Common Criteria Forum Workshop Program

Printer-friendly version

Contributed essays and the invited essay will be linked to the program prior to the commencement of the Workshop.
Presentations will be linked to the program shortly after the conclusion of the Workshop.

The Common Criteria Forum Business Meeting scheduled after the conclusion of sessions on Wednesday April 25 is open to all interested individuals. Planning for future workshops will be discussed. Participation from the CC Forum membership is essential to the ongoing vitality of the CC Forum.

For more information contact the Workshop Chairman: Rance DeLong

The names of invited speakers and presenting essayists are underlined in the following.

Wednesday, April 25
07:30 - 09:00 BREAKFAST
09:00 - 09:30
Welcome and Opening Remarks

  • Rance DeLong, Workshop Chair                           
  • Allen Brown, CEO, The Open Group
09:30 - 10:30 Keynote: 'European Strategy for Internet Security'

Andrea Servida, Deputy Head of the Unit: "Internet: Network and Information Security" Information Society and Media Directorate-General, European Commission, Brussels, Belgium

Andrea Servida joined the European Commission in 1993 and since January 2006 he is Deputy Head of the Unit "Internet; Network and Information Security" in the Information Society and Media Directorate-General. Besides co-managing the Unit, he is in charge of defining and implementing the strategies and policies on network and information security, critical information infrastructure protection and, last but not least, electronic signature. He also coordinates the team responsible for the European Network and Information Security Agency (ENISA).

Until 2005 Andrea Servida worked in the Information Society Technologies Thematic Priority of FP6 with management responsibilities for the research activities on security and dependability technologies and applications. In the 5th Framework Programme, he has been in charge of shaping up and co-ordinating at the Programme level the initiative on Dependability in Information Society (called DEPPY), including the preparation and management of related Cross Programme Actions calls for proposals and evaluation. This initiative focused on large scale information infrastructures and on extensively deployed networked embedded systems. Before joining the European Commission he has worked in industry for nearly eight years as a project manager of a number of international R&D projects on decision support systems for environmental, civil and industrial emergency and risk management.

He graduated with Laude in Nuclear Engineering at Politecnico di Milano and carried out PhD studies on fuzzy sets and artificial intelligence at Queen Mary and Westfield College, University of London.

10:30 - 11:00 COFFEE
11:00 - 12:00 Invited Essay: 'Quo Vadis, Common Criteria?' (Presentation Abstract)

Helmut Kurth, Chief Scientist and Common Criteria Laboratory Director, @sec information security, Austin, Texas, USA

Helmut Kurth is the co-founder and Chief Scientist of atsec information security and also acts as the director of the Common Criteria Evalution Facility there. He has been working in the field of information security since 1984, covering many aspects of information security like design of high-assurance systems, use of formal methods, design of high security crypto systems, security assessments, and standardization. was the main author of the German IT Security Evaluation Criteria, was involved in the development of the European ITSEC, and has been continuously active in IT security evaluations since 1988. His evaluation experience includes products from smart cards to mainframe operating systems and assurance levels from EAL2 to EAL7. In addition he is the co-author of the ISO guide for the production of Protection Profiles and Security Targets (ISO/IEC TR 15446:2009).

Helmut Kurth has given presentations on different topics of information security at numerous international conferences.

Helmut Kurth has a Masters Degree in Applied Mathematics from the University of Bonn, Germany.

12:00 - 12:30 Overview of Afternoon Sessions - Workshop and Session Chairs
12:30 - 14:00 LUNCH
14:00 - 15:30 Plenary Working Session: (Two 45-minute sessions)

  • Work Group: Practical CC Problems
  • Short Status Report: Terms of Reference for Technical Communities
  • Work Group: CC Evolution Roadmap
15:30 - 16:00 COFFEE
16:00 - 17:00

Contributed Essay: 'DO-178B and Common Criteria Evaluation' (Presentation Abstract)

Sergey Tverdyshev, head of the research department at SYSGO

Sergey Tverdyshev's favorite research topic is secure hypervisors (aka separation kernels), MILS, and architectures of secure systems. As a side-topic he works on an approach for pragmatical integration of formal methods into existing requirements-based engineering techniques.

Sergey Tverdyshev received his PhD from Saarland University. In his thesis he formally designed, specified, and verified an out-of-order microprocessor. In his thesis he developed a tool to combine a theorem prover and a model checker as well as a tool for generation of Verilog code from the formal hardware models.

17:00 - 18:00 Plenary Working Session:

  • Work Group: Common Criteria Forum Governance
18:00 - 18:45 CC Forum Business Meeting and future Workshop Planning
Thursday, April 26   
07:30 - 09:00 BREAKFAST
09:00 - 09:30 Day 2 Opening Remarks
09:30 - 10:30 Keynote: 'The Multifaceted Nature of Security Assurance' (Presentation Abstract)

Sal La Pietra, Sal LaPietra, President and CEO, atsec information security, Austin, Texas, USA

Sal La Pietra is responsible for setting up and executing strategy, direction and business goal for all the atsec companies globally. Sal holds more than 25 years of infosec experience, Prior to co-founding atsec, Sal was in charge of the IBM European Security Center of Competence in Munich, which conducted major security projects for European industries and banks. At IBM, he was responsible for the ITSEC evaluation of AIX and the first Common Criteria evaluation of AIX BEST/X. Before joining IBM, Sal earned experience at Sun Microsystems, Olivetti and Italtel.

Sal holds a degree in Computer Science from The University of Torino in Italy.

10:30 - 11:00 COFFEE
11:00 - 12:30

Plenary Working Session

  • Work Group: Assurance and the CC
12:30 - 14:00 LUNCH
14:00 - 15:30

Parallel Working Sessions: Joint or split 90-minute session(s)

  • Work Group: Practical CC Problems
  • Work Group: Common Criteria Forum Governance
  • Discussion Group: Technical Communities and Collaborative PPs
15:30 - 16:00 COFFEE
16:00 - 17:00

Parallel Working Sessions: Joint or split 60-minute session(s)

  • Work Group: Re-engineering the CC
  • Work Group: CC Evolution Roadmap
17:00 - 17:45 Plenary Discussion - ALL
17:45 - 18:00 Closing Remarks