Services of the MTG IT Security Evaluation Facility - ITSEF
Since February 2005, our ITSEF has been one of only eight IT Security Evaluation Facilities recognized by the BSI.
Evaluation & Consulting According to Common Criteria
The Common Criteria for Information Technology Security Evaluation (Common Criteria or CC for short) is an internationally recognized standard for certifying IT products for data security. The CC is very flexible and can in principle be applied to all IT products. Government applications often require CC certification, but CC can also be used generally to provide security assurance for a product.
Before applying for a product certification according to Common Criteria, a recognized ITSEF must have been commissioned for the evaluation. In addition, in many cases it makes sense to commission a corresponding consulting service.
The MTG IT Security Evaluation Facility has been a BSI-approved Evaluation Facility for Common Criteria evaluations since 2005. We offer evaluation and consulting services.
|
Our fields of expertise |
|---|
|
|
|
|
|
|
|
Info on Common Criteria:
Evaluation according to BSZ - Accelerated safety certification
The BSI's Accelerated Security Certification (Beschleunigte Sicherheitszertifizierung, BSZ) enables vendors to have their security claims regarding a product confirmed by an independent certificate. Here, however, many aspects are based on the Common Criteria. The BSZ is compatible with the French CSPN and it is planned to have mutually recognize certificates between both countries.
A product that is to be certified according to BSZ must be in one of the scopes defined by the BSI. The following scopes are currently available:
|
Following scopes are currently available: |
|---|
|
|
Info on Evaluation according to BSZ
Evaluation & consulting according to TR-03153
Section 146 a (1) of the German Tax Law stipulates that electronic cash register systems may only be operated with a certified "technical security equipment" (TSE). In concrete terms, this means that the TSE must be certified in accordance with Common Criteria and, on the other hand, TR-03153 in order to obtain an operating license.
The MTG IT Security Evaluation Facility is the first in Germany to be approved by the BSI for testing in accordance with TR-03153 and has already accompanied many certification procedures for various customers.
Info on TR-03153
Evaluation & consulting according to TR-03109-5
|
For example, the German Regulation for Heating Cost Accounting (HeizkostenV) provides the following in §5 paragraph 2: |
|---|
|
„Ab dem 1. Dezember 2022 dürfen nur noch solche fernablesbaren Ausstattungen installiert werden, die sicher an ein Smart-Meter-Gateway … unter Beachtung des in Schutzprofilen und technischen Richtlinien des Bundesamtes für Sicherheit in der Informationstechnik niedergelegten Stands der Technik nach dem Messstellenbetriebsgesetz angebunden werden können.“ |
|
(Original legal text) |
It is also possible that other devices will fall under similar regulations in the future.
The MTG ITSEF is currently setting up testing operations for TR-03109-5 and the application for recognition has already been submitted. In addition, we will also offer evaluations for the associated scope in the "Accelerated Safety Certification" (see BSZ).