9
min reading time
The latest version of the Network Device collaborative Protection Profile (NDcPP) was released in March 2020. NDcPP currently is one of the most popular and extensively used protection profiles among network device vendors and manufacturers to get their product certified.
In our latest article, we provide a deeper insight into the followings:
Network devices are tools that allow communication between different hardware components in a computer network. These devices are also referred to as networking hardware, physical devices, as well as computer networking devices. Each network device in a computer network plays a critical role based on its capabilities and also serves distinct purposes in different segments. Hub, switch, router, bridge, gateway, and modem are some of the most commonly used network devices.
The most frequently used collaborative Common Criteria Protection Profile for Network Devices defines the core security standards that should be anticipated from a network device, with the goal of mitigating a certain set of security risks. The primary goal of NDcPP is to guarantee that the device’s capabilities are safe and that it does not constitute a security risk in the network environment where it is implemented. Any network device getting certified by NDcPP can get listed on the official Common Criteria portal and the NIAP Product Compliant list as well.
NDcPP is a foundational standard for many network-connected high-security devices and systems, fulfilling its requirements recognized all over the world while the value of these certifications goes beyond the Common Criteria consuming member states and markets.
There are various possibilities for performing a Common Criteria security evaluation of a network device. In summary, the developer or manufacturer can choose the objectives and Target of Evaluation (TOE) based on an EAL (Evaluation Assurance Level). Alternatively, they can use a Protection Profile (PP) that fits the taxonomy of the network device.
Protection Profiles are generated by international technical working groups, including evaluation laboratories, consumers, public bodies, manufacturers, and other parties. The PPs are then reviewed and certified by a recognized Common Criteria Certification Body.
The two comprehensive categories of in-scope functional requirements of NDcPP are the following:
The NDcPP Certification process is a meticulous and complex procedure designed to ensure the highest levels of security for network devices. To provide a more detailed insight into this process, it can be broken down into several key stages:
The certification process begins with the comprehensive recording of security precautions and design parameters. This initial step serves as the foundation upon which the entire certification process is built. The meticulous documentation at this stage provides a critical reference for the subsequent steps in the process.
Simultaneously, a collaborative effort is initiated to determine the precise security criteria specified in the chosen NDcPP version. This collaborative approach ensures that a wide range of perspectives and expertise are brought into defining these criteria. This stage is pivotal, as it sets the guidelines that will govern the certification process.
The specifications gathered through the collaborative effort become the cornerstone for evaluating the security of the network device. This is where the real work begins.
Manufacturers meticulously compile a detailed documentation that serves as a comprehensive blueprint for security. This documentation includes essential components such as security policies, design requirements, and comprehensive test plans. These elements ensure that no aspect of security is overlooked in the certification process.
The journey towards NDcPP certification doesn't conclude with documentation. Instead, it proceeds to a critical phase where the network device is subjected to rigorous testing in specialized evaluation labs. This phase acts as the crucible, where the device's security is thoroughly examined.
Vulnerability assessments serve as a foundational step in the certification process. Their primary purpose is to identify and rectify any weaknesses or vulnerabilities within the device's security infrastructure.
Manufacturers employ a systematic approach to pinpoint potential security gaps that might be exploited by malicious actors. This proactive identification of vulnerabilities enables manufacturers to take corrective actions, strengthening the device's defenses against potential threats.
Vulnerability assessments are akin to a security health check, ensuring that the device starts the certification process with a solid foundation.
Penetration testing is a critical phase that evaluates the device's resilience against malicious intrusion. It involves simulating real-world security threats, allowing manufacturers to gauge how the network device would withstand actual attacks.
Skilled testers, often acting as ethical hackers, attempt to breach the device's security to identify weaknesses or areas of concern. This process provides valuable insights into the device's real-world security posture, helping manufacturers fine-tune their security measures.
By undergoing penetration testing, manufacturers can ensure that their network devices are not only theoretically secure but capable of withstanding genuine threats in a hostile digital environment.
Security control verification is an essential step to ascertain that the established security measures are not just theoretical but practical and effective in safeguarding the network device against potential threats.
Manufacturers must go beyond paper compliance and ensure that their security controls are operational and reliable. This involves evaluating the effectiveness of security policies, access controls, intrusion detection systems, and more.
A comprehensive security control verification process validates that the network device's security is not a mere concept but a practical reality. It helps to instill confidence in users that their data and systems are truly protected.
NDcPP defines a core set of security standards to be anticipated from a network solution, with the goal of mitigating a specified list of security risks. NDcPP can be used for network devices regardless of the solution's ultimate goal or any specific security capabilities that the product may provide.
NDcPP’s set of security standards includes the followings:
The threats that the NDcPP is designed to minimize are classified according to the network device’s functional areas:
Unreported activity: Network devices connected with systems that do not log activities continuously become vulnerable to attacks that can even change critical functions without the administrator noticing it.
Manipulated update: Regular updates are essential, but improperly protected update packages may contain some kind of malware that can attack the system or steal sensitive data.
Poor cryptographic algorithms: with weak protective processes implemented, a possible attacker might jeopardize the confidentiality, integrity, and validity of a communication. This would involve both conversations and information kept within the device itself.
Untrusted communication channels: communication channels might be potential targets for attacks if they are not adequately designed and implemented, and do not handle confidential information sharing properly.
Weak authentication processes: a weak authentication method inside a secure communication protocol might be exploited by an attacker. It can be a shared or easily guessable password for example.
Unauthorized access: without proper authorization attackers might try to get administrator access via network attacks or by exploiting a user's session or credentials.
Credentials of network devices, which can be easily cracked, mean serious security threats to the entire system, therefore, filtering them out has critical importance. The security procedures of network devices may fail at some times. It is therefore essential that the device should be able to identify this vulnerable condition by self-testing.
The NDcPP Certification process presents several complex challenges that manufacturers must address. To understand these challenges more comprehensively, let's delve into the five most crucial considerations:
The heart of the challenge lies in the intricate and multi-faceted nature of the NDcPP security criteria. These criteria are not only extensive but also demand a deep understanding for effective implementation. Manufacturers may struggle to grasp the full scope of these criteria, potentially leading to the implementation of incomplete or inadequate security measures.
Manufacturers may face difficulties in comprehending and meeting NDcPP criteria, particularly if they lack in-house expertise in Common Criteria and NDcPP. This knowledge gap can serve as a substantial barrier to successful certification. Without the necessary expertise, manufacturers risk misinterpreting requirements and falling short of the stringent security standards.
The delicate balance between stringent security measures and device usability poses a significant challenge. While robust security is non-negotiable, manufacturers must also ensure that their network devices remain user-friendly and compatible with other systems. Striking this balance is a complex task, as overly stringent security measures can hinder the device's usability and impede user satisfaction.
To address these multifaceted challenges, manufacturers are strongly advised to engage or consult with experts who possess an in-depth understanding of Common Criteria and NDcPP. These specialists bring a wealth of experience and can offer invaluable guidance in interpreting the complex NDcPP requirements. Their insights can guide manufacturers through the certification process effectively, ensuring that the stringent security standards are met, and no essential aspect is overlooked.
5. Importance of Accredited Evaluation Labs
Manufacturers should establish a close working relationship with a Common Criteria evaluation lab that holds accreditation. This step is pivotal in ensuring a reliable and meticulous certification process. Accredited labs adhere to recognized standards, providing manufacturers with confidence in the integrity of the certification results. This relationship enhances the overall quality and reliability of network devices, ultimately reassuring users of their security and compatibility.
In conclusion, the NDcPP Certification Process is a complex journey that presents unique challenges. Manufacturers can overcome these challenges by seeking expert guidance and establishing robust partnerships with accredited evaluation labs. Through these measures, they can navigate the intricacies of NDcPP, achieve the critical balance between security and usability, and ultimately deliver network devices that meet the highest standards of security and compatibility, providing peace of mind for both clients and end-users.
A network device (ND) is the collaborative Network Device Protection Profile's (NDcPP) Target of Evaluation (TOE). It sets security requirements that network devices shall meet in order to minimize a certain set of cyber threats. Future cPPs will expand on this foundational collection of requirements to give an overall set of security solutions for networks ranging in scale up to enterprises. NDcPP currently is the most favored option among network device vendors and manufacturers to get their product PP-compliant Common Criteria certified.
As an agile cybersecurity laboratory, we have experience with many different Protection Profiles and types of products when it comes to Common Criteria certification. We provide consulting services to help you prepare for the assessment project in order to minimize delays and extra expenditures throughout the Common Criteria certification process. We are prepared for CC evaluations of network devices both with or without a chosen PP.
Get your network device Common Criteria certified in the shortest timeframe feasible by utilizing our industry-leading agile methodology.
This downloadable infographics introduces the Common Criteria Evaluation process to you. Explore now for free.
Learn everything you need to know for a successful Common Criteria certification project. Save costs and efforts with your checklist.
Download our ETSI EN 303 635 infographics today and learn about the product certification process for this consumer IoT device cybersecurity standard.
The EUCC scheme, spearheaded by the European Union Agency for Cybersecurity (ENISA), was released in early 2024. It builds on the SOG-IS Common Criteria evaluation framework already used by 17 EU Member States.
7
min reading time
ICT (Information and Communication Technology) products, encompassing a wide range of digital devices and software, are inherently vulnerable due to their complexity and the ever-present potential for undiscovered security flaws. The interconnected nature of these products further amplifies the risk, as a single vulnerability can lead to widespread security breaches across networks and systems. To mitigate these risks, the strategic integration of cybersecurity certification requirements in ICT products has become paramount.
8
min reading time
The new Common Criteria Scheme, called the European Cybersecurity Certification Scheme (EUCC), is essential for harmonizing high-security cybersecurity certification of ICT products across EU member states. It facilitates mutual recognition of certifications, supports innovation, and ensures compliance with legal requirements. Fully effective from February 2025, the EUCC aims to provide a unified and robust framework for evaluating IT products, boosting consumer trust, and fostering a more secure digital environment.
10
min reading time