Skip to main content
  • Supplementary information

Composite product evaluation for smart cards and similar devices

Details

Part of collection
Publication date
31 January 2024
Author
European Union Agency for Cybersecurity
Type of Documents
  • State-of-the-art Documents
Certification Schemes
ICT Solutions
  • Hardware, Software and Components

Description

The Common Criteria (CC) are being widely used for smart card products security evaluation. Smart card evaluation showed very early a need for interpretation and supporting documents. 

The initial reason was that a smart card is built up with a combination of two parts: a hardware integrated circuit (IC) part and a software part often developed by different actors with specific objectives. Another reason is that the software part may be layered itself consisting of an “Operating System layer” with possibly integrated applicative functions and an “Application layer” on top of it that may contain different applications.

All these software parts can be developed by different actors with specific objectives. One objective was to independently perform one evaluation of a platform to address several applications and customers. Another objective was to create one or several applications to load on one or several certified platforms. The objective for Application Integration was to install one or several applications onto one already certified platform to reduce the evaluation effort keeping a high level of confidence.

EUCC State-of-the-Art

Files

  • 29 APRIL 2024
Composite product evaluation for smart cards and similar devices