheme- PC1

Detailed information on fees for certification services.

download

List of laboratories cooperating with the NASK-PIB Certification Body that conduct evaluation as part of the certification process.

Common Criteria Certification

EVALUATION CRITERIA AND METHODOLOGIES

EVALUATION CRITERIA AND METHODOLOGIES

Common
Criteria Certification