Common Criteria for Developers & Evaluators
Riscure Academy - Private Classroom TrainingA multi-day training program tuned to your context, audience, and timelines, designed to help both developers and evaluators streamline the Common Criteria certification process. Now with the additional CC:2022 course, which can be taken independently or as a follow-up to the general CC training.
Duration
3 courses
6-8 weeks
20+ hours self-paced eLearning and practical exercise
4.5 hours Live Mentoring
Certificate
80% or higher on final assessment
Team report (pre vs post assessment)
Interactive
Exercises
Assignments
Quizzes
Live mentoring
Scalable
Self-paced eLearning
Scheduled live mentoring
Spaced for efficiency & effectiveness
Scale to multiple groups
After this program participants will be able to
Security Engineering
Recognize security assets in a TOE
Understand how to apply the attack tree method
Rate and select attack paths
Describe main methods of defence
Embedded Systems
Use open source tooling to identify PCB interfaces
Determine relevance of a component for security
Understand relevance of a component to an attacker
Create and apply countermeasures
Defence & Countermeasures
Evaluate required security properties of an asset
Understand modern threats: implementation attacks, SCA, FI
Understand the role of team work in implementation of security primitives
Understand how modern countermeasures can protect against modern threats
Empower your team to master Common Criteria
- Developers: understand Common Criteria and deliverables to support a successful evaluation.
- Evaluators: understand Common Criteria to successfully perform evaluations according to the standard.
- Managers: peace of mind your teams are equipped for the rigor of a Common Criteria evaluation.
No specific background required
Engineering / Security background preferred
Relevant for anyone working with embedded systems, from decision-makers to engineers
Understand security engineering principles
Understand an embedded system holistically
Setup protections against attacks
Introduction to Common Criteria
- Understanding the Common Criteria standard from different perspectives
- Certification roles and mutual recognition
- EUCC development
- Common Criteria in your company context
Common Criteria Standard
Defining, understanding, and applying the ins and outs of:
- APE & ASE – Protection Profile& Security Target
- AGD – Security Guidance
- ADV – Development
- ATE – Testing
- AVA – Vulnerability Analysis
- ALC – Life-Cycle
Next steps: Impact CC:2022 Training
This focused 4-hour classroom training on the new CC:2022 standard is designed for technical professionals and project managers and assumes a background in Common Criteria (CC).
The course will provide an in-depth understanding of the new CC:2022 standard, focusing on its impact on teams, products, and evaluations. Participants will learn how to better prepare for formal evaluations and navigate the changes introduced by the new standard.
This training can be taken independently or as a follow-up to the general CC training.
Lead developer
Impact CC:2022 Training
As a next step...
What people say
“Very interesting learning approach and material across different aspects of state-of-the-art SoC development with Security in mind. I really want to thank Riscure for offering such good trainings, and the their trainers who make amazing use of their skills, experiences and kindness to easily communicate complex concepts to the audience.”
– Qualcomm
Get Started Today
Don’t let your organization’s embedded systems become an easy target. Invest in the security and success of your business by partnering with Riscure Academy. Contact us today to discuss your training needs and explore our approach. Together, we’ll empower your team to secure your organization’s future.
Frequently asked questions
Do you do individual training?
Individual training is available for self-enrollers within enterprises, but we do not training for individuals outside of organizations. For individuals we recommend Self-Paced or Open training. If you are unsure, please get in touch by filling in the form below.
What is the minimum group size for your expert-led training program?
Are your programs delivered online or as classroom ?
customer's location. Our online programs blend self-paced e-learning, exercises, assessments, and in certain cases expert-sessions (like Q&A webinars or Group Exercises) with Riscure experts.
When can we start with the training/ what do the training schedules look like?
We do not have pre-defined dates for our training sessions. Instead, we aim to accommodate your preferred start time and schedule the spacing of training and relevant sessions accordingly. To ensure a seamless scheduling process, please provide advance notice of 3-4 weeks for our online group programs and 6-8 weeks for classroom programs, as this allows us to secure our trainers' availability. For online training by individuals (self-paced) any enrollment will be facilitated within days or weeks, depending on the level of integration with the customer training platform or HR system. For Open Training schedules, please, contact us by filling in the form below.
Does customer have access to the training materials after the program?
For expert-led group training, including online/hybrid and classroom formats, access to relevant training materials remains available after the training period. The formal training schedule with deadlines is coordinated between Riscure and the customer.