Agenda

Date and TimeTitle
Nov 16, 2020 (Berlin)
1:00pm - 2:35pm
PLENARY CONFERENCE SESSION (P00 a-e)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

13:00 CET Introduction, Jose Ruiz Gualda, Program Director, ICCC, Co-founder, jtsec Beyond IT Security, Spain; Opening Welcome (P00a) Martin Schaffer, Global Head of Cybersecurity Services, SGS Group, Austria

13:05 CET Keynote: Securing the Edge: The Role of Third-Party Security Verification (P00b) Wolfgang Steinbauer, Vice-President, Head of Competence Centre Crypto and Security, NXP, Austria

13:35 CET CCDB Update (P00c) Rob Huisman, Netherlands National Communications Security Agency, Netherlands

13:50 CET CCRA Update (P00d) Colin Whorlow, Head of International Standards, National Cyber Security Centre (NCSC), United Kingdom

14:05 CET CCUF Update (P00e) Petra Manche, Product Security Certification Engineer, Cisco, United Kingdom

Nov 16, 2020 (Berlin)
2:35pm - 3:40pm
PLENARY CONFERENCE SESSION (P00 f)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

14:35 CET Panel Discussion on EUCC and CCRA: Market Impact (P00f)

Panelists: Roberto Cascella, Senior Policy Manager, European Cyber Security Organisation (ECSO), Belgium; Michael Grimm, Principal Security Program Manager, Microsoft, United States;  Jonathan Sage, Government and Regulatory Affairs, IBM, United Kingdom; Aristotelis Tzafalias, Policy Officer, European Commission, Greece

Moderator: Miguel Bañón, Convenor, ISO/IEC JTC 1/SC 27/WG 3, Spain

Nov 16, 2020 (Berlin)
4:00pm - 5:30pm
Meeting Customer Requirements (M01)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

16:00 CET FIA’s OTP Security—a Common Criteria Approach (M01a) Markus Bartsch, Business Development, TUViT, Germany; Markus Wagner, TÜV Informationstechnik GmbH

16:30 CET The Road to Smart Meter Security Requirements Acceptance (M01b) Willem Strabbing, Managing Director, ESMIG, Belgium; Olaf Tettero, CTO, Brightsight, The Netherlands

17:00 CET eHealth: Infrastructure and Evaluation in Germany (M01c) Sebastian Hoppach, Security Consultant/Evaluator, TÜV Informationstechnik GmbH, Germany

Moderator: Petra Manche, Product Security Certification Engineer, Cisco, United Kingdom

 

Nov 16, 2020 (Berlin)
4:00pm - 5:30pm
New CC ISO Revision Update (R01)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

16:00 CET ISO/IEC JTC 1/SC 27/WG 3, Current Status, Roadmap and Challenges (R01a) Miguel Bañon, Convenor, ISO/IEC JTC 1/SC 27/WG 3, Spain

16:30 CET Changes in the ISO/IEC 15408 General Model (R01b) Elzbieta Andrukiewicz, KSO3C Project Manager, National Institute of Telecommunications, Poland

17:00 CET Adopting the New Evaluation Methods and Activities in ISO/IEC 15408-4 (R01c) Tony Boswell, Senior Principal Consultant, CyTAL, United Kingdom

Moderator: Dr. Michael Vogel, Principal Consultant, COO, atsec information security GmbH, Germany

Nov 16, 2020 (Berlin)
5:30pm - 6:00pm
SGS and Graz University of Technology Announcing Launch of New Cybersecurity Research Center (P01d) <br><font color="#aaaaaa">SPONSORED</font>

17:30 CET SGS and Graz University of Technology Announcing Launch of New Cybersecurity Research Center (P01d) Martin Schaffer, Global Head of Cybersecurity Services of SGS, Germany; Stefan Mangard, Professor and Head of the Institute of Applied Information Processing and Communications at Graz University of Technology

In 2019, SGS and Graz University of Technology (TU Graz) announced the Cybersecurity Campus Graz, where SGS then located its global headquarter for Cybersecurity Services next to TU Graz’ Cybersecurity Research Team (famous for their discoveries around Meltdown and Spectre). One key milestone of growing the campus is now the launch of a new cybersecurity research center, operated by SGS and TU Graz. In the session, Martin Schaffer, Global Head of SGS Cybersecurity Services and Stefan Mangard, Professor of IT-Security of TU Graz, will disclose the name of the new research company, its vision, mission and how it will provide high value to society.

SPONSORED

Nov 16, 2020 (Berlin)
6:00pm - 7:30pm
Updates from Schemes and ITCs (U02)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

18:00 CET Biometrics Security iTC Update (U02a) Brian Wood, Device Security Certification Manager, Samsung Research America, United States

18:30 CET Network Device iTC Update (U02b) Kristy Knowles, Product Security Certification Engineer, Cisco, United States

19:00 CET German Scheme Update (U02c) Fritz Bollmann, BSI (Federal Office for Information Security), Germany

Moderator: Dr. Michael Vogel, Principal Consultant, COO, atsec information security GmbH, Germany

Nov 16, 2020 (Berlin)
6:00pm - 7:30pm
Meeting Customer Requirements (M02)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

18:00 CET FIPS vs CC: What Drives Certification Demand for HSMs? (M02a) Ignacio Dieguez, Senior Principal Security Certifications Engineer, Entrust, United Kingdom; Natalya Robert, Principal Security Certifications Engineer, Entrust, United Kingdom

18:30 CET Protection Profile for SaaS Multi-Tenant Cryptographic Isolation (M02b) Richard Tychansky, Security Architect, Identity Dynamics Corp, United States

Moderator: Nithya Rachamadugu, Senior Director, Cygnacom Solutions, United States

Nov 17, 2020 (Berlin)
1:00pm - 2:30pm
Meeting Customer Requirements (M10)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

13:00 CET Track Keynote: Meeting Customer Requirements with Unified Verification Standard (M10a) Bob Xie, Cyber Security Officer, Huawei Western European Region, Director, Huawei Cyber Security Transparency Centre, Huawei, Belgium

13:30 CET Trust Model for Verticals Over 5G (M10b) Claire Loiseaux, CEO, Internet of Trust, France

14:00 CET You want what? By when?? …. Ok! (M10c) Wouter Slegers, CEO, TrustCB, Netherlands

Moderator: Ahmad Zuraimi bin Mohamad, Technical Director, Cybersecurity & Common Criteria, Securelytics, Malaysia

Nov 17, 2020 (Berlin)
1:00pm - 2:30pm
Updates from Schemes and ITCs (U10)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

13:00 CET Japanese Scheme Update (U10a) Toru Hashimoto, Assistant Manager, IPA, Japan

13:30 CET Hardcopy Devices iTC Update (U10b) Kwangwoo Lee, Security Architect, HP, South Korea

14:00 CET KSO3C: Polish Schema for Evaluation and Certification Compliant with Common Criteria—Last Step Towards Recognition (U10c) Elzbieta Andrukiewicz, KSO3C Project Manager, National Institute of Telecommunications, Poland

Moderator: Naisby Camponeschi, NIAP, United States

Nov 17, 2020 (Berlin)
2:30pm - 3:00pm
atsec – All You Would be Looking For (P10d) <br><font color="#aaaaaa">SPONSORED</font>

14:30 CET atsec – All You Would be Looking For (P10d) Michael Vogel, atsec Germany; Garibaldi Conte, atsec Italy; Rasma Mozuraite Araby, atsec Sweden; Yan Liu, atsec China; Ken Hake, atsec US; Yi Mao, atsec US

Join atsec colleagues from Germany, Italy, Sweden, China and the US for an overview of atsec’s global InfoSec service offerings with a special focus on Common Criteria for the ICCC.

SPONSORED

Nov 17, 2020 (Berlin)
3:00pm - 5:00pm
Updates from Schemes and ITCs (U11)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

15:00 CET Spanish Scheme Update (U11a) Pablo Franco, CCN (Centro Criptológico Nacional), Spain

15:30 CET ISCI-WG1 Contribution to the Common Criteria Methodology Improvement and Usage (U11b) Francois Guerin, ISCI-WG1 Chairman, Representative of Thales in ISCI-WG1, ISCI-WG1, France

16:00 CET 2020 Statistics Report. Is the Industry Surviving to Lockdown? (U11c) José Pulido, jtsec, Spain

16:30 CET Using the Common Criteria in Canada (U11d) Robert Harland, Operations Manager, Canadian Common Criteria Scheme, Canadian Centre for Cyber Security, Canada

Moderator: Erin Connor, Consultant, Canada

Nov 17, 2020 (Berlin)
3:00pm - 5:00pm
Assurance (S11)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

15:00 CET Reading Between the Lines, A Biometric Acceptance in Malaysia Voyage (S11a) Nur Iylia Roslan, Security Analyst, CyberSecurity Malaysia, Malaysia; Nor Zarina Zamri, CyberSecurity Malaysia, Malaysia

15:30 CET Outbreak Impact in CC (S11b) Alvaro Ortega Chamorro, Cybersecurity Lab Manager, DEKRA Testing and Certification S.A.U., Spain

16:00 CET End-to-End Side-Channel Detection Methodology (S11c) Sylvain Guilley, CTO, Secure-IC S.A.S., France

16:30 CET JHAS Rating Approach and Assessment of SW Vulnerabilities—All ITSEFs Will Become Hackers (S11d) Jasmina Omic, Product Manager Services, Riscure, Netherlands

Moderator: Brian Wood, Device Security Certification Manager, Samsung Research America, United States

Nov 17, 2020 (Berlin)
5:30pm - 7:00pm
Assurance (S12)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

17:30 CET Towards Creating an Extension for Patch Management for ISO/IEC 15408 and ISO/IEC 18045 (S12a) Sebastian Fritsch, Secuvera, Germany; Javier Tallón, jtsec, Spain

18:00 CET The Changes of Change Management (S12b) Gabor Hornyak, CTO & Head of Budapest laboratory, CCLab Ltd., Hungary

18:30 CET Results on Automating National Information Assurance Partnership (NIAP) Requirements Testing for Mobile App Vetting (S12c) Vincent Sritapan, Program Manager, U.S. Department of Homeland Security, United States; Angelos Stavrou, Kryptowire, United States

Moderator: Brian Wood, Device Security Certification Manager, Samsung Research America, United States

Nov 17, 2020 (Berlin)
5:30pm - 7:00pm
Updates from Schemes and ITCs (U12)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

17:30 CET NIAP Update (U12a) Mary Baish, Director, NIAP, United States

18:00 CET A Transition to New Algorithms: Encryption, Key Establishment and Entropy—the CMVP Perspective (U12b) Allen Roginsky, Mathematician, NIST, United States

18:30 CET NIAP Automation Work Update and Demo (U12c) Robert Clemons, Director, NIAP, United States

Moderator: Nithya Rachamadugu, Senior Director, Cygnacom Solutions, United States

Nov 18, 2020 (Berlin)
1:00pm - 2:30pm
Cybersecurity Certification Schemes Landscape (L20)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

13:00 CET Automotive Cyber Security (L20a) Xavier Vilarrubla, General Manager, Brightsight Barcelona, Spain

13:30 CET What About 5G Certification (L20b) Boutheina Chetali, Security Certification Sr. Expert, Huawei Technologies France, France

14:00 CET Update on NESAS/SCAS Scheme (L20c) James Moran, Head of Security, GSMA, Ireland

Moderator: Juan Manuel Gonzalez Nieto, Laboratory Director and Co-founder,Teron Labs, Australia

Nov 18, 2020 (Berlin)
1:00pm - 2:30pm
Advances in the Use of Common Criteria (A20)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

13:00 CET EUCC Scheme Update (A20a) Philippe Blot, Lead Certification Expert, ENISA, France

13:30 CET State of Play and Way Forward (A20b) Aristotelis Tzafalias, Policy Officer, European Commission, Greece

14:00 CET Cryptographic Agility in Security Standards (A20c) Tomislav Nad, Head of Cryptography & System Security, SGS Digital Trust Services GmbH, Austria

Moderator: Gonzalo Erro Iribarren, Data Privacy and Cybersecurity Officer, Huawei Technologies, Spain

Nov 18, 2020 (Berlin)
3:00pm - 5:00pm
Cybersecurity Certification Schemes Landscape (L21)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

15:00 CET Strong Digital Identity as an Enabler for Adaptive Security and How It Fits into Certification (L21a) John Boggie, Director, Head of Cybersecurity Certification, NXP Semiconductors, United Kingdom; Georg Stutz, Principal Security Certification Expert, NXP Semiconductors, Germany

15:30 CET Composite Evaluations: The Way Forward for IoT Security and Compliance (L21b) Dirk-Jan Out, CEO, Brightsight, The Netherlands

16:00 CET Certifying IoT Devices: Challenges from the Real World (L21c) Raphael Spreitzer, Principal Security Expert, SGS Digital Trust Services, Austria

16:30 CET The EMVCo Security Evaluation Processes for IoT (L21d) Gary Hemmings, Member, EMVCo Security Evaluation Group, Director, MasterCard, United Kingdom

Moderator: Alicia Squires, Global Certifications Team–Manager, FIPS/Common Criteria, Cisco Systems, United States

Nov 18, 2020 (Berlin)
3:00pm - 5:00pm
Advances in the Use of Common Criteria (A21)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

15:00 CET Application of the Common Criteria to Building Trustworthy Automotive SDLC (A21a) Seungyeon Jeong, Ms.C Student, Korea University, South Korea, Sooyoung Kang, Korea University, South Korea; Seungjoo Kim, Korea University, South Korea.

15:30 CET Evolution Towards Evaluation of HW IP Blocks (A21b) Gordon Caffrey, Head of Site Certification, Eurosmart ITSC – Chairman (NXP), United Kingdom; Jean-Philippe Galvan, Principal Engineer, Qualcomm, Vice-Chairman, Eurosmart ITSC , France; Rachel Menda-Shabat, Director of Security Certification, Winbond, Israel

16:00 CET How ‘By-Parts’ Evaluation Achieves Certification Scheme Scalability (A21c) Gil Bernabeu, GlobalPlatform, France

16:30 CET Soft IP Certification, a Glimpse into the Future (A21d) Joop van de Pol, Senior Security Evaluator, Brightsight, Netherlands

Moderator: Thomas Billeau, Senior Manager–Head of Certification, Competence Center Crypto & Security/BU: Chief Technology Office, NXP Semiconductors, Germany

Nov 18, 2020 (Berlin)
5:00pm - 5:30pm
Securyzr iSE: An integrated Secure Element to Easily Reach your CC Certification (P21d) <br><font color="#aaaaaa">SPONSORED</font>

17:00 CET Securyzr iSE: An integrated Secure Element to Easily Reach your CC Certification (P21d)

Securyzr iSE is an integrated Secure Element. It offers multiple services to the host system (ECU, IoT, iUICC, etc.) various services such as Secure Boot, Key management, etc. all along the life of the device. By delivering the Securyzr iSE to its customers, Secure-IC simplifies their certification process thank to various services such as support to FIPS and/or CC certification, re-use of certification documentation or pre-silicon evaluation.

SPONSORED

Nov 18, 2020 (Berlin)
5:30pm - 7:00pm
Cybersecurity Certification Schemes Landscape (L22)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

17:30 CET Industrial Automation Control Systems Cybersecurity Certification – Chapter II (L22a) Georgios Theodoridis, Scientific/Technical Project Officer, European Commission, DG Joint Research Centre Greece; Jose Ruiz Gualda, Co-founder, jtsec Beyond IT Security, Spain

18:00 CET Common Criteria Vs FedRAMP (L22b) Ravi Jagannathan, Cloud Security Architect, VMware, United States

18:30 CET You, Me and FIPS 140-3: Open for Business! (L22c) Ryan Thomas, CST Laboratory Manager, Acumen Security, United States

Moderator: Petra Manche, Product Security Certification Engineer, Cisco, United Kingdom

Nov 18, 2020 (Berlin)
5:30pm - 7:00pm
Advances in the Use of Common Criteria (A22)

Detailed speaker bios and presentation descriptions can be found at iccconference.org. Your questions for speakers are welcomed--please enter at the Q&A tab at the bottom of the session.

17:30 CET Formal Models for High-Assurance: Why and How (A22a) Carolina Lavatelli, CTO, Internet of Trust, France

18:00 CET Qualcomm’s View on EUCC and Importance of Composition and Re-Use in Certification (A22b) Anne-Lise Thieblemont, Vice President, Qualcomm, United States

18:30 CET Cloud and Common Criteria: NWI ISO Proposal (A22c ) Joshua Brickman, Director, Security Evaluations, Oracle, United States

Moderator: Dianne Hale, NIAP, United States

Nov 18, 2020 (Berlin)
7:00pm - 7:30pm
Summary Presentation (P22d)

19:00 CET Summary Presentation (P22d) Nithya Rachamadugu, Senior Director, Cygnacom Solutions, United States