The TrustCB Site Certification Scheme has been designed to assess and certify development and production sites involved in Common Criteria and EUCC product certifications.

Building on the foundations of the NSCIB/SOGIS Site Certification framework, the scheme provides confidence that a site’s security processes, configuration management, and vulnerability handling are implemented and maintained to the level required for EUCC, Common Criteria, and other high-assurance standards (such as EMVCo).

The scheme’s alignment with internationally recognised methodologies, including EUCC, ensures that the resulting STARs are recognised as reusable across public and private certification schemes.

The scheme is applicable to all development and/or production sites that play a role in any phase of the design, development, manufacturing, or maintenance lifecycle of integrated circuits (ICs), operating systems (OS), or application software intended for security evaluations under Common Criteria or EUCC.

This includes semiconductor fabs, design centres, firmware and software development sites, secure personalisation, integration facilities, test facilities and data centres.

In summary, any site that handles sensitive assets or contributes to the security-relevant parts of a certified product can be evaluated under this scheme.

Refer to the TrustCB Site Certification scheme procedure in the scheme documents section of this page for further details.

Details of the ITSEFs licensed by TrustCB to perform evaluations for this scheme can be found here.

We look forward to hearing from you on your Site Certification needs.

Contact us:  [email protected]