The aim of the Kickoff Meeting is to agree the suitability of proposed TOE for evaluation, to discuss the evaluation and certification process for the TOE and the schedule, and to clear the concerns.
2 Evaluation Work Step
The purpose of the evaluation is to determine whether the TOE Security design is suitable, whether the TOE Security Functions fulfill the Security Requirements described on the TOE design and whether the TOE is developed based on the TOE design and free from exploitable vulnerabilities.
The following activities are included;
Confirmation of the ST.
Confirmation of the Evaluation Deliverables.
Evaluation of the TOE, including analysis and testing;
Production of any Observation Reports (ORs) by the evaluation Facility and response to the ORs by the applicant;
(An applicant should accept the site visit of the Evaluation Facility and the Certification Body.)
Production of the Evaluation Technical Report (ETR) by the evaluation Facility.
An applicant should submit Evaluation Deliverables in a timely manner to the Evaluation Facility concerned pursuant to the predetermined schedule of delivery.
Evaluation deliverables may include:
Items of hardware, firmware or software which constitute the TOE itself;
Items of hardware, firmware or software which constitute
the TOE platform(s);
Supporting TOE documentation;
Access to the development site;
Supporting Evaluator Test;
3 Certification Work Step
The Certification Body verifies the validity of the evaluation according to CC/CEM.
3.1 Certification Review
The Certification Body reviews the ETR. When any problem is identifies with them, the Certification Body issues Certification Review to the Evaluation Facility.
An applicant should confirm the ETR and take any necessary measures in case the applicant finds any incorrect information or misapprehension in the report, in consultation with the Evaluation Facility and request for corrective action.
3.2 Certification Report
The Certification Body issues the Certification Report which is the summary of the Evaluation technical Report on the TOE as well as the matters confirmed in the verification process for the Evaluation technical Report.
The Certification Body issues the Certificate to prove the results of an evaluation.
4 Publication Step
4.1 Publish to the Web
According to an applicant request, the information of certified product (ST, Certification Report and Certificate) can be listed on JISEC web site and CCRA web site as specified by the application.