Ärendetyp 5.3 Diarienummer: 24FMV5341-3
Dokument ID CSEC2024015
Enligt säkerhetsskyddslagen (2018:585)
SEKRETESS
Enligt offentlighets- och
Sekretesslagen (2009:400)
2024-11-08
Försvarets materielverk
Swedish Defence Material Administration
Swedish Certification Body for IT Security
Certification Report PP-Configuration for PSD-KM-
UA-VI
Issue: 1.0, 2024-nov-08
Authorisation: Jerry Johansson, Lead certifier , CSEC
Swedish Certification Body for IT Security
Certification Report PP-Configuration for PSD-KM-UA-VI
24FMV5341-3 1.0 2024-11-08
CSEC2024015 2 (10)
Table of Contents
1 Executive Summary 3
2 Identification 4
3 Results of the Evaluation 5
4 Evaluator Comments and Recommendations 6
5 Certifier Comments and Recommendations 7
6 Glossary 8
7 Bibliography 9
Appendix A Scheme Versions 10
A.1 Scheme/Quality Management System 10
A.2 Scheme Notes 10
Swedish Certification Body for IT Security
Certification Report PP-Configuration for PSD-KM-UA-VI
24FMV5341-3 1.0 2024-11-08
CSEC2024015 3 (10)
1 Executive Summary
The PP-Configuration for Peripheral Sharing Device, Keyboard/Mouse Devices, User
Authentication Devices, and Video/Display Devices, v1.0, combines the requirements
of the Protection Profile for Peripheral Sharing Devices, v4.0, the PP-Module for
Keyboard/Mouse Devices, v1.0, the PP-Module for User Authentication Devices,
v1.0, and the PP-Module for Video/Display Devices, v1.0.
The PP-Configuration is used in the same way as a PP and is recognised as a PP with-
in the CCRA.
The PP-Configuration for Peripheral Sharing Device, Keyboard/Mouse Devices, User
Authentication Devices, and Video/Display Devices, v1.0, requires exact conformance
when claimed in an ST.
The PP-Configuration evaluation has been performed by Intertek Sweden and was
completed on the 23rd of October 2024. The evaluation was performed concurrently
with and as a separate part of the evaluation of the product MilDef KSW5191 PSD.
The evaluation was conducted according to the requirements of Common Criteria,
version 3.1, revision 5, the Common Methodology for IT Security Evaluation, version
3.1, revision 5, and the CC and CEM Addenda - Exact Conformance, Selection-Based
SFRs, Optional SFRs, version 2.0. The evaluation has been performed according to
the assurance class ACE in CC Part 3, including indicated work units from the APE
class and from the CC and CEM Addenda mentioned above.
Intertek Sweden is a licensed evaluated facility for Common Criteria under the Swe-
dish Common Criteria Evaluation and Certification Scheme. Intertek Sweden is also
accredited by the Swedish accreditation body SWEDAC according to ISO/IEC 17025
for Common Criteria evaluation.
The certifier monitored the activities of the evaluator by reviewing all work units in
the evaluation report. The certifier determined that the evaluation results have been
reached in agreement with the requirements of the Common Criteria and the Common
Methodology.
The certification results only apply to the version of the PP-Configuration indicated
in the certificate.
This certificate is not an endorsement of the PP-Configuration by CSEC or any other
organisation that recognises or gives effect to this certificate, and no warranty of the
PP-Configuration by CSEC or any other organisation that recognises or gives effect
to this certificate is either expressed or implied.
Swedish Certification Body for IT Security
Certification Report PP-Configuration for PSD-KM-UA-VI
24FMV5341-3 1.0 2024-11-08
CSEC2024015 4 (10)
2 Identification
Certification Identification
Certification ID CSEC2024015
Name and version of the
certified PP-Configuration
PP-Configuration for Peripheral Sharing Device,
Keyboard/Mouse Devices, User Authentication De-
vices, and Video/Display Devices, v1.0
(CFG_PSD‐KM‐UA‐VI_V1.0)
Base PP Identification Protection Profile for Peripheral Sharing Devices,
version 4.0
PP-Module Identification PP-Module for Keyboard/Mouse Devices, v1.0
PP-Module for User Authentication Devices, v1.0
PP-Module for Video/Display Devices, v1.0
Sponsor MilDef Group AB
Developer NIAP
ITSEF Intertek Sweden
Common Criteria version 3.1 release 5
CEM version 3.1 release 5
CC and CEM addenda - Exact Conformance, Selec-
tion-Based SFRs, Optional SFRs, v2.0
QMS version 2.5.2
Scheme Notes Release 22.0
Recognition Scope CCRA
Certification date 2024-11-08
Swedish Certification Body for IT Security
Certification Report PP-Configuration for PSD-KM-UA-VI
24FMV5341-3 1.0 2024-11-08
CSEC2024015 5 (10)
3 Results of the Evaluation
The evaluators applied each work unit of the Common Methodology [CEM] within
the scope of the evaluation, and concluded that the TOE meets the requirements of the
assurance class ACE, with some implied work units from assurance class APE and
from the CC and CEM addenda [ADD]
The evaluators' overall verdict is PASS.
The verdicts for the assurance classes and components are summarised in the follow-
ing table:
Assurance Class / Component Short name Verdict
PP-Configuration Evaluation ACE PASS
PP-Module Introduction ACE_INT.1 PASS
PP-Module Conformance Claims ACE_CCL.1 PASS
PP-Module Security Problem Definition ACE_ SPD.1 PASS
PP-Module Security Objectives ACE_ OBJ.1 PASS
PP-Module Extended Components Definition ACE_ ECD.1 PASS
PP-Module Security Requirements ACE_REQ.1 PASS
PP-Module Consistency ACE_MCO.1 PASS
PP-Configuration Consistency ACE_CCO.1 PASS
Swedish Certification Body for IT Security
Certification Report PP-Configuration for PSD-KM-UA-VI
24FMV5341-3 1.0 2024-11-08
CSEC2024015 6 (10)
4 Evaluator Comments and Recommendations
None.
Swedish Certification Body for IT Security
Certification Report PP-Configuration for PSD-KM-UA-VI
24FMV5341-3 1.0 2024-11-08
CSEC2024015 7 (10)
5 Certifier Comments and Recommendations
During the evaluation of: PP-Configuration for Peripheral Sharing Device,
Keyboard/Mouse Devices, User Authentication Devices, and Video/Display
Devices, v1.0, the following interpretations were considered:
TD0506 Missing Steps to disconnect and reconnect display [MOD_VI]
TD0507 Clarification on USB plug type [MOD_KM]
TD0514 Correction to MOD VI FDP_APC_EXT.1 Test 3 Step 6 [MOD_VI]
TD0518 Typographical error in Dependency Table [PP_PSD]
TD0539 Incorrect selection trigger in FTA_CIN_EXT.1 in
MOD_VI_V1.0
[MOD_VI]
TD0583 FPT_PHP.3 modified for PSD remote controllers [PP_PSD]
TD0584 Update to FDP_APC_EXT.1 Video Tests [MOD_VI]
TD0586 DisplayPort and HDMI Interfaces in FDP_IPC_EXT.1 [MOD_VI]
TD0593 Equivalency Arguments for PSD [MOD_KM]
[MOD_UA]
[MOD_VI]
TD0619 Test EAs for internal UA devices [MOD_UA]
TD0620 EDID Read Requirements [MOD_VI]
TD0681 PSD purging of EDID data upon disconnect [MOD_VI]
TD0686 DisplayPort CEC Testing [MOD_VI]
TD0804 Clarification regarding Extenders in PSD Evaluations [PP_PSD]
TD0844 Addition of Assurance Package for Flaw Remediation
V1.0 Conformance Claim
[PP_PSD]
Please note that when using the PP-Configuration in a product evaluation, these and
additional interpretations may apply.
Swedish Certification Body for IT Security
Certification Report PP-Configuration for PSD-KM-UA-VI
24FMV5341-3 1.0 2024-11-08
CSEC2024015 8 (10)
6 Glossary
CCRA Common Criteria Recognition Arrangement
CC Common Criteria - CC Part 1-3 refers to the Common
Criteria Documentation
CEM Common Methodology for Information Technology
Security Evaluation
PP Protection Profile
cPP Collaborative Protection Profile
PP-Configuration Protection Profile composed of Base Protection Profiles and
Protection Profile Modules
PP-Module Implementation-independent statement of security needs for
a TOE type complementary to one or more Base Protection
Profiles
Base PP Protection Profile used as a basis to build a Protection Pro-
file Configuration
TOE Target of Evaluation
Swedish Certification Body for IT Security
Certification Report PP-Configuration for PSD-KM-UA-VI
24FMV5341-3 1.0 2024-11-08
CSEC2024015 9 (10)
7 Bibliography
SER_ACE ACE SINGLE EVALUATION REPORT (SER) FOR COMMON
CRITERIA EVALUATION OF PP-CONFIGURATION FOR
PERIPHERAL SHARING DEVICE, KEYBOARD/MOUSE
DEVICES, USER AUTHENTICATION DEVICES, AND
VIDEO/DISPLAY DEVICES, Intertek Sweden, 2024-Jul-02,
document version 0.2, FMV ID 24FMV2376-27
PP-CFG PP-Configuration for Peripheral Sharing Device, Keyboard/Mouse De-
vices, User Authentication Devices, and Video/Display Devices, v1.0,
2019-Jul-19, FMV ID 24FMV5341-1
PP_PSD Protection Profile for Peripheral Sharing Devices, v4.0, 19 July 2019,
FMV ID 24FMV5341-1
FLR Assurance Package for Flaw Remediation, NIAP, 2024-Jun-28,
document version 1.0, FMV ID 24FMV5341-1
MOD_KM PP-Module for Keyboard/Mouse Devices, v1.0, 19 July 2019, FMV ID
24FMV5341-1
SD_KM Supporting Document Mandatory Technical Document PP-Module for
Keyboard/Mouse Devices, v1.0, 19 July 2019, FMV ID 24FMV5341-1
MOD_UA PP-Module for User Authentication Devices, v1.0, 19 July 2019, FMV
ID 24FMV5341-1
SD_UA Supporting Document Mandatory Technical Document PP-Module for
User Authentication Devices, v1.0, 19 July 2019, FMV ID 24FMV5341-
1
MOD_VI PP-Module for Video/Display Devices, v1.0, 19 July 2019, FMV ID
24FMV5341-1
SD_VI Supporting Document Mandatory Technical Document PP-Module for
Video/Display Devices, v1.0, 19 July 2019, FMV ID 24FMV5341-1
ADD CC and CEM addenda - Exact Conformance, Selection-Based SFRs,
Optional SFRs, CCMB, 2021-Sep-30, document version 2.0,
Unique identifier 13
CC, CEM Common Criteria for Information Technology Security Evaluation, and
Common Methodology for Information Technology Security Evalua-
tion, CCMB-2017-04, 001 through 004, document version 3.1 revision 5
Swedish Certification Body for IT Security
Certification Report PP-Configuration for PSD-KM-UA-VI
24FMV5341-3 1.0 2024-11-08
CSEC2024015 10 (10)
Appendix A Scheme Versions
During the certification the following versions of the Swedish Common Criteria Eval-
uation and Certification scheme have been used.
A.1 Scheme/Quality Management System
Version Introduced Impact of changes
2.5.2 2014-06-14 None
2.5.1 Application Original version
A.2 Scheme Notes
Scheme Note 28 - Updated procedures for application, evaluation, and certification.