Cyber Security Testing & Certification

The Common Criteria for Information Technology Security Evaluation (CC) is an international standard (ISO 15408) for cyber security certification. Certification according to the Common Criteria provides assurance that the implementation, specification and evaluation of an IoT product or system has been conducted in a sound and repeatable manner.

The CC standard defines seven evaluation assurance levels (EAL) which provide a sliding scale of assurance from EAL1 (lowest) to EAL7 (highest). At DEKRA, we can test and evaluate your products and systems in line with the CC.

Electronic Identification, Authentication and Trust Services (eIDAS) is an EU regulation on electronic identification and trust services for electronic transactions.

DEKRA, as an eIDAS Regulation (EU) 910/2014 Conformity Assessment Body assessing Trust Service Providers in compliance with ISO/IEC 17065 and ETSI EN 319 403, provides evaluation and compliance certification services, issuing both eIDAS Conformity Certificates and Conformity Assessment Reports.

The Federal Information Processing Standard 140-3 is a U.S. government computer security standard used to approve cryptographic modules. DEKRA is a Cryptographic Module Testing Laboratory and handles testing according to this standard for both the Canadian and US markets. DEKRA lab code is 200856-0.

DEKRA also offers cryptographic module testing according to the security requirements as stated in ISO 19790. This standard defines four security levels for cryptographic modules to provide for a wide spectrum of data sensitivity and a diversity of application environments.

DEKRA has been recognized by the IECEE, the global certification scheme for testing, assessment and certification against the IEC 62443 series of standards. CB certificates are accepted worldwide as proof of compliance with international standards and they provide reassurance that processes and products comply with stringent security requirements or standards.

CB cyber security certification gives your stakeholders peace of mind that your products, processes and solutions comply with the strict fundamental security requirements outlined in IEC 62443.

DEKRA can provide you with Achilles Communication Certification (ACC) from GE Digital. As the industry-leading benchmark for communication robustness, Achilles Communication Certification is highly recognized, particularly in North America, for operational technologies used in critical infrastructure.

We offer conformance testing and functional security evaluations for MME devices and mobile network elements according to these specifications: 3GPP TR 33.916, TR 33.116, and TR 33.117.

DEKRA is recognized by the GSMA as a security lab offering the GSMA IoT Security Assessment as a service, providing IoT security capability to the wider ecosystem. These services can help companies without the necessary resources or expertise to complete an assessment and test their IoT solutions to ensure end-to-end security.

The assessment provides companies with a flexible framework that addresses the diversity of the IoT market, enabling organizations to build secure IoT devices and solutions as clarified in the GSMA IoT Security Guidelines.