Skip to main content
Logo
  • Supplementary information

Application of attack potential to hardware devices with security boxes

Documents under this section present metrics to calculate the attack potential required by an attacker to effect an attack on ICT products of the technical domain “Hardware Devices with Security Boxes”.

Details

Part of collection
Publication date
31 January 2024 (Last updated on: 20 March 2025)
Author
European Union Agency for Cybersecurity
Type of Document
  • State-of-the-art Documents
Certification Scheme
ICT Solution
  • Hardware, Software and Components

Description

This state-of-the-art document supporting the EUCC scheme interprets the Common Criteria Methodology (CEM), based on evaluation experience in the technical domain “Hardware Devices with Security Boxes” and input from the related industry through the JIL Embedded Devices Subgroup (JEDS) of the SOG-IS1. 

It provides guidance metrics to calculate the attack potential required by an attacker to effect an attack on ICT products of the technical domain “Hardware Devices with Security Boxes”. The underlying objective is to aid in expressing the total effort required to mount a successful attack. This should be applied to the operational behaviour of such ICT product as defined in a related Security Target of the product under evaluation.

EUCC State-of-the-Art

Files

  • 29 APRIL 2024
Application of Attack Potential to hardware devices with security boxes v1.2
English
(537.03 KB - PDF)
Download
  • 20 MARCH 2025
Application of attack potential to Hardware Devices with Security Boxes v2 (draft)
English
(646.04 KB - PDF)
Download