STFbreadcrumb separatorSTFsbreadcrumb separatorSTF Homepagesbreadcrumb separatorSTF329

Specialist Task Force 329:
Development and Support for use of Common Criteria capabilities in the NGN

Who we are:

Team Leader: Scott Cadzow
Team Members: Lennart Damm
Siv Hilde Houmb
Steve Randall

What we do :

The STF will produce the following deliverables, for TB approval:

Work Item: DTR/TISPAN-07 (draft 14bTD211)
Title: Application of ISO-15408-2 requirements to ETSI standards – guide, method and application with examples

Read our Terms of Reference

Why we do it:

TISPAN has spent some time over the past 3 years in bringing Common Criteria rigour to the standards process but there is still much to be done. The preparation of Protection Profiles as done in STF292 has begun to scratch the surface but work is still required to expand the method and formalisms of security design in a standards environment that will make the resulting security standards much more able to be used in an evaluation environment.

The use of ISO 15408‑2 to concisely and unambiguously declare security requirements is of particular importance as it is only when security requirements are accurately and completely stated can the compliance to those requirements be tested. In particular the forms of assignment and selection in definition of requirements and their place in the standards development and verification process is a missing link.

 The STF proposed shall be expected to cover two distinct but complimentary areas:

  • To ensure that guidance for use of 15408-2 is available for ETSI developers: 
  • To assist WG7 specifically, and the TISPAN NGN project in general, in providing rationale for any security decision such that the Common Criteria guidance is engineered into all WG7 and NGN deliverables that may be subject to evaluation at some time. 

Time plan for the work:

  • Start of the work February 2007
  • ToC and scope March 2007
  • First stable draft for WG review May 2007
  • Draft for WG approval June 2007
  • WG approva July 2007
  • Draft for TB approval June 2007
  • TB approval September 2007
  • Publication October 2007

How to contact us:

If you would like more information, please contact the STF Leader: scott@cadzow.com

 

Note: this information is based upon STF working assumptions.
The views expressed do not necessarily represent the position of ETSI in this context.