11
min reading time
Common Criteria is a robust framework for evaluating and certifying the security features of IT products, with the Evaluation Assurance Level (EAL) serving as a crucial measure of security evaluation depth and rigor. In this article, we will explore the various Common Criteria assurance levels and their significance in ensuring the robustness of IT products.
Within the realm of information technology security, Common Criteria (CC) stands as a robust framework for the meticulous evaluation and certification of IT product security features. Central to this framework is the Common Criteria Evaluation Assurance Level (EAL), a pivotal metric that gauges the depth and rigor of security assessments. But how does this comprehensive framework contribute to the trustworthiness and reliability of IT products? What structured approach does Common Criteria bring to the evaluation process?
Common Criteria for Information Technology Security Evaluation, commonly known as Common Criteria (CC), is a globally recognized framework and international standard (ISO/IEC 15408) that provides guidelines for independently assessing and certifying the security features of IT products.
This comprehensive framework serves as a crucial tool for evaluating the trustworthiness and reliability of these products, ensuring that they meet specified security requirements. Common Criteria establishes a structured approach to the evaluation process, defining terminology and outlining techniques for assessing security features.
It plays a pivotal role in validating that a particular IT system or product, referred to as the Target of Evaluation (TOE), adheres to rigorous and standardized security practices. The certification process involves thorough scrutiny of the TOE's specification, implementation, and cybersecurity evaluation, providing stakeholders with assurance that the product has undergone a robust and repeatable evaluation at a level suitable for its operational environment. Common Criteria is instrumental in enhancing cybersecurity and building trust in IT products across diverse industries.
EAL1 through EAL7 represents a grading system assigned after a security evaluation based on the Common Criteria, a global standard since 1999. Each ascending EAL certification level indicates higher assurance requirements that a computer system or product must meet for Common Criteria certification.
The goal is to instill greater confidence in the reliable implementation of the system's principal security features. It's important to clarify that the EAL certification level itself doesn't measure the inherent security of the system. Instead, it signifies the extent of testing the system underwent. To achieve a particular EAL, products must meet specific assurance requirements, including design documentation, design analysis, functional testing, and penetration testing.
Higher EALs require more detailed documentation, analysis, and testing compared to lower levels. This increased rigor comes at a higher cost and longer time investment. Achieving a higher Common Criteria evaluation assurance level generally involves more financial resources and time compared to achieving a lower one. The EAL number assigned to a certified system signifies the successful completion of all requirements for that specific level of certification.
Protection Profiles and/or Evaluation Assurance Levels must be chosen before starting a Common Criteria evaluation project. The Protection Profile (PPro) defines a standard set of safety requirements for a specific product type, such as a firewall. An Evaluation Assurance Level (EAL) represents how thoroughly a product is tested.
For organizations where developers or users demand moderate to extremely high independently assured security, EAL4+ certifications should be a consideration. This allows high-profile agencies to ensure their products or services can withstand additional security-specific engineering costs, with the value of the protected asset justifying these supplementary expenses.
At the foundational level of the Common Criteria security, EAL 1 reflects a minimal emphasis on security. Products evaluated at this level primarily undergo functional testing, with security considerations taking a back seat.
This first level is typically reserved for products with no significant security requirements, where the primary concern is the functionality of the system rather than its security features.
EAL 1 serves as a baseline for products that operate in environments where the risk of security threats is negligible. While it provides a basic level of assurance regarding functionality, it is unsuitable for products that handle sensitive or confidential information.
EAL 2 marks a progression in the importance given to security, although it is still not the primary focus. At this level, the evaluation process involves a closer examination of the design and architecture of the product to identify potential vulnerabilities.
This Common Criteria security level is commonly employed for low-risk systems or products where a basic level of security assurance is necessary, but the threat landscape is not particularly severe.
The emphasis on potential vulnerabilities in the design and architecture at EAL 2 ensures a more thoughtful consideration of Common Criteria security features. While it may not be suitable for susceptible systems, EAL 2 provides a stepping stone toward more comprehensive security evaluations.
As we ascend the Common Criteria security Levels, EAL 3 signals a significant increase in security integration into the product evaluation process. Systematic testing and a thorough review of security features become integral components of the evaluation at this level.
EAL 3 is well-suited for products requiring moderate security assurances, such as network appliances operating in environments with mild data sensitivity.
The shift towards systematic testing at EAL 3 ensures a more proactive approach to identifying and mitigating potential security vulnerabilities. This level balances functionality and security, making it appropriate for a broader range of applications.
EAL 4 represents a substantial leap in security measures. The evaluation at this level includes a comprehensive security assessment encompassing design, testing, and code review.
This Common Criteria assurance level is often chosen for products in sectors with heightened security requirements, such as government and defense, where the potential impact of security breaches is significant.
The emphasis on code review and comprehensive security assessments at EAL 4 ensures a more robust defense against potential threats. While the resource investment is higher, the confidence level in the product’s security capabilities also considerably increases.
EAL 5 introduces a formal and repeatable process for security development. This level is typically associated with mission-critical systems where safety assurance is necessary to mitigate potential risks.
The formalization of security processes at EAL 5 ensures consistency and reliability in developing and implementing safety features.
Products at this Common Criteria security level are expected to adhere to rigorous safety standards, making them suitable for applications where the consequences of failures could be severe. EAL 5 signifies a commitment to maintaining high security throughout the product's life cycle.
EAL 6 represents an even higher level of scrutiny, focusing on formally verifying the product's design and security mechanisms.
This level is reserved for highly critical systems where security breaches could have catastrophic consequences. The formal verification process ensures that the product's design and security mechanisms meet stringent standards and are less vulnerable.
It is characterized by meticulously examining every aspect of the product’s security features, making it suitable for applications with the highest level of assurance. The investment in resources at this level reflects the critical nature of the systems being evaluated.
EAL 7 stands as the highest level of assurance within the Common Criteria framework. Products undergoing evaluation at this level undergo formal methods to verify the design and implementation of security functions. This level is reserved for products in the most critical and secure environments, such as national defense systems.
It signifies the utmost commitment to security, ensuring that every aspect of the product's security functions is rigorously tested and verified. Products achieving EAL 7 certification provide the highest confidence level in their ability to withstand sophisticated and determined security threats.
Choosing the appropriate Evaluation Assurance Level (EAL) for a product is a strategic decision that goes beyond a simple classification. It requires a thorough understanding of the product, the associated risks, and the desired level of security assurance. Here are key factors to consider when deciding on the right Common Criteria Assurance Level for your product:
One of the critical considerations when deciding on an EAL certification is resource allocation. Moving from EAL 1 to EAL 4 represents a significant increase in the demand for resources both in terms of time and budget. EAL 4 requires manufacturers to allocate resources for security experts, specialized tools, and extensive documentation. This investment is crucial for conducting a thorough and comprehensive security assessment.
Higher Evaluation Assurance Levels demand a higher level of security expertise compared to lower levels. Manufacturers aiming for higher levels must have a team well-versed in security design and testing. The evaluation process at this level is more complex, requiring a deep understanding of potential vulnerabilities and implementing robust security measures. Ensuring that the team possesses the necessary expertise is paramount to achieving success at EAL 4.
All Common Criteria assessments need specific and carefully prepared documentation. Manufacturers must meticulously document the entire security development and testing process. This documentation serves as evidence of compliance with the stringent requirements of this level. The level of detail required ensures transparency and traceability, essential aspects of a robust security certification.
Security should not be an afterthought but an integral part of the development process from the initial design phases to the final implementation. This holistic approach ensures that security measures are effective and seamlessly integrated into the product.
Rigorous testing is a cornerstone of all Evaluation Assurance Levels. This includes functional and security testing, focusing on identifying vulnerabilities and weaknesses in the product. Manufacturers must be prepared for thorough evaluations, including simulated attacks and comprehensive testing scenarios. Testing rigor ensures the product's security features are robust and capable of withstanding potential threats.
Higher Evaluation Assurance Levels lead to longer development timelines. The integration, testing, and validation of security measures complicate the development process.
Manufacturers should plan accordingly, considering the potential delays associated with achieving a higher level of security assurance. Careful project management and realistic timelines are crucial to avoiding unexpected setbacks and ensuring the successful delivery of the product.
When considering Common Criteria certification, achieving an EAL4 certification is often seen as the ideal balance between thorough security assessment and resource allocation. EAL4 is particularly valuable for organizations requiring moderate to high assurance that their IT products are secure. This level involves a detailed evaluation process, including formalized design reviews, systematic testing, and analysis, making it well-suited for products intended for use in environments where security is a key concern but without the extreme resource demands of higher EAL levels.
EAL4 is frequently chosen by organizations that need to demonstrate a significant level of trust in their product's security features, often to meet regulatory requirements or to reassure customers in sectors like finance, healthcare, and government. The certification process at this level ensures that the product has been subjected to rigorous testing and evaluation, with an emphasis on the security features being both well-documented and thoroughly analyzed. By achieving EAL4 certification, a product not only meets a recognized standard of security but also gains a competitive edge in markets where trust and security are paramount.
Learn more about EAL4 form our When does EAL 4+ truly matter? blog.
As an agile cybersecurity lab, CCLab extends evaluation and consultation services to organizations interested in Common Criteria Evaluation certifications. The application of agile methodologies throughout the consultation and pre-evaluation process allows clients to sidestep unforeseen complications, extra costs, and delays in the certification journey.
CCLab is recognized for its ability to achieve remarkably fast project delivery, completing an EAL4+ evaluation project in approximately four months for well-prepared customers, a notable achievement within the industry.
Common Criteria's Evaluation Assurance Levels (EAL) provide a standardized framework for assessing IT product security. The choice of EAL level is a critical decision that involves balancing security requirements with resource allocation.
Selecting the right EAL level and a competent evaluation partner like CCLab is crucial for strengthening cybersecurity. As technology advances, the Common Criteria framework remains a cornerstone for ensuring the trustworthiness and security of IT products in an ever-evolving digital landscape.
Learn everything you need to know for a successful Common Criteria certification project. Save costs and effort with your checklist.
This downloadable infographics introduces the Common Criteria Evaluation process to you. Explore now for free.
Download our ETSI EN 303 635 infographics today and learn about the product certification process for this consumer IoT device cybersecurity standard.
As cyber threats become more sophisticated, businesses are compelled to implement rigorous protection strategies to stay compliant and secureCertification labs, like CCLab, play a crucial role in supporting businesses with expert testing, assessment and comprehensive compliance services, and specialized training. These labs offer services ranging from security audits to penetration testing, ensuring businesses remain resilient against evolving cyber threats while meeting regulatory standards. This article explores the indispensable role of certification labs, highlighting how they enhance cybersecurity, ensure compliance, and support a safer digital landscape.
9
min reading time
This year, CCLab sponsored the opening reception of the International Common Criteria Conference (ICCC) in Qatar. Like in previous years, CCLab experts were present during the event meeting the most important stakeholders of Common Criteria. The ICCC is a highly prestigious professional event now in its 23rd year. It provides opportunities for networking and various forums to discuss CC policy and development. It is aimed at participants involved in the specification, development, evaluation, certification, and validation of IT security products and systems.
5
min reading time
In an era where digital threats grow in complexity and frequency, cybersecurity is no longer a secondary consideration but an essential part of manufacturing operations. Compliance with security standards offers manufacturers a structured approach to managing the growing risks of digital threats and securely handling sensitive data. Compliance also helps companies meet industry regulations, protect intellectual property, and avoid potentially devastating financial losses.
8
min reading time