DIN Standards Committee Information Technology and IT Applications
Essential Cybersecurity requirements as per of CRA for Hardware Devices with Security Boxes incorporating a hardware physical envelope and designed to provide security functions such as secure storage and cryptographic operations in an open environment.
Abstract
This document covers the line 39 of the CRA standardisation request and provides: • General description of products and its components belonging to HWSB category, including - amongst other: o A structured description of that product category: Common characteristics of HWSB products with a hardware envelope, internal HW and SW Description of representative products using these common characteristics o Identification of the various types of HWSB; o Intended purpose and reasonably foreseeable use; o Identification of the HWSB which are excluded from that category o delineation and interplay with the other categories in which HWSB could fall in. • Description of the typical life cycle; • Scope of application and relevance of cybersecurity essential requirements; • Definition of applicable risk profiles to be considered for these HWSB, which will define the security requirements and assessment methodologies to be applied; • Applicable security requirements ensuring fulfillment of the essential requirements for each risk profile; • Provide criteria to determine applicable risk profile; A base document is provided: • defining the risk profiles; • identifying initial cybersecurity security requirements.
Begin
2025-08-28
WI
00224293
Planned document number
00224293
Responsible national committee
NA 043-04-17 AA - Cards and security devices for personal identification
Responsible european committee
CEN/TC 224/WG 17 - Protection Profiles in the context of SSCD
