Projekta Nr.-
NosaukumsSmart Cards • Definition of a Smart Card that is in the scope of the Regulation (EU) 2024/2847, Annex 4, Category 41 o In reference to TC47X/WG3 work on Security MCU/MPU • Distinction between applicative part and general part of the architecture that is essential for composite evaluation • Expectation on applicative and composite evaluation in accordance with EUCC scheme Similar Devices • Definition of similar devices that are in- or out-of-scope of this standardisation category – for example: o Products in-scope that fully comply with architectural description of a compliant Smart Card but do come in different packaging (e.g. SIM-card form factors, key fobs, tokens, IoT embedded ID elements), etc. o Products out-of-scope that come packaged as a smart card but contain microcontrollers with security functions or tamper resistance appropriate for evaluation under other categories Secure Elements • Definition of a Secure Element that is on the scope of the Regulation (EU) 2024/2847, including description of possible architectures and required security capabilities, in alignment with TC47X • Distinction between applicative part and general part of the architecture that is essential for composite evaluation • Expectation on applicative and composite evaluation in accordance with EUCC scheme • Alignment of security capabilities of secure elements with microcontrollers and microprocessors with security functions and/or tamper resistance capabilities Related remote data processing • Technical criteria characterizing a remote data processing • Identification of remote data processing e.g. life cycle management, security update services…. • Standardized expectations on lifecycle management of Smart Cards and Secure Elements As part of the work, the group will cover at least the types of PwDE and their intended purposes in relation to use cases described in the list below. In addition, for some types of PwDE, expertise from external organizations which are recognized will be leveraged to ensure the project is relevant and in line with the reality of markets. Type of the Product with Digital Elements: 1. Secure element, Smart Cards and similar devices for critical use cases – high risk profile 2. Secure element, Smart Cards and similar devices for critical use cases – low risk profile 3. Remote data processing systems / services The list above is not finite, it represents initial state. The work of the group will first focus on delivering precise scope related to intended purpose and dependant use cases, in collaboration with other standardisation workgroups and industry representatives. Note on the use cases - Standard may cover specific aspects of particular use cases Note on risk profile - The mapping of compliance criteria with EUCC may be given - Standard may cover aspects of newer version of Common Criteria CC:2022, and other established schemes
Reģistrācijas numurs (WIID)82146
Darbības sfēraSmart Cards • Definition of a Smart Card that is in the scope of the Regulation (EU) 2024/2847, Annex 4, Category 41 o In reference to TC47X/WG3 work on Security MCU/MPU • Distinction between applicative part and general part of the architecture that is essential for composite evaluation • Expectation on applicative and composite evaluation in accordance with EUCC scheme Similar Devices • Definition of similar devices that are in- or out-of-scope of this standardisation category – for example: o Products in-scope that fully comply with architectural description of a compliant Smart Card but do come in different packaging (e.g. SIM-card form factors, key fobs, tokens, IoT embedded ID elements), etc. o Products out-of-scope that come packaged as a smart card but contain microcontrollers with security functions or tamper resistance appropriate for evaluation under other categories Secure Elements • Definition of a Secure Element that is on the scope of the Regulation (EU) 2024/2847, including description of possible architectures and required security capabilities, in alignment with TC47X • Distinction between applicative part and general part of the architecture that is essential for composite evaluation • Expectation on applicative and composite evaluation in accordance with EUCC scheme • Alignment of security capabilities of secure elements with microcontrollers and microprocessors with security functions and/or tamper resistance capabilities Related remote data processing • Technical criteria characterizing a remote data processing • Identification of remote data processing e.g. life cycle management, security update services…. • Standardized expectations on lifecycle management of Smart Cards and Secure Elements As part of the work, the group will cover at least the types of PwDE and their intended purposes in relation to use cases described in the list below. In addition, for some types of PwDE, expertise from external organizations which are recognized will be leveraged to ensure the project is relevant and in line with the reality of markets. Type of the Product with Digital Elements: 1. Secure element, Smart Cards and similar devices for critical use cases – high risk profile 2. Secure element, Smart Cards and similar devices for critical use cases – low risk profile 3. Remote data processing systems / services The list above is not finite, it represents initial state. The work of the group will first focus on delivering precise scope related to intended purpose and dependant use cases, in collaboration with other standardisation workgroups and industry representatives. Note on the use cases - Standard may cover specific aspects of particular use cases Note on risk profile - The mapping of compliance criteria with EUCC may be given - Standard may cover aspects of newer version of Common Criteria CC:2022, and other established schemes
StatussIzstrādē
ICS grupaNav uzstādīts