Skip to main content

BSI Standards

Please be advised that a New Work Item Proposal has been loaded to the BSI Standards Development Portal for comment. We hope this will assist in increasing awareness of the Standards Development Portfolio. 
Any comments received will be submitted to IST/33 - Information security, cybersecurity and privacy protection, for consideration when deciding the UK response to CEN. 

Proposal: CEN/CLC/JTC 13 N 543, Security Evaluation Standard for IoT Platforms (SESIP). An effective methodology for applying cybersecurity assessment and re-use for connected products.. 
Please visit 
Comment period end date: 30/08/2021 


This document describes a cybersecurity evaluation methodology, named SESIP, for components of connected ICT products. Security claims in SESIP are made based on the security services offered by those components. Components can be in hardware and software. SESIP aims to support comparability between and reuse of independent security evaluations. SESIP provides a common set of requirements for the security functionality of components which apply to the foundational components of devices that are not application specific. The methodology describes the re-use of evaluation results. 


SESIP is a security evaluation framework for platforms (components) of connected products. SESIP puts the focus on the security services offered by the platform to the next layer software or application. 

SESIP defines a list of security services which can be used when creating SESIP profiles (similar to Protection Profiles) and when defining the Security Target of a particular platform under evaluation. The SESIP framework defines hierarchical assurance packages building on already defined concepts and assurance classes in ISO/IEC 15408-3. SESIP is a methodology that unifies compliance to security requirements, suited for layered security with composition and re-use of evaluation results also into different schemes like CSPN, BSZ, LINCE, FITCEM, ETSI EN 303 645 and IEC 62443-4-2 if needed. 

By this and the clarity on the evaluation scope and depth this proposal creates assurance and trust throughout the layers. This work provides to developers and customers of platforms an easy to use cybersecurity assessment methodology for the parts and potential combination of those parts within a device. This evaluation framework can further support to drive harmonization and expertise ramp up on product cybersecurity across Europe for all stakeholders. The plain English security claims are understandable by non-security experts. This will enable and accelerate the update of cybersecurity harmonization across the member states and industry. 

Any comments received will be submitted to IST/33 - Information security, cybersecurity and privacy protection, for consideration when deciding the UK response to ISO. 

Proposal: ISO/IEC NPISO/IEC JTC 1/SC 27 N 21839, ISO/IEC NP TS 9569 TS 9569 Information security, cybersecurity and privacy protection -- Towards Creating an Extension for Patch Management for ISO/IEC 15408 and ISO/IEC 18045. 
Please visit  
Comment period end date: 25/09/2021 


This TS provides a Security Problem Definition to describe the functionality of a TOE accepting patches. Alongside, it provides an optional set of SFRs to implement the security objectives for the TOE, and a new assurance family, ALC_PAM that intends to increase the assurance on the patches generated by the developer even when they have not being evaluated. Finally, the TS describes some options for Certification Bodies and evaluation authorities willing to take advantage of the additional assurance provided in TOEs evaluated using the elements provided in this TS. 


Common Criteria (CC) or ISO/IEC 15408 allows the certification of the assurance of IT products. The standard has proven to be flexible for high-security use-cases especially for secure elements, security hardware devices and e-government project related components. 

But as good as the standard can be used for the initial certification, the standard does not support differential security evaluation of products that are built based on an already evaluated product and one or several patches applied to it. ISO/IEC 15408 nor ISO/IEC 18045 (or CEM) contain dedicated methods or evaluation activities which would support the evaluation of minor changes or minor updates. 

This document defines common minimum requirements for secure patch management in the form of a functional package and extended assurance family. They can be integrated into PPs and STs for any type of the TOE to include a standard set of requirements for the TOE’s secure patching functionality and the developer’s patch management process. PP or ST author may add additional requirements for secure patch management considering the TOE’s threat environment. 

If you have any comment or need more information, please contact Sami Ortiz at