An Integrated Approach for Certification and Re-certification Based on the Case Study of an Integrated Circuit
Name
Jayavarshini Thirumalai
Abstract
A system is expected to undergo necessary security assessment toensure that it is in compliance with the baseline security requirements. Otherwiseit becomes hard to trust that the product is secure enough to use. For this purpose,certification can be used to ensure that a system is secure and safe to use. In thisthesis, we define an integrated approach that aims to reduce time and cost in theproduct evaluation process by refining and integrating existing approaches. Hence,we consolidate solutions from the ARMOUR methodology, the ECSO meta-schemeand the NIST SP 800-137 to support certification and re-certification. We use acase study of the integrated circuit (or chip) as an example. In addition, we followthe Common Criteria based European Cybersecurity Candidate Scheme guidelinesfrom ENISA to define a standardized process in certifying and re-certifying theproduct. Three different validators validated the thesis through face validity.
Graduation Thesis language
English
Graduation Thesis type
Master - Cyber Security
Supervisor(s)
Liina Kamm, Mari Seeba
Defence year
2021