Security IC Platform PP with Augmentation Packages
Others / Smart Card and similar devices
Certification Body |
Bundesamt fĂźr Sicherheit in der Informationstechnik (BSI) |
Sponsor |
Eurosmart Inside Secure Infineon Technologies AG NXP Semiconductors Germany GmbH STMicroelectronics |
Point of Contact |
commoncriteria@bsi.bund.de |
Certification ID |
|
PP Version |
|
CC Version |
3.1 Revision 4 |
CC Conformance Claim |
CC part 2 extended CC part 3 conformant EAL 4 augmented by ALC_DVS.2 and AVA_VAN.5 Conformance claims to this protection profile requires strict conformance |
Certification status |
Certified 19 February 2014 |
Language |
English |
Summary |
The Security IC Platform Protection Profile with Augmentation Packages Version 1.0 is the work of Eurosmart and it's members Inside Secure, Infineon Technologies AG, NXP Semiconductors Germany GmbH and STMicroelectronics. It has been developed according to CC Version 3.1 on the basis of the Eurosmart Smartcard IC Platform Protection Profile, Version 1.0, August 2007, BSI-CC-PP-0002-2001.0035-2007. The Security IC Platform Protection Profile with Augmentation Packages specifies security requirements for a security IC on the one hand and supports modularity and re-use of evaluation work to make the certification process cost-saving on the other hand. This Protection Profile describes a security integrated circuit (security IC) which is composed of a processing unit, security components, I/O ports (contact, contactless, or similar interfaces like USB, MMC) and volatile and non-volatile memories. The TOE may also include IC Developer/Manufacturer proprietary IC Dedicated Software as long as it is delivered by the IC Manufacturer. Optional packages are included for Authentication of the Security IC, for Flash Loader functionality (2 packages) and for Cryptographic Services (packages for TDES, AES, Hash functions) as well as informative guidance for specifying Functional Requirements for RNG. The evaluation of the Security IC according to this Protection Profile is independent of the evaluation of the composite product which includes the Security IC and the Security IC Embedded Software. The developer of the Security IC Embedded Software decides if the platform (evaluated Security IC) is suitable for the composite product. The composite evaluation process of the composite product may focus on the evaluation of the Security IC Embedded Software running on the security IC and reuse results of the product evaluation of the Security IC with the Dedicated Software. |
Relation to other PPs |
The Protection Profile is an update of the Security IC Platform PP certified under BSI-CC-PP-0035-2007 in order to comply to Common Criteria Version 3.1 Release 4 and to cover state of the art technology and evaluation methods. A Transition Paper is provided to describe the transition rules for product evaluations from the old PP-0035 to this new PP 0084. |