Blog

Cryptography has become, in recent years, a fundamental part of the cybersecurity of any product. Therefore, CCN has decided to create a methodology for the evaluation of cryptographic mechanisms that can be applied to all those products that are certified/qualified using standards such as Common Criteria and LINCE, as well as for those that are tested directly against the methodology itself as cryptographic evaluation.

After an exhaustive audit process by the entity Cámara Certifica, which has taken several months of effort, we are pleased to announce that jtsec Beyond IT Security has achieved the highest possible level of certification in the ENS (Spanish National Security Scheme), thus fulfilling a requirement to collaborate with the Public Administration.

In 2022 a total of 370 certifications were completed. This year is quite exciting for us, because for the first time jtsec appears in this report. In addition, we have become part of Applus Cybersecurity Labs (Applus+Lightship+jtsec) which makes us among the laboratories with the most certifications achieved this year.

The standard ETSI EN 303 645 is evaluated following the guidelines of ETSI TS 103 701, which describes how a conformity assessment is performed in a structured and comprehensive way. This will allow supplier organizations such as manufacturers, vendors or distributers to assess the compliance of their devices against ETSI EN 303 645. The technical specification that offers ETSI TS 103 701 helps to harmonize evaluation methodologies and support manufacturers, suppliers and implementers for their internal security processes.

The IEC 62443 standard is the main international reference framework for the cybersecurity of industrial systems and specifies a series of measures against cyber-attacks. It also provides a lingua franca for the industrial ecosystem (manufacturers, integrators and test laboratories). Is the only reliable solution for testing the cybersecurity of components in the field of industrial automation.