Security Expertise

Das ITSEF (Information Technology Security Evaluation Facility) von SERMA TECHNOLOGIES ist ein für die Sicherheitsbewertung gemäß der CC-Normen zugelassenes Labor (CC-Common Criteria for Information Technology Security Evaluation).

 

Security Expertise

 

 
Common Criteria evaluation

CC security evaluations (ISO 15408) up to EAL7 level and AVA_VLA.4/VAN.5 with High attack potential
Protection Profiles writing and evaluation
Some world breakthroughs achieved by our iTSEF:
First evaluation with a formal product design (EAL7 components)
First CC V3.1 EAL5+ evaluation of a smart card controller


> read more

Private scheme Evaluation

CAST laboratory for MasterCard Worldwide
EMVCo full service laboratory
VCSP laboratory for VISA International
CSPN evaluations with ANSSI
FIPS140-2


> read more

 

.

Security expertise

Code security review of applications and platforms from low (assembly) to high (Java) level languages
Hardware security testing with High attack potential

 

On site security audit & certification

Security audits and sites CC certification on production and development sites
Our commitments:
To help you improve security measures implemented on sites
To verify their efficiency

 

 

.

R&D Programs

Permanent development of new attacks
State of the art test benches
Research programs with industrials and universities
Active contribution to international working groups, ISCI (WG1, JHAS, JTEMS

 

Our Accreditations

Licensed by ANSSI (French certification body) since 2000, with “High” attack potential
To help you improve security measures implemented on siteAccredited by COFRAC ISO17025 Quality Assurance System since 2000 (LABREF14 for test laboratories)
CAST laboratory for MasterCard Worldwide
EMVCo full service laboratory
VCSP laboratory for VISA
FIPS140-2

 

 

.

A large range of services

- Applied to the following products:
Microcontrollers, secure memories
Trusted Platform Module (TPM), Hardware Security Modules (HSM)
Smart cards, cryptographic devices
PDAs, mobile phones, wirelessdevices
Software security applications (firewalls, data encryption)
- Spanning through many industries:
Banking, e-Transactions (e-business, digital signature)
Identity, Mobile telecom, Pay-TV
Public health, public transportation
Automotive, aerospac

 

Consulting, training & security

Security evaluation training to CC standards for the whole evaluation process
CC documentation development support
Secure programming best practices
CC evaluationproject management

 

 

.