Sitemap   |   Contact   

Login  

• NEWS
• ICCC
• PROTECTION PROFILES
• COLLABORATIVE PPS
• CERTIFIED PRODUCTS
• TECHNICAL COMMUNITIES
• PUBLICATIONS
• ABOUT THE CC
• HOME

Publications

The member organisations of the CCRA declare that defined assurance levels (EALs) between versions of the criteria are equivalent and can therefore be used without restrictions for composition activities.

---

CC v3.1. Release 5 Click here for information about the CC/CEM maintenance process. CC v3.1 Release 5 consists of three parts. Make sure to download and use these files:
	PDF	XML
Part 1: Introduction and general model	CCPART1V3.1R5.pdf	CC3R3.dtd
	CCPART1V3.1R5_marked_changes.pdf
Part 2: Security functional requirements	CCPART2V3.1R5.pdf	cc3R5.XML.zip
	CCPART2V3.1R5_marked_changes.pdf
Part 3: Security assurance requirements	CCPART3V3.1R5.pdf
	CCPART3V3.1R5_marked_changes.pdf
CEM v3.1 consists of one part:
	PDF
CEM	CEMV3.1R5.pdf
CEM	CEMV3.1R5_marked_changes.pdf
Addenda to the CC and CEM	CCDB-2017-05-17-CCaddenda-Exact_Conformance.pdf
CC v3.1. Release 4 Click here for information about the CC/CEM maintenance process. CC v3.1 Release 4 consists of three parts. Make sure to download and use these files:
	PDF	XML
Part 1: Introduction and general model	CCPART1V3.1R4.pdf	CC3R3.dtd
	CCPART1V3.1R4_marked_changes.pdf
Part 2: Security functional requirements	CCPART2V3.1R4.pdf	cc3R4.XML.zip
	CCPART2V3.1R4_marked_changes.pdf
Part 3: Security assurance requirements	CCPART3V3.1R4.pdf
	CCPART3V3.1R4_marked_changes.pdf
CEM v3.1 consists of one part:
	PDF
CEM	CEMV3.1R4.pdf
CEM	CEMV3.1R4_marked_changes.pdf
Addenda to the CC and CEM	CCDB-2014-03-001-CCaddenda-Modular_PP.pdf
CC v3.1 Release 3 Click here for information about the CC/CEM maintenance process. CC v3.1 consists of three parts. Make sure to download and use these files marked as "Final":
	PDF	XML
Part 1: Introduction and general model	CCPART1V3.1R3.pdf	CC3R3.dtd
Part 2: Security functional requirements	CCPART2V3.1R3.pdf	cc3R3.XML.zip
	CCPART2V3.1R3 - marked changes.pdf
Part 3: Security assurance requirements	CCPART3V3.1R3.pdf
	CCPART3V3.1R3 - marked changes.pdf
CEM v3.1 consists of one part:
	PDF
CEM	CEMV3.1R3.pdf
CEM	CEMV3.1R3 - marked changes.pdf
See the guides:	Guide for the Transition from CC v2.3 to CC v3.1 for ADV Requirements. Transition Guide Summary of changes in the CC/CEM from v2.3 to v3.1. Guidelines for Developer Documentation according to Common Criteria Version 3.1
CC v2.3 CC v2.3 is based on version 2.2, updated with a number of interpretations and further editorial changes that do not affect their technical content. These standards have also been published as ISO/IEC 15408:2005 and ISO/IEC 18045:2005. This version is the last of the 2.* series, and may optionally be used for evaluations starting no later than March 2008. Assurance maintenance based on CC v2.3 evaluations may, in general, continue for up to 2 years beyond the certification date. However, the certificate-issuing Scheme may, as circumstances warrant, either lengthen or shorten this period of assurance maintenance, based on the IT product type and the needs of the consumer. CC v2.3 consists of three parts:
	PDF
Part 1: Introduction and general model	ccpart1v2.3.pdf
Part 2: Security functional requirements	ccpart2v2.3.pdf
Part 3: Security assurance requirements	ccpart3v2.3.pdf
CEM v2.3 consists of one part:
	PDF
CEM	cemv2.3.pdf
For previous versions of the CC and CEM please click here For unofficial versions of the CC and CEM please click here

---

The following documents are CC Supporting Documents. Supporting documents are used within the Common Criteria certification process to define how the criteria and evaluation methods are applied when certifying specific technologies. They replace multiple individual interpretations and hence provide clarity for developers, evaluators, and users. Their relevance and use for particular technologies is approved by the CCRA Management Committee following submission of a suitable rationale. Their subsequent maintenance is a responsibility of the CCRA Development board.

There are two classes of CC Supporting documentation:

• Those which are termed 'Mandatory Supporting Documents' are required to have been applied when a product involving the particular technology is certified in order to support mutual recognition.
• Those which are termed 'Guidance Supporting Documents' contain more general advice.

For more information see the CCRA Procedure for Supporting Documents.

Supporting Documents related to Smart Cards and similar devices

Document number	Document title	Class
2006-06-001	Rationale for Smart cards and similar devices
CCDB-2010-03-001	Guidance for smartcard evaluation v2.0	Guidance
CCDB-2014-04-001	Security Architecture requirements (ADV_ARC) for smart cards and similar devices	Mandatory
CCDB-2009-03-002	Application of CC to Integrated Circuits v3.0	Mandatory
CCDB-2012-04-001	Composite product evaluation for Smartcards and similar devices v1.2	Mandatory
CCDB-2007-09-02	ETR-template lite for composition v1.0	Guidance
CCDB-2012-04-004	Security Architecture requirements (ADV_ARC) for smart cards and similar devices - Appendix 1	Guidance
CCDB-2013-05-001	Requirements to perform Integrated Circuit Evaluations	Mandatory
CCDB-2013-05-002	Application of Attack Potential to Smartcards	Mandatory

Additional CCRA Supporting Documents

Document Number	Title
CCDB-2015-01-004	Full Drive Encryption: Encryption Engine
CCDB-2015-01-003	Full Drive Encryption: Authorization Acquisition
CCDB-2015-01-002	Evaluation Activities for Stateful Traffic
CCDB-2015-01-001	Evaluation Activities for Network Device cPP
CCDB-2008-09-002	Characterizing Attacks to Fingerprint Verification Mechanisms
CCDB-2012-04-005	Collection of Developer Evidence
2002-08-009	Reuse of Evaluation Results and Evidence
2012-06-01	Assurance Continuity
2004-07-001	Conducting Shadow Certifications
2005-06-021	Conducting Voluntary Periodic Assessments of Schemes Participating in the CCRA
CCDB-2006-04-004	ST sanitising for publication
CCDB-2007-11-001	Site Certification