This assessment is not an official one; the belgian state having not yet adopted a certification scheme, Belgian companies are forced to use foreign assessment centers to obtain a Common Criteria validation certificate. CETIC’s consulting provides assistance in producing the various documentation and test plans needed to obtain a CC certification.
The services offered at this stage consist in the preparation of protection profiles and security target and in an initial assessment of the security target. In addition to these activities, CETIC also offers static code analysis techniques to help reduce vulnerabilities.
Protection profile definition support: CETIC assists companies defining protection profiles by helping them in drafting the constituting elements: introduction, security problem, objectives and requirements.
Security target support: CETIC assists companies writing their security targets. Elements considered are identical to protection profiles except a supplementary section concerning the summary of evaluation target.
Security Target Evaluation support: CETIC proceed to an informal evaluation of the security target in order to identify missing elements and problem and to improve the whole quality of the security target.
Vulnerabilities inspection: CETIC performs static code analysis to detect potential errors or vulnerabilities in the applicative code.
