The EUCC ISAC is pleased to announce the creation of a new EUCC ISAC Technical Subgroup, established by ISCI, dedicated to exploring Artificial Intelligence (AI) as an emerging domain within the Common Criteria (CC) framework. As AI becomes increasingly integrated into embedded systems, aligning these technologies with trusted evaluation frameworks like CC is critical for ensuring security, trust, and interoperability. This initiative represents an important step toward preparing certification processes for the rapidly evolving AI landscape.
Our Objective
This subgroup aims to develop a practical guidance document that bridges the world of cybersecurity evaluation for embedded AI systems with the established Common Criteria standards — making the process accessible, actionable, and relevant for both AI practitioners and cybersecurity experts.
What We’re Working On:
- Defining the evaluation scope for embedded AI systems
- Mapping Common Criteria elements (such as SFRs, SARs, Security Targets, TOE) to existing AI cybersecurity standards (e.g., CEN JTC 21 WD)
- Proposing applicable Security Functional Requirements (SFRs), Security Assurance Requirements (SARs), assurance levels, and AVA_VAN levels
- Cross-referencing relevant risk analysis resources
- Publishing a comprehensive guidance document to support future certification processes for AI technologies
Get Involved
This group warmly welcome experts who are interested in contributing to this important work. If you would like to volunteer and be part of shaping the future of AI evaluation under the EUCC framework, please contact the secretariat for more information.