Certification Report
EAL 4+(ATE_DPT.2,AVA_VAN.5) Evaluation of
PARS AR-GE BİLG.TEK.ELEK. MUH. VE
DAN.HIZ.SAN.TIC.LTD.ŞTI.
PARS DT-101 DIGITAL TACHOGRAPH VEHICLE UNIT v1.0
issued by
Turkish Standards Institution
Common Criteria Certification Scheme
2
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 2 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
TABLE OF CONTENTS
Table of contents .................................................................................................................................2
Document Information .......................................................................................................................3
Document Change Log .......................................................................................................................3
DISCLAIMER.....................................................................................................................................3
FOREWORD.......................................................................................................................................4
RECOGNITION OF THE CERTIFICATE ......................................................................................5
1 EXECUTIVE SUMMARY..............................................................................................................6
2 CERTIFICATION RESULTS.........................................................................................................8
2.1 Identification of Target of Evaluation .........................................................................................8
2.2 Security Policy...............................................................................................................................9
2.3 Assumptions and Clarification of Scope......................................................................................9
2.4 Architectural Information ..........................................................................................................10
2.5 Documentation............................................................................................................................12
2.6 IT Product Testing ......................................................................................................................12
2.7 Evaluated Configuration ............................................................................................................12
2.8 Results of the Evaluation............................................................................................................14
2.9 Evaluator Comments / Recommendations.................................................................................15
3 SECURITY TARGET ....................................................................................................................15
4 GLOSSARY ....................................................................................................................................16
5 BIBLIOGRAPHY...........................................................................................................................17
6 ANNEXES......................................................................................................................................17
3
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 3 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
Document Information
Date of Issue 29.12.2013
Version of Report 4.0
Author Murat ADSIZ&Zümrüt MÜFTÜOĞLU
Technical Responsible Mustafa YILMAZ
Approved Mariye Umay AKKAYA
Date Approved 30.12.2013
Certification Number 21.0.01/13-055
Sponsor and Developer PARS AR-GE BİLG.TEK.ELEK. MUH. VE
DAN.HIZ.SAN.TIC.LTD.ŞTI.
Evaluation Lab TUBITAK BILGEM OKTEM
TOE PARS DT-101 DIGITAL TACHOGRAPH VEHICLE UNIT
v1.0
Pages 17
Document Change Log
Release Date Pages Affected Remarks/Change Reference
V1.0 28.12.2013 All Initial
V2.0 29.12.2013 7-14 Certification Results
V3.0 30.12.2013 1-9 Final
V4.0 30.12.2013 9-17 Final
DISCLAIMER
This certification report and the IT product defined in the associated Common Criteria document
has been evaluated at an accredited and licensed evaluation facility conformance to Common
Criteria for IT Security Evaluation, version 3.1 ,revision 3, using Common Methodology for IT
Products Evaluation, version 3.1, revision 3 This certification report and the associated Common
Criteria document apply only to the identified version and release of the product in its evaluated
configuration. Evaluation has been conducted in accordance with the provisions of the CCCS, and
the conclusions of the evaluation facility in the evaluation report are consistent with the evidence
adduced. This report and its associated Common Criteria document are not an endorsement of the
product by the Turkish Standardization Institution, or any other organization that recognizes or
gives effect to this report and its associated Common Criteria document, and no warranty is given
4
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 4 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
for the product by the Turkish Standardization Institution, or any other organization that recognizes
or gives effect to this report and its associated Common Criteria document.
FOREWORD
The Certification Report is drawn up to submit the Certification Commission the results and
evaluation information upon the completion of a Common Criteria evaluation service performed
under the Common Criteria Certification Scheme. Certification Report covers all non-confidential
security and technical information related with a Common Criteria evaluation which is made under
the STCD Common Criteria Certification Scheme. This report is issued publicly to and made
available to all relevant parties for reference and use.
The Common Criteria Certification Scheme (CCSS) provides an evaluation and certification service
to ensure the reliability of Information Security (IS) products. Evaluation and tests are conducted
by a public or commercial Common Criteria Evaluation Facility (CCTL) under CCCS’ supervision.
CCEF is a facility, licensed as a result of inspections carried out by CCCS for performing tests and
evaluations which will be the basis for Common Criteria certification. As a prerequisite for such
certification, the CCEF has to fulfill the requirements of the standard ISO/IEC 17025 and should be
accredited by accreditation bodies. The evaluation and tests related with the concerned product
have been performed by TUBITAK BILGEM OKTEM, which is a public CCTL.
A Common Criteria Certificate given to a product means that such product meets the security
requirements defined in its security target document that has been approved by the CCCS. The
Security Target document is where requirements defining the scope of evaluation and test activities
are set forth. Along with this certification report, the user of the IT product should also review the
security target document in order to understand any assumptions made in the course of evaluations,
the environment where the IT product will run, security requirements of the IT product and the
level of assurance provided by the product.
This certification report is associated with the Common Criteria Certificate issued by the CCCS for
PARS DT-101 DIGITAL TACHOGRAPH VEHICLE UNIT (product version:1.0) whose evaluation
was completed on 28.12.2013 and whose evaluation technical report was drawn up by TUBITAK
5
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 5 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
BILGEM OKTEM (as CCTL), and with the Security Target document with version no
2.5(27.12.2013) of the relevant product.
The certification report, certificate of product evaluation and security target document are posted
on the STCD Certified Products List at bilisim.tse.org.tr portal and the Common Criteria Portal
(the official web site of the Common Criteria Project).
RECOGNITION OF THE CERTIFICATE
The Common Criteria Recognition Arrangement logo is printed on the certificate to indicate that
this certificate is issued in accordance with the provisions of the CCRA.
The CCRA has been signed by the Turkey in 2003 and provides mutual recognition of certificates
based on the CC evaluation assurance levels up to and including EAL4. The current list of
signatory nations and approved certification schemes can be found on:
http://www.commoncriteriaportal.org.
6
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 6 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
1 - EXECUTIVE SUMMARY
The target of evaluation is a digital tachograph vehicle unit which is called PARS DT-101. The TOE
is comprised of hardware and software. The hardware PARS DT-101 is certified according to CC
EAL4+( ATE_DPT.2, AVA_VAN.5) by Turkish CC Scheme with the certificate number
21.0.01/TSE-CCCS-018
Purpose of the vehicle unit (VU) is to record, store, display and print related output data.User activies
data are recorded and stored in VU’s internal data memory and tachograph cards. Users introduce
themselves via tachograph cards. The VU communicates with external world through display, printer
and external devices. The TOE receives motion data from the motion sensor and activity data via the
facilities for entry of user's. It stores all these user data internally and can export them to the
tachograph cards inserted, to the display, to the printer, and to electrical interfaces.
The basic data provided by TOE are;monitoring card insertions and withdrawals, speed and distance
measurement, time measurement, monitoring driver activities, monitoring driving status, drivers
manual entries,company locks management, monitoring control activities, detection of events and/or
faults, built‐in and self tests, reading from data memory, recording and storing in data memory,
reading from tachograph cards, recording and storing in tachograph cards, displaying, printing,
warning, data downloading to external media, output data to additional external devices,calibration,
time adjustment, detection of motion data manipulation, software upgrade.
Fig.1 Typical VU
The hardware components are :
 Display
 Thermal Printer
 User interface
 Card Interface (1) and (2)
 Front Panel Connector (C)
 Data Memory
7
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 7 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
 Main Controller
 Security Controller
 RTC
 Battery
 Power Supply
 Power Supply (C)
 Other Connectors (C)
 Motion Sensor(C)
The TOE software consists of two parts:
 Boot Software
 Main Software
The Security Target [6] is the basis for this certification. It is based on the certified Protection Profile
Digital Tachograph - Vehicle Unit (VU PP) Version 1.0, 13 July 2010,BSI-CC-PP-0057-2010 [7].
The TOE Security Assurance Requirements (SAR) are based entirely on the assurance components
defined in Part 3 of the Common Criteria (see part C or [1], Part 3 for details). The TOE meets the
assurance requirements of the Evaluation Assurance Level EAL 4 augmented by ATE_DPT.2 and
AVA_VAN.5.
The TOE Security Functional Requirements (SFR) relevant for the TOE are outlined in the Security
Target [6], chapter 4. They are selected from Common Criteria Part 2.
The TOE Security Functional Requirements are implemented by the following TOE Security Objectives:
Security Objectives Addressed Issue
O.Access
The TOE must control user access to
functions and data.
O.Accountability
The TOE must collect accurate
accountability data.
O.Audit
The TOE must audit attempts to
undermine system security and should
trace them to associated users.
O.Authentication
The TOE should authenticate users and
connected entities (when a trusted path
needs to be established between entities).
O.Integrity
The TOE must maintain stored data
integrity.
O.Output
The TOE must ensure that data output
reflects accurately data measured or
stored.
O.Processing
The TOE must ensure that processing of
inputs to derive user data is accurate.
O.Reliability The TOE must provide a reliable service.
O.Secured_Data_Exchange
The TOE must secure data exchanges
with the motion sensor and with
8
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 8 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
tachograph cards.
O.Software_Analysis
There shall be no way to analyse or debug
software in the field after the TOE
activation.
O.Software_Upgrade
The TOE must guarantee confidentiality,
authenticity and integrity of the software
packages that will be installed during a
software upgrade.
The certification results only apply to the version of the product indicated in the certificate and on the
condition that all the stipulations are kept as detailed in this Certification Report.
2 CERTIFICATION RESULTS
2.1 Identification of Target of Evaluation
Project Identifier 21.0.01/TSE-CCCS-018
TOE Name and Version PARS DT-101 DIGITAL TACHOGRAPH VEHICLE
UNIT v1.0
Security Target / PP Document
Title
PARS DT-101 DIGITAL TACHOGRAPH VEHICLE
UNIT SECURITY TARGET
Security Target / PP Document
Version
2.5
Security Target / PP Document
Date
27.12.2013
Assurance Level EAL4+( ATE_DPT.2,AVA_VAN.5)
Criteria  Common Criteria for Information Technology
Security Evaluation, Part 1: Introduction and
General Model, Version 3.1, Revision 4, September
2012
 Common Criteria for Information Technology
Security Evaluation, Part 2: Security Functional
Components, Version 3.1, Revision 4, September
2012
 Common Criteria for Information Technology
Security Evaluation, Part 3: Security Assurance
Components,Version 3.1, Revision 4, September
2012
Methodology •Common Methodology for Information Technology
Security Evaluation, Evaluation Methodology; CCMB-
9
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 9 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
2012-09-004, Version 3.1, Revision 4, September 2012
Protection Profile Conformance BSI-CC-PP-0057 “Protection Profile ‘Digital Tachograph
– Vehicle Unit (VU PP)’“ as sponsored by “Bundesamt für
Sicherheit in der Informationstechnik“, author Dr. Igor
Furgel T-Systems GEI GmbH, SC Security Analysis &
Testing, version 1.0 as of 13th July 2010.
Common Criteria Conformance •Common Criteria for Information Technology Security
Evaluation, Part 1: Introduction and General Model;
CCMB-2009-07-001, Version 3.1, Revision 3, July 2009
•Common Criteria for Information Technology Security
Evaluation, Part 2: Security Functional Components;
CCMB-2009-07-002, Version 3.1, Revision 3, July 2009
•Common Criteria for Information Technology Security
Evaluation, Part 3: Security Assurance Requirements;
CCMB-2009-07-003, Version 3.1, Revision 3, July 2009
Sponsor and Developer PARS AR-GE BİLG.TEK.ELEK. MUH. VE
DAN.HIZ.SAN.TIC.LTD.ŞTI.
Evaluation Facility TUBITAK BILGEM OKTEM
Certification Scheme TSE-CCCS
2.2 Security Policy
The Security Policy is expressed by the set of Security Functional Requirements and implemented by
the TOE. It covers the following issues:
 the data recorded and stored in such a way as to prevent unauthorized access to and
manipulation of the data and detecting any such attempts,
● the integrity and authenticity of data exchanged between the motion sensor and the
vehicle unit,
● the integrity and authenticity of data exchanged between the recording equipment and
the tachograph cards
● the integrity and authenticity of data which is downloaded locally and remotely.
For detailed information please refer to ST [6, chapter 6.1.1]
2.3 Assumptions and Clarification of Scope
The Assumptions defined in the Security Target and some aspects of Threats and organisational
Security Policies are not covered by the TOE itself. These aspects lead to specific security objectives
to be fulfilled by the TOE-Environment. The Generic Security Target [5] does not define any
dedicated assumption, but measures; these measures will be reflected in the current ST in form of the
security objectives for the TOE environment below. Hence, it is to define some assumptions in the
current ST being sensible and necessary from the formal point of view (to reflect those environmental
measures from [5].
10
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 10 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
A.Activation
Vehicle manufacturers and fitters or workshops activate the TOE after its
installation before the vehicle leaves the premises where installation took
place.
A.Approved_Workshops
The Member States approve, regularly control and certify trusted fitters and
workshops to carry out installations, calibrations, checks, inspections, repairs.
A.Card_Availability
Tachograph cards are available to the TOE users and delivered by Member
State authorities to authorised persons only.
A.Card_Traceability
Card delivery is traceable (white lists, black lists), and black lists are used
during security audits.
A.Controls
Law enforcement controls will be performed regularly and randomly, and
must include security audits (as well as visual inspection of the equipment).
A.Driver_Card_Uniqueness Drivers possess, at one time, one valid driver card only.
A.Faithful_Calibration
Approved fitters and workshops enter proper vehicle parameters in recording
equipment during calibration.
A.Faithful_Drivers
Drivers play by the rules and act responsibly (e.g. use their driver cards;
properly select their activity for those that are manually selected …)
A.Regular_Inspections Recording equipment will be periodically inspected and calibrated
2.4 Architectural Information
The whole Vehicle Unit is the TOE, as claimed in [5]. Control of the TOE is provided by ARM Cortex
M3 based microcontroller.Schematic and PCB Design Tools of Mentor Graphics Company are used for
electronic hardware design.
The typical life cycle of the TOE is described in the Figure 1. Design phase include both hardware
and software developments stages. During these stages all required actions which includes physical
and IT related issues are taken to protect maintain targeted security level of the TOE.
11
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 11 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
Fig.1 VU typical Life Cycle
After design is completed these data is transferred to the manufacturing environment in a secured
way. After hardware assembly, system software and security data are inserted to the TOE. Similar to
12
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 12 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
development environment, all required IT and physical security action are taken.
2.5 Documentation
Name of Document Version Number Publication Date
PARS DT-101 v1.0 DIGITAL
TACHOGRAPH VEHICLE UNIT
SECURITY TARGET
2.4_GR_06 13.06.2013
PARS DT-101 v1.0 DİJİTAL
TAKOGRAF ARAÇ ÜNİTESİ
ÜRÜN TESLİM PROSEDÜRÜ
DOKÜMANI
0.3 03.07.2013
PARS DT-101 v1.0 TAKOGRAF
SÜRÜCÜ VE ŞİRKET KULLANICI
KILAVUZU DOKÜMANI
Rev.0 GR_10_v2 10.07.2013
PARS DT-101 v1.0 TAKOGRAF
WORKSHOP KULLANICI
KILAVUZU DOKÜMANI
Rev.0 GR_10_v2 10.07.2013
PARS DT-101 v1.0 TAKOGRAF
KONTROLÖR KULLANICI
KILAVUZU DOKÜMANI
Rev.0 GR_10_v2 10.07.2013
2.6 IT Product Testing
During the evaluation, all evaluation evidences of TOE were delivered and transferred completely to
CCTL by the developers. All the delivered evaluation evidences which include software, documents,
etc are mapped to the assurance families of Common Criteria and Common Methodology; so the
connections between the assurance families and the evaluation evidences has been established. The
evaluation results are available in the Evaluation Technical Report (ETR) of PARS DT-101[4].
The CCTL spent adequate testing effort for the desired resistance of the TOE against attackers with a
high attack potential. The evaluators spent several days each for analysing the test specification and
ensuring that the specification has been correctly implemented in the test scripts,to create ideas for
independent evaluator tests,to ensure that the test environment delivers correct test results and to
repeate developer tests as well as carrying out independent tests.
2.7 Evaluated Configuration
This certification covers the following configuration of the TOE: The TOE PARS Digital
Tachograph Vehicle Unit, Version 1.0 is an electronic device , consisting of hardware and software,
and additionally of documentations (see Table 2).
13
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 13 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
Evaluation Evidence Version Number Date
PARS DT-101 Digital Tachograph Security
Target
2.5 27.12.2013
PARS DT-101 Dijital Takograf Araç Ünitesi
TOE Tasarım Tanımlama Dokümanı(Design
Description Document)
0.5_GR_09 03.07.2013
PARS DT-101 Dijital Takograf Araç Ünitesi
Güvenlik Mimarisi Tanımlama
Dokümanı(Security Architecture
Description Documentation)
1.0 13.06.2013
PARS DT-101 Dijital Takograf Araç Ünitesi
Fonksiyonel Tanımlama(Functional
Specification Document)
1.9_GR_09 03.07.2013
PARS DT-101 v1.0 Dijital Takograf
Kontrolör Kullanıcı Kılavuzu (Controller
User Manual Document)
Rev.0 GR_10_v2 10.07.2013
PARS DT-101 Dijital Takograf Araç Ünitesi
Ürün Teslim Prosedürü Dokümanı(Delivery
Document)
0.3 03.07.2013
PARS DT-101 Dijital Takograf Araç Ünitesi
Geliştirme Araçları
Dokümanı(Development Tool
Documentation)
0.2_GR_11 23.07.2013
PARS DT-101 Dijital Takograf Araç Ünitesi
Yaşam Döngüsü Tanımlama Dokümanı(Life
Cycle Defination Document)
0.3 03.07.2013
PARS DT-101 Dijital Takograf Araç Ünitesi
Konfigürasyon Yönetim
Ünitesi(Configuration Management
Document)
0.5 12.12.2013
Test Document 0.6 27.12.2013
14
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 14 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
PARS DT-101 v1.0 Dijital Takograf Sürücü
ve Şirket Kullanıcı Kılavuzu (Driver and
Company User Manual)
Rev.0 GR_10_v2 10.07.2013
PARS DT-101 v1.0 Dijital Takograf
Workshop Kullanıcı Kılavuzu (Workshop
User Manual)
Rev.0 GR_10_v2 10.07.2013
PARS DT-101 Dijital Takograf Araç Ünitesi
Geliştirme Güvenliği
Dokümanı(Development Security
Document)
0.3 03.07.2013
PARS DT-101 Dijital Takograf Araç Ünitesi
Açıklık Değerlendirme
Dokümanı(Vulnerability Assessment
Document)
0.1 25.08.2013
Table 2-Documentation
2.8 Results of the Evaluation
Table 3 below provides a complete listing of the Security Assurance Requirements for the TOE.
These requirements consists of the Evaluation Assurance Level 4 (EAL 4) components as specified
in Part 3 of the Common Criteria, augmented with ATE_DPT.2 and AVA_VAN.5.
Assurance Classes Component
ID
Component Title
Development ADV_ARC.1 Security Architecture
ADV_FSP.4 Complete Functional
Specification
ADV_IMP.1 Implementation
Represantation
ADV_INT -
ADV_TDS.3 Basic Modular Design
ADV_SPM -
Guidance Documents AGD_OPE.1 Operational User Guidance
AGD_PRE.1 Preparative Procedures
Life Cycle Support ALC_CMC.4 Production Support,
acceptance procedures and
automation
ALC_CMS.4 Problem tracking CM
coverage
ALC_DVS.1 Identification of security
15
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 15 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
measures
ALC_TAT.1 Well-defined development
tools
ALC_DEL.1 Delivery procedures
ALC_FLR -
ALC_LCD.1
Developer defined life-cycle
model
Security Target
evaluation ASE standard approach for EAL4
Tests ATE_COV.2 Analysis of coverage
ATE_DPT.2 Security Enforcing Modules
ATE_FUN.1 Functional testing
ATE_IND.2 Independent testing – sample
Vulnerability Assessment AVA_VAN.5 Advanced methodical
vulnerability analysis
Table 3-Security Assurance Requirements of the TOE
2.9 Evaluator Comments / Recommendations
No recommendations or comments have been communicated to CCCS by the evaluators related to
the evaluation process of “PARS DT-101 v1.0” product, result of the evaluation, or the ETR.
3 SECURITY TARGET
Information about the Security Target document associated with this certification report is as follows:
Name of Document: PARS DT-101 DIGITAL TACHOGRAPH VEHICLE UNIT SECURITY
TARGET
Version No.: 2.5
Date of Document: 27.12.2013
This Security Target describes the TOE, intended IT environment, security objectives, security
requirements (for the TOE and IT environment), TOE security functions and all necessary rationale.
16
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 16 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
4 GLOSSARY
CCCS: Common Criteria Certification Scheme (TSE)
CCTL: Common Criteria Test Laboratory (OKTEM)
CCMB: Common Criteria Management Board
CEM: Common Evaluation Methodology
ETR: Evaluation Technical Report
IT: Information Technology
IC: Integrated Circuit
ST: Security Target
TOE: Target of Evaluation
TSF: TOE Security Function
TSFI: TSF Interface
SFR: Security Functional Requirement
EAL:
DES:
UEKAE:
TÜBİTAK:
OKTEM:
BİLGEM:
VU:
Evaluation Assurance Level
Data Encryption Standard
National Electronics and Cryptology Research
Institute
Turkish Scientific and Technological Research
Council
Common Criteria Test Center (as CCTL)
Center of Research For Advanced Technologies
of Informatics and Information Security
Vehicle Unit
PP: Protection Profile
17
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 17 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
5 BIBLIOGRAPHY
[1]Common Criteria for Information Technology Security Evaluation, Version 3.1
Revision 3, July 2009
[2]Common Methodology for Information Technology Security Evaluation, CEM,
Version 3.1 Revision 3, July 2009
[3] PARS DT-101 DIGITAL TACHOGRAPH VEHICLE UNIT SECURITY TARGET
Version: 2.4_GR_06 Date: 13.06.2013
[4]Evaluation Technical Report(Document Code: DTR 26 TR 01),December 16,2013
[5]Appendix 10 of Annex I B of Commission Regulation (EEC) No. 1360/2002 -
Generic Security Targets
[6] PARS DT 101 Digital Tachograph Vehicle Unit Security Target,
Vers.2.4,13.06.2013
[7] Common Criteria Protection Profile Digital Tachograph – Vehicle Unit (VU PP)
Compliant to EU Commission Regulation 1360/2002, Annex I(B), App. 10, Version 1.0,
13th July 2010 Registered and Certified by Bundesamt für Sicherheit in der
Informationstechnik (BSI) under the reference BSI-CC-PP-0057.
6 ANNEXES
There is no additional information which is inappropriate for reference in other sections.
18
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 18 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
19
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 19 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01
20
SOFTWARE TEST and CERTIFICATION DEPARTMENT
COMMON CRITERIA CERTIFICATION SCHEME
CERTIFICATION REPORT
Date of Issue: 22/07/2013 Page : 20 / 20
Rev. No : 00
Date of Rev:
Document No: STCD-01-01-FR-01