Publications
The member organisations of the CCRA declare that defined assurance levels (EALs) between versions of the criteria are equivalent and can therefore be used without restrictions for composition activities.
 CC:2022 Release 1
CC:2022 Release 1 consists of five parts. Make sure to download and use these files: |
|||
| XML | |||
| Part 1: Introduction and general model |
CC2022PART1R1.pdf
|
CC22R1.dtd | |
| Part 2: Security functional requirements |
CC2022PART2R1.pdf
|
||
| Part 3: Security assurance requirements |
CC2022PART3R1.pdf
|
cc2022R1.XML | |
| Part 4: Framework for the specification of evaluation methods and activities |
CC2022PART4R1.pdf
|
||
| Part 5: Pre-defined packages of security requirements |
CC2022PART5R1.pdf
|
||
| CEM:2022 consists of one part: |
|||
| CEM |
CEM2022R1.pdf
|
||
| Errata to CC:2022 and CEM:2022 |
CC2022CEM2022Errata_Interpretation.pdf
|
||
| Transition Policy to CC:2022 and CEM:2022 |
CC2022CEM2022TransitionPolicy.pdf
|
| |
|
Transition Policy to CC:2022 and CEM:2022
CCV3.1R5 version is the last from the 3.1 series, and may optionally be used for evaluation starting no later than the 30th of June 2024. STs conformant to CC:2022 based on PPs certified according to CC3.1 will be accepted up to the 31st of December 2027. Assurance continuity activities (maintenance, re-evaluation and re-assessment) based on CC 3.1 evaluations can be started for up to 2 years from the initial certification date. Further details now available. |
| ||
|
CC v3.1. Release 5
CC v3.1 Release 5 consists of three parts. Make sure to download and use these files: |
|||
| XML | |||
| Part 1: Introduction and general model |
CCPART1V3.1R5.pdf
|
CC3R3.dtd | |
|
CCPART1V3.1R5_marked_changes.pdf
|
|||
| Part 2: Security functional requirements |
CCPART2V3.1R5.pdf
|
cc3R5.XML.zip | |
|
CCPART2V3.1R5_marked_changes.pdf
|
|||
| Part 3: Security assurance requirements |
CCPART3V3.1R5.pdf
|
||
|
CCPART3V3.1R5_marked_changes.pdf
|
|||
| CEM v3.1 consists of one part: |
|||
| CEM |
CEMV3.1R5.pdf
|
||
| CEM |
CEMV3.1R5_marked_changes.pdf
|
||
| Addenda to the CC and CEM |
CCDB-013-v2.0-2021-Sep-30-Final-CCaddenda-Exact_Conformance.pdf
|
||
|
| |||
|
CC v3.1. Release 4
CC v3.1 Release 4 consists of three parts. Make sure to download and use these files: |
|||
| XML | |||
| Part 1: Introduction and general model |
CCPART1V3.1R4.pdf
|
CC3R3.dtd | |
|
CCPART1V3.1R4_marked_changes.pdf
|
|||
| Part 2: Security functional requirements |
CCPART2V3.1R4.pdf
|
cc3R4.XML.zip | |
|
CCPART2V3.1R4_marked_changes.pdf
|
|||
| Part 3: Security assurance requirements |
CCPART3V3.1R4.pdf
|
||
|
CCPART3V3.1R4_marked_changes.pdf
|
|||
| CEM v3.1 consists of one part: |
|||
| CEM |
CEMV3.1R4.pdf
|
||
| CEM |
CEMV3.1R4_marked_changes.pdf
|
||
| Addenda to the CC and CEM |
CCDB-2014-03-001-CCaddenda-Modular_PP.pdf
|
||
|
CC v3.1 Release 3 CC v3.1 consists of three parts. Make sure to download and use these files marked as "Final": |
|||
| XML | |||
| Part 1: Introduction and general model |
CCPART1V3.1R3.pdf
|
CC3R3.dtd | |
| Part 2: Security functional requirements |
CCPART2V3.1R3.pdf
|
cc3R3.XML.zip | |
|
CCPART2V3.1R3 - marked changes.pdf
|
|||
| Part 3: Security assurance requirements |
CCPART3V3.1R3.pdf
|
||
|
CCPART3V3.1R3 - marked changes.pdf
|
|||
| CEM v3.1 consists of one part: |
|||
| CEM |
CEMV3.1R3.pdf
|
||
| CEM |
CEMV3.1R3 - marked changes.pdf
|
||
|
|
|||
|
See the guides: |
|||
|
For previous versions of the CC and CEM please click here For unofficial versions of the CC and CEM please click here |
|||
The following documents are CC Supporting Documents. Supporting documents are used within the Common Criteria certification process to define how the criteria and evaluation methods are applied when certifying specific technologies. They replace multiple individual interpretations and hence provide clarity for developers, evaluators, and users. Their relevance and use for particular technologies is approved through an external approval process in which all CCRA members have input.
There are two classes of CC Supporting documentation:
- Those which are termed 'Mandatory Supporting Documents' are required to have been applied when a product involving the particular technology is certified in order to support mutual recognition.
- Those which are termed 'Guidance Supporting Documents' contain more general advice.
For more information see the CCRA Procedure for Supporting Documents.
CCRA Supporting Documents
| Document Number | Title |
| CCDB-2015-01-004 | Full Drive Encryption: Encryption Engine |
| CCDB-2015-01-003 | Full Drive Encryption: Authorization Acquisition |
| CCDB-2015-01-002 | Evaluation Activities for Stateful Traffic |
| CCDB-2015-01-001 | Evaluation Activities for Network Device cPP |
| CCDB-2008-09-002 | Characterizing Attacks to Fingerprint Verification Mechanisms |
| Collection of Developer Evidence | |
| Evaluation methodology for product series, v1.0 | |
| 2002-08-009 | Reuse of Evaluation Results and Evidence |
| CCDB-014-v3.0-2023-March-09 | Assurance Continuity |
| CCDB-012-v1.0-2021-Sep-30 | Certificate Validity |
| 2004-07-001 | Conducting Shadow Certifications |
| 2005-06-021 | Conducting Voluntary Periodic Assessments of Schemes Participating in the CCRA |
| CCDB-2006-04-004 | ST sanitising for publication |
| CCDB-2007-11-001 | Site Certification |
| 2023-10-015 | Establishing International Technical Communities and Developing collaborative Protection Profiles |