This minor release of the SESIP Methodology adds new SFRs and aligns some SFRs with the CEN/CENELEC Work Item version.
This second version of the SESIP methodology integrates two main parts: additional information about composition possibilities in the core document, plus guidelines in a new annex, and introduction of the concepts of SESIP Profiles and SESIP mappings.
This document specifies requirements for the security evaluation of IoT platforms and parts thereof, including in particular a set of Security Functional Requirements, and the definition of Security Assurance Requirements packages that define five assurance levels. These requirements are based on the Common Criteria standard (ISO154080, v3.1), which it refines for the specific purpose of the evaluation of IoT platforms and parts thereof. The set of documents also includes the definition of a scheme based on these requirements, which defines managements rules such as the management of certificates and the accreditation of certification bodies and laboratories.