This page was not yet optimized for use on mobile devices.
Digital Tachograph DTCO 1381 Release 4.1a
CSV information ?
| Status | active |
|---|---|
| Valid from | 14.01.2025 |
| Valid until | 14.01.2030 |
| Scheme | 🇩🇪 DE |
| Manufacturer | Continental Automotive Technologies GmbH |
| Category | Other Devices and Systems |
| Security level | AVA_VAN.5, EAL4+, ATE_DPT.2 |
| Protection profiles |
Heuristics summary ?
Certificate ID: BSI-DSZ-CC-1158-V3-2025
Certificate ?
Extracted keywords
Security level
EAL 4, EAL 5, EAL 2, EAL 4 augmentedSecurity Assurance Requirements (SAR)
ATE_DPT.2, AVA_VAN.5Protection profiles
BSI-CC-PP-0094-V2-2021Certificates
BSI-DSZ-CC-1158-V3-2025Standards
ISO/IEC 15408, ISO/IEC 18045File metadata
| Title | Certification Report BSI-DSZ-CC-1158-V3-2025 |
|---|---|
| Subject | Digital Tachograph DTCO 1381, Release 4.1a from Continental Automotive Technologies GmbH |
| Author | Federal Office for Information Security |
| Pages | 1 |
Certification report ?
Extracted keywords
Symmetric Algorithms
AES, DES, Triple-DES, CBC-MAC, CMACAsymmetric Algorithms
ECDSA, ECCHash functions
SHA-1, SHA-384, SHA-512Schemes
MACRandomness
RNGBlock cipher modes
CBCVendor
Infineon Technologies AGSecurity level
EAL 4, EAL 5, EAL 2, EAL 1, EAL4, EAL4+, EAL 5+, EAL 6, EAL 4 augmentedSecurity Assurance Requirements (SAR)
ALC_FLR, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ALC_TAT.1, ATE_DPT.2, ATE_FUN, AVA_VAN.5Protection profiles
BSI-CC-PP-0094-V2-2021, BSI-CC-PP- 0094-V2-2021Certificates
BSI-DSZ-CC-1158-V3-2025, BSI-DSZ-CC-1158-V2-2023, NSCIB-CC-2200060-02Evaluation facilities
TÜV Informationstechnik, Deutsche Telekom SecuritySide-channel analysis
JILCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, 18 December 2024, Evaluation Technical Report BSI-DSZ-CC-1158-V3, Deutsche Telekom Security GmbH, (confidential document) [8] Digital Tachograph - Vehicle Unit (VU PP) Version 1.15, 6 June 2021, BSI-CC-PP- 0094-V2-2021, list for the TOE, Version 1.66, 11 December 2024, Konfigurationsliste, Continental AG (confidential document) 7 specifically • AIS 20, Version 3, Funktionalitätsklassen und Evaluationsmethodologie fürStandards
FIPS PUB 197, SP 800-38A, SP 800-38B, PKCS #1, AIS 34, AIS 36, AIS 25, AIS 26, AIS 37, AIS 40, AIS 49, AIS 20, AIS 31, AIS 38, AIS 32, AIS 35, AIS 46, AIS 50, RFC 5480, RFC 5639, RFC 5869, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, ISO/IEC 9797-1Technical reports
BSI 7148File metadata
| Title | Certification Report BSI-DSZ-CC-1158-V3-2025 |
|---|---|
| Subject | Common Criteria, Certification, Zertifizierung, Continental, Digital Tachograph, DTCO, Vehicle Unit |
| Keywords | "Common Criteria, Certification, Zertifizierung, Continental, Digital Tachograph, DTCO, Vehicle Unit" |
| Author | Federal Office for Information Security |
| Pages | 30 |
Frontpage
| Certificate ID | BSI-DSZ-CC-1158-V3-2025 |
|---|---|
| Certified item | Digital Tachograph DTCO 1381, Release 4.1a |
| Certification lab | BSI |
| Developer | Continental Automotive Technologies GmbH |
References
Outgoing- BSI-DSZ-CC-1158-V2-2023 - active - Digital Tachograph DTCO 1381 Release 4.1
- NSCIB-CC-2200060-02-CR - active - Infineon IFX_CCI_00003Fh IFX_CCI_000059h IFX_CCI_00005Bh IFX_CCI_00003Ch IFX_CCI_00003Dh IFX_CCI_00005Ah design step G11 and H11 with optional HSL v2.01.6198, optional SCL v2.13.001, optional ACL v3.03.003, optional ACL v3.04.001, optional ACL v3.05.002, optional HCL v1.13.001, optional RCL v1.10.006 and with specific IC-dedicated firmware identifier 80.203.00.3 and Flash Loader v8.06.001
Security target ?
Extracted keywords
Symmetric Algorithms
AES, DES, TDES, CMAC, CBC-MACAsymmetric Algorithms
ECDSA, ECCHash functions
SHA-1, SHA-256, SHA-384, SHA-512, SHA-2Schemes
MACRandomness
RNGElliptic Curves
P-256, P-384, P-521, NIST P-256, NIST P-384, NIST P-521, secp256r1, secp384r1, secp521r1, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1Block cipher modes
ECB, CBCSecurity level
EAL 4, EAL4, EAL6, EAL6+, EAL4 augmented, EAL 4 augmented, EAL6 augmentedClaims
OE.EOLSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_TDS.3, ADV_FSP.4, ADV_IMP.1, AGD_OPE.1, AGD_PRE.1, ATE_DPT.2, ATE_FUN.1, ATE_DPT.1, AVA_VAN.5Security Functional Requirements (SFR)
FAU_GEN, FAU_GEN.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_SAR, FAU_SAR.1, FAU_SAR.1.1, FAU_SAR.1.2, FAU_STG, FAU_STG.1, FAU_STG.1.1, FAU_STG.1.2, FAU_STG.4, FAU_STG.3, FAU_STG.4.1, FCO_NRO.1, FCO_NRO.1.1, FCO_NRO.1.2, FCO_NRO.1.3, FCO_NRO, FCS_RNG, FCS_RNG.1, FCS_COP.1.1, FCS_CKM.1, FCS_RNG.1.1, FCS_RNG.1.2, FCS_CKM.4, FCS_CKM, FCS_CKM.2, FCS_COP.1, FCS_CKM.1.1, FCS_CKM.2.1, FCS_CKM.4.1, FCS_COP, FDP_ACF.1.2, FDP_ITC.2.5, FDP_ITT.1, FDP_ACC, FDP_ACC.1, FDP_ACF.1, FDP_ACC.1.1, FDP_ACF.1.1, FDP_ACF, FDP_ACF.1.3, FDP_ACF.1.4, FDP_ITC.2, FDP_ETC, FDP_ETC.2, FDP_IFC.1, FDP_ETC.2.1, FDP_ETC.2.2, FDP_ETC.2.3, FDP_ETC.2.4, FDP_ITC, FDP_ITC.1, FDP_ITC.1.1, FDP_ITC.1.2, FDP_ITC.1.3, FDP_IFC, FDP_ITC.2.1, FDP_ITC.2.2, FDP_ITC.2.3, FDP_ITC.2.4, FDP_ITT, FDP_ITT.1.1, FDP_RIP, FDP_RIP.1, FDP_RIP.1.1, FDP_SDI, FDP_SDI.2, FDP_SDI.1, FDP_SDI.2.1, FDP_SDI.2.2, FIA_UAU.2, FIA_ATD.1, FIA_AFL.1, FIA_SOS.2, FIA_UID.1, FIA_AFL, FIA_UAU.1, FIA_AFL.1.1, FIA_AFL.1.2, FIA_ATD, FIA_ATD.1.1, FIA_UAU, FIA_UAU.3, FIA_UAU.3.1, FIA_UAU.3.2, FIA_UAU.5, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UAU.6, FIA_UAU.6.1, FIA_UID, FIA_UID.2, FIA_UID.2.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UAU.2.1, FMT_MSA.3, FMT_MSA, FMT_MSA.1, FMT_SMR, FMT_SMF, FMT_MSA.1.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_MOF, FMT_MOF.1, FMT_MOF.1.1, FMT_MTD, FMT_MTD.1, FMT_SMR.1, FMT_SMF.1, FMT_MTD.1.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FPT_STM.1, FPT_TDC.1, FPT_FLS, FPT_FLS.1, FPT_FLS.1.1, FPT_PHP, FPT_PHP.2, FPT_PHP.1, FPT_PHP.2.1, FPT_PHP.2.2, FPT_PHP.2.3, FPT_PHP.3, FPT_PHP.3.1, FPT_STM, FPT_STM.1.1, FPT_TST, FPT_TST.1, FPT_TST.1.1, FPT_TST.1.2, FPT_TST.1.3, FPT_TDC, FPT_TDC.1.1, FPT_TDC.1.2, FTP_ITC.1, FTP_TRP.1, FTP_ITC, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3Protection profiles
BSI-CC-PP-0094-V2, BSI-CC-PP-0093Side-channel analysis
physical tampering, Physical tampering, malfunction, reverse engineeringCertification process
Out of scope, foreign) MSCA; obtained by VU in Out of scope for this ST Not applicable VU non- volatile memory DTCO1381 R4.1a, Security Target Rev, 30 RSA Generated by ERCA; inserted in VU by manufacturer at the end of the manufacturing phase Out of scope for this ST Not applicable VU non- volatile memory Card.PK (condition al, possibly multiple) Card, by card or card manufacturer; obtained by VU in card certificate during mutual authentication Out of scope for this ST Not applicable VU non- volatile memory MS.PK (condition al, Public key of an MSCA other, the MSCA Used by VU to perform verification of RSA Generated by (foreign) MSCA; obtained by VU in Out of scope for this ST Not applicable VU non- volatile memory DTCO1381 R4.1a, Security Target Rev. 1.6 p u b, 33. ECC Generated by ERCA; inserted in VU by manufacturer at the end of the manufacturing phase Out of scope for this ST Not applicable VU non- volatile memory EUR.PK (previous) The previous public key of, 33 ECC Generated by ERCA; inserted in VU by manufacturer at the end of the manufacturing phase Out of scope for this ST Not applicable VU non- volatile memory (conditional; only present if existing at time, C as part of the EUR.Link.C; obtained by VU du- ring mutual authentication towards such card or EGF Out of scope for this ST Not applicable VU general nonvo-latile memory (con-ditional; only if the VU has, and session key ECC Generated by card or card manufac- turer; obtained by VU in card certi- Out of scope for this ST Not applicable VU non- volatile memory (conditional, DTCO1381 R4.1a, Security Target, obtained by VU in EGF certificate during mutual authentication as part of the coupling process Out of scope for this ST Not applicable VU non- volatile memory (conditional, possibly multiple) MSCA _Card.PK, 33) ECC Generated by MSCA ; obtained by VU in MSCA- _Card certificate during mutual authentication Out of scope for this ST Not applicable VU non- volatile memory (conditional, possibly multiple) VUEGF.P K, 33. ECC Generated by MSCA ; obtained by VU in MSCA_VU-EGF certificate during coupling to an EGF Out of scope for this ST Not applicable VU non- volatile memory (conditional, possibly multiple) DTCO1381 R4.1a, Note: as explained in Annex 1C [54], Appendix 11, section 12.2, a VU contains only one Km-vu. Out of scope for this ST Made unavailable when the VU has reached end of life VU non- volatile Memory Km-wc, key generations). However, a VU will retrieve only one of these keys during the pairing process. Out of scope for this ST Made unavailable at the latest by end of calibration phase Not permanently stored; only, under Km) at the end of the manufac-turing phase; obtained and decrypted by VU during pairing Out of scope for this ST Made unavailable at the latest by end of calibration phase Not permanently stored; only, received from VU manufacturer; inserted by VU manufacturer at the end of the manufacturing phase Out of scope for this ST Made unavailable when the VU has reached end of life VU non- volatile memory 38 Note, received from VU manufacturer; inserted by VU manufacturer at the end of the manufacturing phase Out of scope for this ST Made unavailable when the VU has reached end of life VU non- volatile memory TK, for update file To ensure confidentiality of the update file AES Generated by the VU manufacturer Out of scope of this ST Made unavailable when the VU has reached end of life Not permanently stored CBC- MAC, of the underlying elliptic curve and the CBC- MAC key itself AES Generated by the VU manufacturer Out of scope of this ST Made unavailable when the VU has reached end of life VU non- volatile memory Kvu, MACs for the data integrity control of user data records AES Generated by the VU manufacturer Out of scope of this ST Made unavailable when the VU has reached end of life VU non- volatile memory DTCO1381Standards
FIPS PUB 46-3, FIPS PUB 197, FIPS PUB 186-4, FIPS PUB 180-4, SP 800-38A, SP 800-38B, RFC3447, RFC 3447, RFC 5480, RFC 5639, RFC 5869, RFC 8017, ISO/IEC 9797-1, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-09-001, CCMB-2017-09-002, CCMB-2017-09-003, CCMB-2017-09-004File metadata
| Pages | 129 |
|---|
Heuristics ?
Certificate ID: BSI-DSZ-CC-1158-V3-2025
Extracted SARs
ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ALC_TAT.1, ATE_DPT.2, ATE_FUN.1, AVA_VAN.5References ?
Updates ?
-
17.02.2025 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
None.
- The scheme_data property was set to
-
10.02.2025 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name Digital Tachograph DTCO 1381 Release 4.1a was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Other Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1158V3c_pdf.pdf",
"dgst": "c15eaa996b434551",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-1158-V3-2025",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"eal": "EAL4+",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"4.1"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": {
"_type": "Set",
"elements": [
"d3d381970c60f694"
]
},
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1158-V2-2023",
"NSCIB-CC-2200060-02-CR"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0632-2011",
"BSI-DSZ-CC-0827-V5-2017",
"BSI-DSZ-CC-1015-2017",
"NSCIB-CC-0173264-CR3",
"BSI-DSZ-CC-0827-V7-2018",
"BSI-DSZ-CC-0827-2013",
"BSI-DSZ-CC-0827-V3-2015",
"BSI-DSZ-CC-0791-2012",
"BSI-DSZ-CC-1158-V2-2023",
"BSI-DSZ-CC-0827-V2-2014",
"BSI-DSZ-CC-0395-2007",
"BSI-DSZ-CC-0827-V8-2020",
"NSCIB-CC-2200060-02-CR",
"BSI-DSZ-CC-1158-2020",
"BSI-DSZ-CC-0936-2015",
"BSI-DSZ-CC-0559-2012",
"BSI-DSZ-CC-0827-V4-2016",
"BSI-DSZ-CC-0827-V6-2017",
"BSI-DSZ-CC-0269-2006",
"BSI-DSZ-CC-1069-2018",
"BSI-DSZ-CC-0878-2013",
"BSI-DSZ-CC-0376-2006"
]
}
},
"scheme_data": null,
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "Continental Automotive Technologies GmbH",
"manufacturer_web": "https://www.continental-automotive.com",
"name": "Digital Tachograph DTCO 1381 Release 4.1a",
"not_valid_after": "2030-01-14",
"not_valid_before": "2025-01-14",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": "1158V3c_pdf.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1158-V3-2025": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0094-V2-2021": 1
}
},
"cc_sar": {
"ATE": {
"ATE_DPT.2": 1
},
"AVA": {
"AVA_VAN.5": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 2": 1,
"EAL 4": 1,
"EAL 4 augmented": 1,
"EAL 5": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"ISO": {
"ISO/IEC 15408": 2,
"ISO/IEC 18045": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": {
"/Author": "Federal Office for Information Security",
"/Subject": "Digital Tachograph DTCO 1381, Release 4.1a from Continental Automotive Technologies GmbH",
"/Title": "Certification Report BSI-DSZ-CC-1158-V3-2025",
"pdf_file_size_bytes": 233271,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 1
},
"report_filename": "1158V3a_pdf.pdf",
"report_frontpage": {
"DE": {
"cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by ATE_DPT.2 and AVA_VAN.5 valid until: 13 January 2030",
"cc_version": "PP conformant Common Criteria Part 2 extended",
"cert_id": "BSI-DSZ-CC-1158-V3-2025",
"cert_item": "Digital Tachograph DTCO 1381, Release 4.1a",
"cert_lab": "BSI",
"developer": "Continental Automotive Technologies GmbH",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
],
"ref_protection_profiles": "Digital Tachograph - Vehicle Unit (VU PP) Version 1.15, 6 June 2021, BSI-CC-PP-0094-V2-2021"
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 3
},
"ECDSA": {
"ECDSA": 3
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1158-V2-2023": 3,
"BSI-DSZ-CC-1158-V3-2025": 17
},
"NL": {
"NSCIB-CC-2200060-02": 2
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP- 0094-V2-2021": 1,
"BSI-CC-PP-0094-V2-2021": 3
}
},
"cc_sar": {
"ALC": {
"ALC_CMC.4": 1,
"ALC_CMS.4": 1,
"ALC_DEL.1": 1,
"ALC_DVS.1": 1,
"ALC_FLR": 2,
"ALC_LCD.1": 1,
"ALC_TAT.1": 1
},
"ATE": {
"ATE_DPT.2": 4,
"ATE_FUN": 1
},
"AVA": {
"AVA_VAN.5": 4
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 3,
"EAL 4": 5,
"EAL 4 augmented": 3,
"EAL 5": 4,
"EAL 5+": 1,
"EAL 6": 1,
"EAL4": 1,
"EAL4+": 1
}
},
"cc_sfr": {},
"certification_process": {
"ConfidentialDocument": {
"18 December 2024, Evaluation Technical Report BSI-DSZ-CC-1158-V3, Deutsche Telekom Security GmbH, (confidential document) [8] Digital Tachograph - Vehicle Unit (VU PP) Version 1.15, 6 June 2021, BSI-CC-PP- 0094-V2-2021": 1,
"being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1,
"list for the TOE, Version 1.66, 11 December 2024, Konfigurationsliste, Continental AG (confidential document) 7 specifically \u2022 AIS 20, Version 3, Funktionalit\u00e4tsklassen und Evaluationsmethodologie f\u00fcr": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"DeutscheTelekom": {
"Deutsche Telekom Security": 3
},
"TUV": {
"T\u00dcV Informationstechnik": 1
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-384": 1,
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {
"other": {
"JIL": 4
}
},
"standard_id": {
"BSI": {
"AIS 20": 2,
"AIS 25": 2,
"AIS 26": 2,
"AIS 31": 2,
"AIS 32": 1,
"AIS 34": 2,
"AIS 35": 1,
"AIS 36": 3,
"AIS 37": 2,
"AIS 38": 2,
"AIS 40": 1,
"AIS 46": 1,
"AIS 49": 2,
"AIS 50": 1
},
"FIPS": {
"FIPS PUB 197": 1
},
"ISO": {
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4,
"ISO/IEC 9797-1": 1
},
"NIST": {
"SP 800-38A": 1,
"SP 800-38B": 1
},
"PKCS": {
"PKCS #1": 5
},
"RFC": {
"RFC 5480": 1,
"RFC 5639": 1,
"RFC 5869": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 5
}
},
"DES": {
"3DES": {
"Triple-DES": 1
},
"DES": {
"DES": 1
}
},
"constructions": {
"MAC": {
"CBC-MAC": 1,
"CMAC": 1
}
}
},
"technical_report_id": {
"BSI": {
"BSI 7148": 1
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Infineon": {
"Infineon Technologies AG": 1
}
},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Federal Office for Information Security",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, Continental, Digital Tachograph, DTCO, Vehicle Unit\"",
"/Subject": "Common Criteria, Certification, Zertifizierung, Continental, Digital Tachograph, DTCO, Vehicle Unit",
"/Title": "Certification Report BSI-DSZ-CC-1158-V3-2025",
"pdf_file_size_bytes": 641185,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.commoncriteriaportal.org/",
"https://www.sogis.eu/",
"https://www.bsi.bund.de/zertifizierung",
"https://www.bsi.bund.de/zertifizierungsreporte",
"https://www.commoncriteriaportal.org/",
"https://www.bsi.bund.de/AIS",
"http://www.commoncriteriaportal.org/cc/",
"https://www.bsi.bund.de/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 30
},
"st_filename": "1158V3b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 18
},
"ECDSA": {
"ECDSA": 2
}
}
},
"cc_cert_id": {},
"cc_claims": {
"OE": {
"OE.EOL": 4
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0093": 1,
"BSI-CC-PP-0094-V2": 1
}
},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 2,
"ADV_FSP.4": 1,
"ADV_IMP.1": 1,
"ADV_TDS.3": 2
},
"AGD": {
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ATE": {
"ATE_DPT.1": 1,
"ATE_DPT.2": 8,
"ATE_FUN.1": 1
},
"AVA": {
"AVA_VAN.5": 8
}
},
"cc_security_level": {
"EAL": {
"EAL 4": 3,
"EAL 4 augmented": 1,
"EAL4": 12,
"EAL4 augmented": 4,
"EAL6": 1,
"EAL6 augmented": 1,
"EAL6+": 1
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN": 6,
"FAU_GEN.1": 12,
"FAU_GEN.1.1": 1,
"FAU_GEN.1.2": 1,
"FAU_SAR": 2,
"FAU_SAR.1": 5,
"FAU_SAR.1.1": 1,
"FAU_SAR.1.2": 1,
"FAU_STG": 3,
"FAU_STG.1": 9,
"FAU_STG.1.1": 1,
"FAU_STG.1.2": 1,
"FAU_STG.3": 1,
"FAU_STG.4": 5,
"FAU_STG.4.1": 1
},
"FCO": {
"FCO_NRO": 1,
"FCO_NRO.1": 6,
"FCO_NRO.1.1": 1,
"FCO_NRO.1.2": 1,
"FCO_NRO.1.3": 1
},
"FCS": {
"FCS_CKM": 4,
"FCS_CKM.1": 48,
"FCS_CKM.1.1": 2,
"FCS_CKM.2": 22,
"FCS_CKM.2.1": 2,
"FCS_CKM.4": 39,
"FCS_CKM.4.1": 2,
"FCS_COP": 2,
"FCS_COP.1": 53,
"FCS_COP.1.1": 8,
"FCS_RNG": 8,
"FCS_RNG.1": 31,
"FCS_RNG.1.1": 8,
"FCS_RNG.1.2": 8
},
"FDP": {
"FDP_ACC": 6,
"FDP_ACC.1": 85,
"FDP_ACC.1.1": 6,
"FDP_ACF": 6,
"FDP_ACF.1": 68,
"FDP_ACF.1.1": 12,
"FDP_ACF.1.2": 7,
"FDP_ACF.1.3": 6,
"FDP_ACF.1.4": 6,
"FDP_ETC": 5,
"FDP_ETC.2": 7,
"FDP_ETC.2.1": 1,
"FDP_ETC.2.2": 1,
"FDP_ETC.2.3": 1,
"FDP_ETC.2.4": 1,
"FDP_IFC": 1,
"FDP_IFC.1": 8,
"FDP_ITC": 6,
"FDP_ITC.1": 25,
"FDP_ITC.1.1": 1,
"FDP_ITC.1.2": 1,
"FDP_ITC.1.3": 1,
"FDP_ITC.2": 36,
"FDP_ITC.2.1": 1,
"FDP_ITC.2.2": 1,
"FDP_ITC.2.3": 1,
"FDP_ITC.2.4": 1,
"FDP_ITC.2.5": 2,
"FDP_ITT": 1,
"FDP_ITT.1": 5,
"FDP_ITT.1.1": 1,
"FDP_RIP": 3,
"FDP_RIP.1": 8,
"FDP_RIP.1.1": 1,
"FDP_SDI": 1,
"FDP_SDI.1": 3,
"FDP_SDI.2": 22,
"FDP_SDI.2.1": 3,
"FDP_SDI.2.2": 3
},
"FIA": {
"FIA_AFL": 1,
"FIA_AFL.1": 29,
"FIA_AFL.1.1": 6,
"FIA_AFL.1.2": 4,
"FIA_ATD": 2,
"FIA_ATD.1": 19,
"FIA_ATD.1.1": 3,
"FIA_SOS.2": 1,
"FIA_UAU": 8,
"FIA_UAU.1": 28,
"FIA_UAU.1.1": 2,
"FIA_UAU.1.2": 2,
"FIA_UAU.2": 13,
"FIA_UAU.2.1": 2,
"FIA_UAU.3": 7,
"FIA_UAU.3.1": 1,
"FIA_UAU.3.2": 1,
"FIA_UAU.5": 8,
"FIA_UAU.5.1": 1,
"FIA_UAU.5.2": 1,
"FIA_UAU.6": 5,
"FIA_UAU.6.1": 1,
"FIA_UID": 2,
"FIA_UID.1": 13,
"FIA_UID.2": 14,
"FIA_UID.2.1": 1
},
"FMT": {
"FMT_MOF": 1,
"FMT_MOF.1": 31,
"FMT_MOF.1.1": 5,
"FMT_MSA": 9,
"FMT_MSA.1": 17,
"FMT_MSA.1.1": 1,
"FMT_MSA.3": 55,
"FMT_MSA.3.1": 6,
"FMT_MSA.3.2": 6,
"FMT_MTD": 3,
"FMT_MTD.1": 9,
"FMT_MTD.1.1": 1,
"FMT_SMF": 9,
"FMT_SMF.1": 19,
"FMT_SMF.1.1": 1,
"FMT_SMR": 14,
"FMT_SMR.1": 33,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FPT": {
"FPT_FLS": 2,
"FPT_FLS.1": 4,
"FPT_FLS.1.1": 1,
"FPT_PHP": 3,
"FPT_PHP.1": 1,
"FPT_PHP.2": 5,
"FPT_PHP.2.1": 1,
"FPT_PHP.2.2": 1,
"FPT_PHP.2.3": 2,
"FPT_PHP.3": 5,
"FPT_PHP.3.1": 1,
"FPT_STM": 3,
"FPT_STM.1": 10,
"FPT_STM.1.1": 1,
"FPT_TDC": 2,
"FPT_TDC.1": 26,
"FPT_TDC.1.1": 3,
"FPT_TDC.1.2": 3,
"FPT_TST": 2,
"FPT_TST.1": 6,
"FPT_TST.1.1": 2,
"FPT_TST.1.2": 1,
"FPT_TST.1.3": 2
},
"FTP": {
"FTP_ITC": 3,
"FTP_ITC.1": 26,
"FTP_ITC.1.1": 4,
"FTP_ITC.1.2": 4,
"FTP_ITC.1.3": 4,
"FTP_TRP.1": 2
}
},
"certification_process": {
"OutOfScope": {
"30 RSA Generated by ERCA; inserted in VU by manufacturer at the end of the manufacturing phase Out of scope for this ST Not applicable VU non- volatile memory Card.PK (condition al, possibly multiple) Card": 1,
"33 ECC Generated by ERCA; inserted in VU by manufacturer at the end of the manufacturing phase Out of scope for this ST Not applicable VU non- volatile memory (conditional; only present if existing at time": 1,
"33) ECC Generated by MSCA ; obtained by VU in MSCA- _Card certificate during mutual authentication Out of scope for this ST Not applicable VU non- volatile memory (conditional, possibly multiple) VUEGF.P K": 1,
"33. ECC Generated by ERCA; inserted in VU by manufacturer at the end of the manufacturing phase Out of scope for this ST Not applicable VU non- volatile memory EUR.PK (previous) The previous public key of": 1,
"33. ECC Generated by MSCA ; obtained by VU in MSCA_VU-EGF certificate during coupling to an EGF Out of scope for this ST Not applicable VU non- volatile memory (conditional, possibly multiple) DTCO1381 R4.1a": 1,
"C as part of the EUR.Link.C; obtained by VU du- ring mutual authentication towards such card or EGF Out of scope for this ST Not applicable VU general nonvo-latile memory (con-ditional; only if the VU has": 1,
"MACs for the data integrity control of user data records AES Generated by the VU manufacturer Out of scope of this ST Made unavailable when the VU has reached end of life VU non- volatile memory DTCO1381": 1,
"Note: as explained in Annex 1C [54], Appendix 11, section 12.2, a VU contains only one Km-vu. Out of scope for this ST Made unavailable when the VU has reached end of life VU non- volatile Memory Km-wc": 1,
"Out of scope": 18,
"and session key ECC Generated by card or card manufac- turer; obtained by VU in card certi- Out of scope for this ST Not applicable VU non- volatile memory (conditional, DTCO1381 R4.1a, Security Target": 1,
"by card or card manufacturer; obtained by VU in card certificate during mutual authentication Out of scope for this ST Not applicable VU non- volatile memory MS.PK (condition al, Public key of an MSCA other": 1,
"for update file To ensure confidentiality of the update file AES Generated by the VU manufacturer Out of scope of this ST Made unavailable when the VU has reached end of life Not permanently stored CBC- MAC": 1,
"foreign) MSCA; obtained by VU in Out of scope for this ST Not applicable VU non- volatile memory DTCO1381 R4.1a, Security Target Rev": 1,
"key generations). However, a VU will retrieve only one of these keys during the pairing process. Out of scope for this ST Made unavailable at the latest by end of calibration phase Not permanently stored; only": 1,
"obtained by VU in EGF certificate during mutual authentication as part of the coupling process Out of scope for this ST Not applicable VU non- volatile memory (conditional, possibly multiple) MSCA _Card.PK": 1,
"of the underlying elliptic curve and the CBC- MAC key itself AES Generated by the VU manufacturer Out of scope of this ST Made unavailable when the VU has reached end of life VU non- volatile memory Kvu": 1,
"received from VU manufacturer; inserted by VU manufacturer at the end of the manufacturing phase Out of scope for this ST Made unavailable when the VU has reached end of life VU non- volatile memory 38 Note": 1,
"received from VU manufacturer; inserted by VU manufacturer at the end of the manufacturing phase Out of scope for this ST Made unavailable when the VU has reached end of life VU non- volatile memory TK": 1,
"the MSCA Used by VU to perform verification of RSA Generated by (foreign) MSCA; obtained by VU in Out of scope for this ST Not applicable VU non- volatile memory DTCO1381 R4.1a, Security Target Rev. 1.6 p u b": 1,
"under Km) at the end of the manufac-turing phase; obtained and decrypted by VU during pairing Out of scope for this ST Made unavailable at the latest by end of calibration phase Not permanently stored; only": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 2
},
"ECB": {
"ECB": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {
"MAC": {
"MAC": 4
}
},
"device_model": {},
"ecc_curve": {
"Brainpool": {
"brainpoolP256r1": 1,
"brainpoolP384r1": 1,
"brainpoolP512r1": 1
},
"NIST": {
"NIST P-256": 1,
"NIST P-384": 1,
"NIST P-521": 1,
"P-256": 1,
"P-384": 1,
"P-521": 1,
"secp256r1": 1,
"secp384r1": 1,
"secp521r1": 1
}
},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-2": 1,
"SHA-256": 2,
"SHA-384": 2,
"SHA-512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 44
}
},
"side_channel_analysis": {
"FI": {
"Physical tampering": 1,
"malfunction": 1,
"physical tampering": 7
},
"other": {
"reverse engineering": 1
}
},
"standard_id": {
"CC": {
"CCMB-2017-04-001": 1,
"CCMB-2017-04-002": 1,
"CCMB-2017-04-003": 1,
"CCMB-2017-09-001": 1,
"CCMB-2017-09-002": 1,
"CCMB-2017-09-003": 1,
"CCMB-2017-09-004": 1
},
"FIPS": {
"FIPS PUB 180-4": 1,
"FIPS PUB 186-4": 1,
"FIPS PUB 197": 2,
"FIPS PUB 46-3": 1
},
"ISO": {
"ISO/IEC 9797-1": 1
},
"NIST": {
"SP 800-38A": 1,
"SP 800-38B": 1
},
"RFC": {
"RFC 3447": 1,
"RFC 5480": 1,
"RFC 5639": 1,
"RFC 5869": 1,
"RFC 8017": 1,
"RFC3447": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 19
}
},
"DES": {
"3DES": {
"TDES": 4
},
"DES": {
"DES": 4
}
},
"constructions": {
"MAC": {
"CBC-MAC": 1,
"CMAC": 1
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"st_metadata": {
"pdf_file_size_bytes": 1596747,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 129
}
},
"protection_profile_links": {
"_type": "Set",
"elements": [
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0094V2b_pdf.pdf"
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1158V3a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"EAL4+",
"AVA_VAN.5",
"ATE_DPT.2"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1158V3b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "c067b06c38a2be123e2e9b05d489bad6aa9f6d5bd2eb897ba4c3dab5aa24ef6d",
"txt_hash": "d3b2f0244b747181e61270e4ab3a78061479bb3c2ed824b1d05455e85ef851e0"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "59d52797fb5a9045a896f0db5a2d95ddaf05dc89d15d913ee7dc9a59087fd138",
"txt_hash": "8948bea8284490d3be12f7ad445c2a8574424aa209cd009af1c988108b42f76d"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "16b1ac45c3ae5e3cc73986e63dfadeb1889ce39cd83b7d8156f60d567bee2aa0",
"txt_hash": "607d457dbe7d3e02a62320af95fa270fae1fa66cc048372cb263c01bc1aece90"
}
},
"status": "active"
}