This Technical Report provides guidance relating to the construction of Protection Profiles (PPs) and Security Targets (STs) that are intended to be compliant with the third edition of ISO/IEC 15408. It is also applicable to PPs and STs compliant with Common Criteria Version 3.1 [1], a technically identical standard published by the Common Criteria Management Board, a consortium of governmental organizations involved in IT security evaluation and certification.
This Technical Report is not intended as an introduction to evaluation using ISO/IEC 15408. Readers who seek such an introduction should read Part 1 of ISO/IEC 15408.
This Technical Report does not deal with associated tasks beyond PP and ST specifications such as PP
registration and the handling of protected intellectual property.
ISO/IEC TR 15446:2009 Referenced Document
ISO/IEC 15408-1:2005 Information technology - Security techniques - Evaluation criteria for IT security - Part 1: Introduction and general model
ISO/IEC 15408-3:2008 Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance components
ISO/IEC TR 15446:2009 history
2017ISO/IEC TR 15446:2017 Information technology — Security techniques — Guidance for the production of protection profiles and security targets
2009ISO/IEC TR 15446:2009 Information technology - Security techniques - Guide for the production of Protection Profiles and Security Targets
2004ISO/IEC TR 15446:2004 Information technology - Security techniques - Guide for the production of protection profiles and security targets