HOME | TERMS | CONTACT US | SITE MAP   The National Technical Authority for Information Assurance     ABOUT US   PRODUCTS & SERVICES   PUBLICATIONS   POLICY & TECHNOLOGIES   FIND A ..... You are here:CESG > Products and Services> IACS> Common Criteria & ITSEC >UK National Interpretations for Common Criteria Common Criteria & ITSEC Introduction Certified Products CLEFs Common Criteria Assurance Levels Directory of Infosec Assured Products (pdf) Formal Documentation International Links Introductory Guides ITSEC Assurance Levels Joint Interpretation Library Security Evaluation Criteria Structure of the UK Scheme UK Evaluator Training Material UK National Interpretations for Common Criteria Scheme FAQs Scheme History Common Criteria portal Business Questionnaire for Common Criteria Assurance Services (doc)   UK National Interpretations for Common Criteria 1. The CC UK Support Group (CCUKSG) interpretations currently endorsed for use in the UK Scheme are listed below in Table A. They relate to CC/CEM v3.1 (September 2006), CC/CEM v2.3 (August 2005) and CC/CEM v2.2 (January 2004). 2. The CCUKSG interpretations previously endorsed for use in the UK Scheme, which have since been withdrawn, are listed below in Table B. They relate to CC v2.1/CEM v1.0 (August 1999). 3. The CCUKSG interpretation currently endorsed only for submission to CCIMB is listed below in Table C. It relates to CC v2.1/CEM v1.0 (August 1999). Table A CCUKSG interpretations currently endorsed for use in the UK Scheme: Interpretation for CC/CEM v3.1 Subject Effective Date   UK/3.1/006 Selecting a sample for repeating developer tests 12 March 2007 22KB UK/3.1/007 Verdict justifications in CEM compliant evaluations (Revision 2) 13 February 2009 99k UK/3.1/007 Verdict justifications in CEM compliant evaluations 12 March 2007 98KB UK/3.1/008 Treatment of commercial hardware that is part of a TOE 12 March 2007 34KB UK/3.1/009 Abstract machine testing and the TOE boundary 12 March 2007 30KB UK/3.1/010 Use of extended components for specifying optional requirements in a PP 12 March 2007 27KB UK/3.1/011 Use of open source/third party source code 12 March 2007 32KB UK/3.1/012 Multi-platform TOEs 12 March 2007 50KB UK/3.1/014 ALC_FLR.3 Requirement for a Timely Response to Security Flaws 13 February 2009 39k Interpretation for CC/CEM v2.3 Subject Effective Date   UK/2.3/001 Interpretation of the word “appropriate” in ADV_HLD.2.8C 1 March 2007 12KB UK/2.3/002 Unsatisfied AVA_VLA.2 dependencies in augmentation of EAL1 1 March 2007 13KB UK/2.3/005 SOF-medium rating for passwords 1 March 2007 14KB UK/2.3/006 Selecting a sample for repeating developer tests 6 March 2009 31KB UK/2.3/007 Verdict justifications in CEM compliant evaluations 1 March 2007 118KB UK/2.3/008 Treatment of commercial hardware that is part of a TOE 1 March 2007 31KB UK/2.3/009 Abstract machine testing and the TOE boundary 1 March 2007 17KB UK/2.3/010 Use of extended components for specifying optional requirements in a PP 1 March 2007 26KB UK/2.3/011 Use of open source/third party source code 1 March 2007 31KB UK/2.3/012 Multi-platform TOEs 1 March 2007 41KB UK/2.3/013 Secure electronic delivery 1 March 2007 33KB UK/2.3/014 ALC_FLR.3 Requirement for a Timely Response to Security Flaws 13 February 2009 39k Interpretation for CC/CEM v2.2 Subject Effective Date UK/2.2/001 Interpretation of the word “appropriate” in ADV_HLD.2.8C 25 February 2005 8KB UK/2.2/002 Unsatisfied AVA_VLA.2 dependencies in augmentation of EAL1 25 February 2005 9KB UK/2.2/005 SOF-medium rating for passwords 25 February 2005 9KB UK/2.2/007 Verdict justifications in CEM compliant evaluations 24 March 2005 114KB UK/2.2/008 Treatment of commercial hardware that is part of a TOE 25 February 2005 24KB UK/2.2/009 Abstract machine testing and the TOE Boundary 25 February 2005 13KB UK/2.2/010 Use of extended components for specifying optional requirements in a PP 25 February 2005 20KB UK/2.2/011 Use of open source/third party source code 24 September 2004 28KB UK/2.2/012 Multi-platform TOEs 29 October 2004 30KB UK/2.2/013 Secure electronic delivery 19 April 2005 23KB Table B Withdrawn CCUKSG interpretations (previously endorsed for use in the UK Scheme): Interpretation for CC v2.1/CEM v1.0 Subject Effective Date UK/2.1/003 Use of ST to meet ISPM requirement at EAL4 26 January 2000. Withdrawn 30 March 2001 (superseded by CCIMB Final Interpretation 69). UK/2.1/004 Indistinguishable CEM Work Units for ADO_DEL 6 June 2000. Withdrawn 31 July 2001 (superseded by CCIMB Final Interpretation 116). Table C CCUKSG interpretation currently endorsed only for submission to CCIMB Interpretation for CC v2.1/CEM v1.0 Subject Endorsement date UK/2.1/006 Sample size for repeating developer tests 8 January 2001  © Crown copyright, 2008. This CESG Website is maintained for your personal use and viewing. Access and use by you of this site constitutes acceptance of our terms and conditions which take effect from the date of first use. Click here for our terms and conditions CESGweb@cesg.gsi.gov.uk