he subgroup is taked with the edition of on a guidance document bridging embedded Artificial Intelligence cybersecurity evaluation with the common criteria framework. The document is expected to be a guidance document, outlining the steps for evaluating an embedded AI system in regard of the CC framework, clearly mapping the CC requirements (SFRs, SARs, ST, TOE…), to currently accepted works and standards (CEN JTC21 WD Cybersecurity specifications for AI). The document will need to be understood both by AI practitioners and cybersecurity experts for providing a guidance on how to use the CC for evaluation (and in the future, certification) of embedded AI systems.

The tasks of the subgroups are the following :

• Defining the scope of the document regarding the system evaluated
• Cross documents for risk analysis
• Defining SFRs, SARs, Assurance Level and AVA_VAN level of the chosen typology of system
• In the long term, produce the guidance document.

Terms of Reference:

to be updated

Sub-group leaders:

Ilyes Azouani, CLR Lab
Chairman