BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 1/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
Certification Report
EAL 4+ (ALC_FLR.2) Evaluation of
NETCAD YAZILIM A.Ş.
NETCAD – Enterprise Products Platform v1.0
issued by
Turkish Standards Institution
Common Criteria Certification Scheme
Certificate Number: 21.0.03/TSE-CCCS-53
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 2/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
TABLE OF CONTENTS
TABLE OF CONTENTS .............................................................................................................................2
DOCUMENT INFORMATION.........................................................................................................................3
DOCUMENT CHANGE LOG ...........................................................................................................................3
DISCLAIMER ....................................................................................................................................................4
FOREWORD ......................................................................................................................................................5
RECOGNITION OF THE CERTIFICATE........................................................................................................6
1 - EXECUTIVE SUMMARY ............................................................................................................................7
1.1 TOE Overview ..............................................................................................................................................7
1.2 Threats...........................................................................................................................................................7
2 CERTIFICATION RESULTS ...........................................................................................................................8
2.1 Identification of Target of Evaluation...........................................................................................................8
2.2 Security Policy ..............................................................................................................................................8
2.3 Assumptions and Clarification of Scope.......................................................................................................8
2.4 Architectural Information..............................................................................................................................9
2.4.1 Logical Scope.............................................................................................................................................9
2.4.2 Physical Scope .........................................................................................................................................11
2.5 Documentation............................................................................................................................................12
2.6 IT Product Testing.......................................................................................................................................12
2.7 Evaluated Configuration .............................................................................................................................12
2.8 Results of the Evaluation ............................................................................................................................12
2.9 Evaluator Comments / Recommendations..................................................................................................13
3 SECURITY TARGET ...................................................................................................................................14
5 BIBLIOGRAPHY........................................................................................................................................15
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 3/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
DOCUMENT INFORMATION
Date of Issue September 10, 2018
Approval Date September 10, 2018
Certification Report Number 21.0.03/18-006
Sponsor and Developer Netcad Yazılım A.Ş.
Evaluation Facility Beam Technology Test Center
TOE NETCAD – Enterprise Products Platform v1.0
Pages 15
Prepared by Cem ERDİVAN
Common Criteria Inspection Expert
Reviewed by Zümrüt MÜFTÜOĞLU
Common Criteria Technical Responsible
(Hardware Product Group)
This report has been prepared by the Certification Expert and reviewed by the Technical Responsible of which
signatures are above.
DOCUMENT CHANGE LOG
Release Date Pages Affected Remarks/Change Reference
1.0 September 10, 2018 All First Release
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 4/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
DISCLAIMER
This certification report and the IT product in the associated Common Criteria document has been evaluated at
an accredited and licensed evaluation facility conformance to Common Criteria for IT Security Evaluation,
version 3.1,revision 5, using Common Methodology for IT Products Evaluation, version 3.1, revision 5. This
certification report and the associated Common Criteria document apply only to the identified version and
release of the product in its evaluated configuration. Evaluation has been conducted in accordance with the
provisions of the CCCS, and the conclusions of the evaluation facility in the evaluation report are consistent
with the evidence adduced. This report and its associated Common Criteria document are not an endorsement
of the product by the Turkish Standardization Institution, or any other organization that recognizes or gives
effect to this report and its associated Common Criteria document, and no warranty is given for the product by
the Turkish Standardization Institution, or any other organization that recognizes or gives effect to this report
and its associated Common Criteria document.
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 5/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
FOREWORD
The Certification Report is drawn up to submit the Certification Commission the results and evaluation
information upon the completion of a Common Criteria evaluation service performed under the Common
Criteria Certification Scheme. Certification Report covers all non-confidential security and technical
information related with a Common Criteria evaluation which is made under the ITCD Common Criteria
Certification Scheme. This report is issued publicly to and made available to all relevant parties for reference
and use.
The Common Criteria Certification Scheme (CCSS) provides an evaluation and certification service to ensure
the reliability of Information Security (IS) products. Evaluation and tests are conducted by a public or
commercial Common Criteria Evaluation Facility (CCTL = Common Criteria Testing Laboratory) under
CCCS’ supervision.
CCEF is a facility, licensed as a result of inspections carried out by CCCS for performing tests and evaluations
which will be the basis for Common Criteria certification. As a prerequisite for such certification, the CCEF
has to fulfill the requirements of the standard ISO/IEC 17025 and should be accredited by accreditation bodies.
The evaluation and tests related with the concerned product have been performed by Beam Technology Testing
Facility, which is a commercial CCTL.
A Common Criteria Certificate given to a product means that such product meets the security requirements
defined in its security target document that has been approved by the CCCS. The Security Target document is
where requirements defining the scope of evaluation and test activities are set forth. Along with this
certification report, the user of the IT product should also review the security target document in order to
understand any assumptions made in the course of evaluations, the environment where the IT product will run,
security requirements of the IT product and the level of assurance provided by the product.
This certification report is associated with the Common Criteria Certificate issued by the CCCS for NETCAD –
Enterprise Products Platform v1.0 whose evaluation was completed on May 5, 2018 and whose evaluation
technical report was drawn up by Beam Technology (as CCTL), and with the Security Target document with
version no 2.3 of the relevant product.
The certification report, certificate of product evaluation and security target document are posted on the ITCD
Certified Products List at bilisim.tse.org.tr portal and the Common Criteria Portal (the official web site of the
Common Criteria Project).
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 6/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
RECOGNITION OF THE CERTIFICATE
The Common Criteria Recognition Arrangement logo is printed on the certificate to indicate that this certificate
is issued in accordance with the provisions of the CCRA.
The CCRA has been signed by the Turkey in 2003 and provides mutual recognition of certificates based on the
CC evaluation assurance levels up to and including EAL2. The current list of signatory nations and approved
certification schemes can be found on:
http://www.commoncriteriaportal.org.
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 7/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
1 - EXECUTIVE SUMMARY
1.1 TOE Overview
TOE consists of web applications which are installed onto the operating system in a computing platform.
These web applications are assembled in three groups:
 Netigma
Netigma is the web application which end users mainly use. Netigma web application provides view and
modification operations on TSF data. Also dynamic reports and queries are presented on Netigma. End users
also reach map data and spatial data using Netigma. Reports, queries and objects which are related to TSF data
can be managed by administrator users on development pages.
 NetGIS Server
NetGIS Server is the web application consisting of web services which provides map data and map drawings as
partial according to related coordinates. NetGIS Server also has a configuration interface.
 NetCad Base
NetCad Base consists of three types of web applications. Those are:
o Parameter Server: Provides management of configuration parameters by administrator users for
all applications
o Log Server: Provides log review and filtering by administrator users for all applications.
o Authentication Server: Manages access control for all applications using single sign-on
mechanism, authorization of users and verification of user-rights for all applications. User,
group, role and authorization management is also done by administrator users on authentication
server.
Web Server(s) which TOE components are hosted on, Database Server(s) which TOE should use to store data,
BIOS and other firmware, the operating system kernel, and other systems software (and drivers) provided as
part of the platform are outside the scope of this evaluation.
1.2 Threats
Threats Definition
T. MASQUERADE
An unauthorized user, process or external IT entity may masquerade as an
authorized entity to gain access to data or TOE resources.
T. NETWORK_ATTACK
An attacker is positioned on a communications channel or elsewhere on the
network infrastructure. Attackers may engage in communications with the
application software or alter communications between the application
software and other endpoints in order to compromise it.
T. NETWORK_EAVESDROP
An attacker is positioned on a communications channel or elsewhere on the
network infrastructure. Attackers may monitor and gain access to data
exchanged between the application and other endpoints.
Table 1: Threats
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 8/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
2 CERTIFICATION RESULTS
2.1 Identification of Target of Evaluation
Certificate Number 21.0.03/TSE-CCCS-53
TOE Name and Version NETCAD – Enterprise Products Platform v1.0
Security Target Title NETCAD – Enterprise Products Platform v1.0 Security Target
Security Target Version V2.3 ST-Lite
Security Target Date 27.07.2018
Assurance Level EAL4+ (ALC_FLR.2)
Criteria  Common Criteria for Information Technology Security
Evaluation, Part 1: Introduction and General Model; CCMB-
2012-09-001, Version 3.1, Revision 5, April 2017
 Common Criteria for Information Technology Security
Evaluation, Part 2: Security Functional Components; CCMB-
2012-09-002, Version 3.1 Revision 5, April 2017
 Common Criteria for Information Technology Security
Evaluation, Part 3: Security Assurance Components; CCMB-
2012-09-003, Version 3.1 Revision 5, April 2017
Methodology Common Criteria for Information Technology Security Evaluation,
Evaluation Methodology; CCMB-2012-09-004, Version 3.1, Revision
5, April 2017
Protection Profile Conformance NONE
Common Criteria Conformance  Common Criteria for Information Technology Security
Evaluation, Part 1: Introduction and General Model, Version 3.1,
Revision 5, April 2017
 Common Criteria for Information Technology Security
Evaluation, Part 2: Security Functional Components, Version
3.1, Revision 5, April 2017, conformant
 Common Criteria for Information Technology Security
Evaluation, Part 3: Security Assurance Components, Version
3.1, Revision 5, April 2017, conformant
Sponsor and Developer NETCAD Yazılım A.Ş.
Evaluation Facility Beam Technology Test Center
Certification Scheme TSE CCCS
2.2 Security Policy
TOE Security Policy consists of security functions described in section 2.4.1 Logical Scope.
2.3 Assumptions and Clarification of Scope
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 9/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
Policy Definition
P.CONF_KEY
Keys that are used to encrypt and export confidential data are under
administrator’s responsibility. Administrator should keep that keys safe and
never share with anybody.
P.FULL_LOG_ACTION
It is administrator’s responsibility to take action when the informative mail
about the reached log limit is sent by the TOE.
Table 2: Organizational Security Policies
Assumption Definition
A. PLATFORM
The TOE relies upon a trustworthy computing platform for its execution.
This includes isolation of the TOE Application from other applications on
the platform.
A. PROPER_USER
The user of the application software is not willfully negligent or hostile, and
uses the software in compliance with the applied enterprise security policy.
A. PROPER_ADMIN
The administrator of the application software is not careless, willfully
negligent or hostile, and administers the software within compliance of the
applied enterprise security policy.
A. PROPER_DB_ADMIN
The administrator of the database(s) which application software uses, is not
careless, willfully negligent or hostile, and administers the database within
compliance of the applied enterprise security policy.
A.SECURE_NETWORK The network connection between TOE parts is secure and uninterrupted.
Table 3: Assumptions
2.4 Architectural Information
2.4.1 Logical Scope
Audit: TOE generates audit logs that consist of various auditable events. Those logs include information about
actions like user login/log out events, meta data changes, rule changes and errors. User IP, application name,
log description, database table name , old and new values for modified data attributes and date and time of
events are recorded. TOE allows authorized administrators to filter, search and review all the recorded logs
stated above.
Cryptographic Support: TOE uses AES-256 algorithm and cryptographic key sizes 256 bits that meet the
following: FIPS 197 (for AES) for encryption and decryption of session data and encryption of user passwords.
Cryptographic keys are generated and destructed using mechanisms provided by IIS, they can be generated by
using manual or automatic triggers that can be configured by Administrator.
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 10/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
Identification, Authentication and Authorization: TOE provides an identification and authentication layer
with a login page as a part of GUI. Since TOE consists of 3 different applications, each application requires
different logins although they can be used with same credentials.
TOE includes administrator defined role groups and provides authentication before any action. This security
feature acts to protect and prevent access by unauthorized users to the system.
TOE also provides configurable authentication failure handling by locking users after an administrator defined
number of unsuccessful login attempts.
Authorized administrators are granted the ability to set the idle timeout threshold after which an
authorized user would be automatically logged out of his active session.
Data Protection: TOE provides access control to TOE functions and Information flow control for TSF Data.
The access control function permits a user to access a protected resource only if the role group of the user is
given permission to perform the requested action on the resource by Administrator.
Security Management: Although TOE includes static authorizations ,authorized administrator can also create
dynamic authorizations.
Administrator can create role groups and bind static and dynamic authorizations to those role groups. After
creating role groups administrator can assign role groups to users to define functions or resources that they are
allowed to perform
Additional functionalities such as modifying access privileges and unlocking password for users are also
accessible by authorized administrator.
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 11/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
2.4.2 Physical Scope
Figure 1 TOE Scope
TOE is delivered to customers by a sales representative. Deliverables are listed below:
 Netigma.exe : Netigma installation file
 Netcad Base.exe : Netcad Base installation file
 Webgis SDK.exe : Netgis SDK installation file
 Netgis Server.exe : Netgis Server installation file
 Install manual.pdf : Installation manual for TOE
 Usage manual.pdf : User guide for TOE
 Security Helper.exe : Application used for applying CC configurations
 License key files
3rd party extensions needed by TOE are included in installation files. Other dependencies based on Windows
version of the system are provided by the OS.
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 12/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
2.5 Documentation
These documents listed below are provided to customer by the developer alongside the TOE:
Document Name Version Release Date
NETCAD – Enterprise Products Platform v1.0 Security
Target
v2.3 July 27, 2018
User Manual v1.6 May 15, 2018
Installation Procedures v1.1 November 3, 2017
2.6 IT Product Testing
 Developer Testing: All SFR-Enforcing TSFIs have been tested by developer. Developer has conducted
57 functional tests in total.
 Evaluator Testing: Evaluator has chosen a sample of 31 developer tests to conduct by itself.
Additionally, evaluator has prepared 20 independent tests. TOE has passed all 51 functional tests to
demonstrate that its security functions work as it is defined in the ST.
 Penetration Tests: TOE has been tested against common threats and other threats surfaced by
vulnerability analysis. As a result, 16 penetration tests have been conducted. TOE proved that it is
resistant to “Attacker with Enhanced-Basic Attack Potential”.
2.7 Evaluated Configuration
NETCAD – Enterprise Products Platform v1.0 does not have different configurations and installation steps are
explained in NETCAD-AGD-PRE-v.1.1 Installation Procedures document which is handed to customer with
TOE itself.
2.8 Results of the Evaluation
The verdict for the CC Part 3 assurance components (according to EAL4+ (ALC_FLR.2) and the security target
evaluation) is summarized in the following table:
Class Heading Class Family Description Result
ADV:
Development
ADV_ARC.1 Security architecture description PASS
ADV_FSP.4 Complete functional specification PASS
ADV_IMP.1 Implementation representation of the TSF PASS
ADV_TDS.3 Basic modular design PASS
AGD:
Guidance
Documents
AGD_OPE.1 Operational user guidance PASS
AGD_PRE.1 Preparative procedures PASS
ALC:
Lifecycle Support
ALC_CMC.4 Production support, acceptance procedures and automation PASS
ALC_CMS.4 Problem tracking CM coverage PASS
ALC_DEL.1 Delivery procedures PASS
ALC_DVS.1 Identification of security measures PASS
ALC_LCD.1 Developer defined life-cycle model PASS
ALC_TAT.1 Well-defined development tools PASS
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 13/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
Class Heading Class Family Description Result
ALC_FLR.2 Flaw reporting procedures PASS
ASE:
Security Target
evaluation
ASE_CCL.1 Conformance claims PASS
ASE_ECD.1 Extended components definition PASS
ASE_INT.1 ST introduction PASS
ASE_OBJ.2 Security objectives PASS
ASE_REQ.2 Derived security requirements PASS
ASE_SPD.1 Security problem definition PASS
ASE_TSS.1 TOE summary specification PASS
ATE:
Tests
ATE_COV.2 Analysis of coverage PASS
ATE_DPT.1 Testing: basic design PASS
ATE_FUN.1 Functional testing PASS
ATE_IND.2 Independent testing - sample PASS
AVA:
Vulnerability
Analysis
AVA_VAN.3 Focused vulnerability analysis PASS
2.9 Evaluator Comments / Recommendations
No recommendations or comments have been communicated to CCCS by the evaluators related to the
evaluation process of “NETCAD – Enterprise Products Platform v1.0” product, result of the evaluation, or the
ETR.
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 14/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
3 SECURITY TARGET
The security target associated with this Certification Report is identified by the following terminology:
Title: NETCAD – Enterprise Products Platform v1.0 Security Target
Version: v2.3
Date of Document: July 27, 2018
This Security Target describes the TOE, intended IT environment, security objectives, security requirements
(for the TOE and IT environment), TOE security functions and all necessary rationale.
BİLİŞİM TEKNOLOJİLERİ
TEST VE BELGELENDİRME
DAİRESİ BAŞKANLIĞI /
INFORMATION TECHNOLOGIES TEST AND
CERTIFICATION DEPARTMENT
Doküman No BTBD-03-01-FR-01
CCCS CERTIFICATION REPORT
Yayın Tarihi 30/07/2015
RevizyonTarihi 29/04/2016 No 05
Sayfa 15/15
Bu dokümanın güncelliği, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir.
5 BIBLIOGRAPHY
[1] Common Criteria for Information Technology Security Evaluation, Version 3.1 Revision 5, April 2017
[2] Common Methodology for Information Technology Security Evaluation, CEM, Version 3.1 Revision 5,
April 2017
[3] BTBD-03-01-TL-01 Certification Report Preparation Instructions, Rel. Date: February 8, 2016
[4] ETR v3.2 of NETCAD – Enterprise Products Platform v1.0, Rel. Date: May 28, 2018
[5] NETCAD – Enterprise Products Platform v1.0 Security Target, Version 2.3, Rel. Date: July 27, 2018