Certified Products
Protection Profiles


The Common Criteria

The member organisations of the CCRA declare that defined assurance levels (EALs) between versions of the criteria are equivalent and can therefore be used without restrictions for composition activities.

CC v3.1.

Click here for information about the CC/CEM maintenance process.

Part 1 of the Common Criteria is at release 1, as published in September 2006, and the rest of the documents have been upgraded to release 2 in September 2007.

CC v3.1 consists of three parts:
PDF XML
Part 1: Introduction and general model CCPART1V3.1R1.pdf CC3R2.dtd
Part 2: Security functional requirements CCPART2V3.1R2.pdf ccR2.XML.zip
CCPART2V3.1R2 - marked changes.pdf
Part 3: Security assurance requirements CCPART3V3.1R2.pdf
CCPART3V3.1R2 - marked changes.pdf

CEM v3.1 consists of one part:
PDF
CEM CEMV3.1R2.pdf
CEM CEMV3.1R2 - marked changes.pdf


See the new guides:

CC v2.3

CC v2.3 is based on version 2.2, updated with a number of interpretations and further editorial changes that do not affect their technical content. These standards have also been published as ISO/IEC 15408:2005 and ISO/IEC 18045:2005.

This version is the last of the 2.* series, and may optionally be used for evaluations starting no later than March 2008. Assurance maintenance based on CC v2.3 evaluations may, in general, continue for up to 2 years beyond the certification date. However, the certificate-issuing Scheme may, as circumstances warrant, either lengthen or shorten this period of assurance maintenance, based on the IT product type and the needs of the consumer.

CC v2.3 consists of three parts:
PDF
Part 1: Introduction and general model ccpart1v2.3.pdf
Part 2: Security functional requirements ccpart2v2.3.pdf
Part 3: Security assurance requirements ccpart3v2.3.pdf

CEM v2.3 consists of one part:
PDF
CEM cemv2.3.pdf


For previous versions of the CC and CEM please click here
For unofficial versions of the CC and CEM please click here