Publications

The member organisations of the CCRA declare that defined assurance levels (EALs) between versions of the criteria are equivalent and can therefore be used without restrictions for composition activities.


CC v3.1. Release 4

Click here for information about the CC/CEM maintenance process.

CC v3.1 Release 4 consists of three parts. Make sure to download and use these files:

PDF XML
Part 1: Introduction and general model CCPART1V3.1R4.pdf CC3R3.dtd
  CCPART1V3.1R4_marked_changes.pdf  
Part 2: Security functional requirements CCPART2V3.1R4.pdf cc3R4.XML.zip
  CCPART2V3.1R4_marked_changes.pdf  
Part 3: Security assurance requirements CCPART3V3.1R4.pdf  
  CCPART3V3.1R4_marked_changes.pdf  

CEM v3.1 consists of one part:
  PDF  
CEM CEMV3.1R4.pdf  
CEM CEMV3.1R4_marked_changes.pdf  
Addenda to the CC and CEM

CCDB-2014-03-001-CCaddenda-Modular_PP.pdf
 
 

CC v3.1 Release 3

Click here for information about the CC/CEM maintenance process.

CC v3.1 consists of three parts. Make sure to download and use these files marked as "Final":

  PDF XML
Part 1: Introduction and general model CCPART1V3.1R3.pdf CC3R3.dtd
Part 2: Security functional requirements CCPART2V3.1R3.pdf cc3R3.XML.zip
  CCPART2V3.1R3 - marked changes.pdf  
Part 3: Security assurance requirements CCPART3V3.1R3.pdf  
  CCPART3V3.1R3 - marked changes.pdf  

CEM v3.1 consists of one part:
  PDF  
CEM CEMV3.1R3.pdf  
CEM CEMV3.1R3 - marked changes.pdf  

See the guides:


CC v2.3

CC v2.3 is based on version 2.2, updated with a number of interpretations and further editorial changes that do not affect their technical content. These standards have also been published as ISO/IEC 15408:2005 and ISO/IEC 18045:2005.

This version is the last of the 2.* series, and may optionally be used for evaluations starting no later than March 2008. Assurance maintenance based on CC v2.3 evaluations may, in general, continue for up to 2 years beyond the certification date. However, the certificate-issuing Scheme may, as circumstances warrant, either lengthen or shorten this period of assurance maintenance, based on the IT product type and the needs of the consumer.

CC v2.3 consists of three parts:
  PDF  
Part 1: Introduction and general model ccpart1v2.3.pdf  
Part 2: Security functional requirements ccpart2v2.3.pdf  
Part 3: Security assurance requirements ccpart3v2.3.pdf  

CEM v2.3 consists of one part:
  PDF  
CEM cemv2.3.pdf  
 


For previous versions of the CC and CEM please click here
For unofficial versions of the CC and CEM please click here


The following documents are CC Supporting Documents. Supporting documents are used within the Common Criteria certification process to define how the criteria and evaluation methods are applied when certifying specific technologies. They replace multiple individual interpretations and hence provide clarity for developers, evaluators, and users. Their relevance and use for particular technologies is approved by the CCRA Management Committee following submission of a suitable rationale. Their subsequent maintenance is a responsibility of the CCRA Development board.

There are two classes of CC Supporting documentation:

For more information see the CCRA Procedure for Supporting Documents.

Supporting Documents related to Smart Cards and similar devices

Document number Document title Class
2006-06-001 Rationale for Smart cards and similar devices
CCDB-2010-03-001 Guidance for smartcard evaluation v2.0 Guidance
CCDB-2014-04-001 Security Architecture requirements (ADV_ARC) for smart cards and similar devices Mandatory
CCDB-2009-03-002 Application of CC to Integrated Circuits v3.0 Mandatory
CCDB-2012-04-001 Composite product evaluation for Smartcards and similar devices v1.2 Mandatory
CCDB-2007-09-02 ETR-template lite for composition v1.0 Guidance
CCDB-2012-04-003 Security Architecture requirements (ADV_ARC) for smart cards and similar devices Mandatory
CCDB-2012-04-004 Security Architecture requirements (ADV_ARC) for smart cards and similar devices - Appendix 1 Guidance
CCDB-2013-05-001 Requirements to perform Integrated Circuit Evaluations Mandatory
CCDB-2013-05-002 Application of Attack Potential to Smartcards Mandatory

Additional CCRA Supporting Documents

Document Number Title
CCDB-2008-09-002 Characterizing Attacks to Fingerprint Verification Mechanisms
CCDB-2012-04-005 Collection of Developer Evidence
2002-08-009 Reuse of Evaluation Results and Evidence
2012-06-01 Assurance Continuity
2004-07-001 Conducting Shadow Certifications
2005-06-021 Conducting Voluntary Periodic Assessments of Schemes Participating in the CCRA
CCDB-2006-04-004 ST sanitising for publication
CCDB-2007-11-001 Site Certification