EUCC ISAC Software Technical Group – Kick-off Plenary: 3 June 2026

The EUCC ISAC is pleased to announce the official launch of its Software Technical Group on 3 June from 15 to 18 (CET), a new collaborative initiative designed to strengthen the technical foundations of software evaluation within the European cybersecurity certification ecosystem.

To suppoort the maintenance of the evolving EUCC scheme, this Technical Group will bring together experts from across industry, laboratories, certification bodies, and public institutions to jointly develop state-of-the-art methodologies, guidance, and reference materials. The Software Technical Group builds on the EUCC ISAC’s mission to foster collaboration, harmonisation, and excellence in cybersecurity certification.

Scope and Expected Contributions

The Software Technical Group will focus on advancing evaluation practices for software products, particularly at higher assurance levels (AVA_VAN.3 to AVA_VAN.5). Its work will be structured around three core deliverables:

• Attack Methods – a structured and evolving catalogue of techniques aligned with recognised standards

• Attack Potential – a harmonised reference framework for assessing attacker capabilities and effort

• Minimum ITSEF Requirements – baseline expectations for evaluation bodies, including skills, tools, and methodologies

These deliverables are designed as living documents, continuously updated to reflect emerging threats, evolving technologies, and new evaluation practices  .

The group will also explore the growing impact of AI frameworks in software security evaluation, including their role in vulnerability discovery, testing methodologies, and certification processes.

A Collaborative Effort for Europe’s Cybersecurity Future

The EUCC ISAC provides a unique platform where public and private stakeholders collaborate to enhance certification methodologies, share knowledge, and support innovation in cybersecurity.

By joining the Software Technical Group, participants will:

• Collaborate with leading experts across the ecosystem

• Influence the future of software evaluation under EUCC

• Support the development of trusted and secure digital products

How to Join

Interested in contributing to the Software Technical Group? We welcome experts and stakeholders from across the cybersecurity certification ecosystem.

To express your interest or request more information, please visit the EUCC ISAC contact page