Fixed-time cybersecurity evaluation methodology for ICT products
Abstract
The scope of EN 17640 remains unchanged, adding the content of composition within: This document describes a cybersecurity evaluation methodology that can be implemented using pre-defined time and workload resources, for ICT products. It is intended to be applicable for all three assurance levels defined in the CSA (i.e. basic, substantial and high). The methodology is comprised of different evaluation blocks including assessment activities that comply with the evaluation requirements of the CSA for the mentioned three assurance levels. Where appropriate, it can be applied both to 3rd party evaluation and self-assessment.
Begin
2024-04-11
WI
JT013074
Planned document number
DIN EN 17640/A1
Project number
04301125
Responsible national committee
NA 043-04-13 GA - DIN/DKE Joint working committee Cybersecurity
Responsible european committee
CEN/CLC/JTC 13/WG 3 - Security evaluation and assessment
previous edition(s)
Fixed-time cybersecurity evaluation methodology for ICT products; German version EN 17640:2022
2022-12