Common Criteria (CC) is an international standard (ISO/IEC 15408) that provides a rigorous framework for specifying, implementing, and independently evaluating the security of IT products. It enables vendors to define a Security Target (ST) —a document specifying the product's security functional requirements—which an accredited laboratory then tests against to achieve certification at a defined Evaluation Assurance Level (EAL) .
Glossary
Common Criteria (CC)

What is Common Criteria (CC)?
Common Criteria is an international standard (ISO/IEC 15408) for evaluating and certifying the security properties of IT products, providing a globally recognized framework where vendors define security targets and independent laboratories validate claims.
The framework establishes mutual recognition through the Common Criteria Recognition Arrangement (CCRA) , allowing a product certified in one participating nation to be accepted across 31 member countries. This eliminates redundant evaluations, making CC the de facto standard for procurement in government, defense, and critical infrastructure sectors where hardware root of trust and supply chain assurance are mandatory.
Core Components of Common Criteria
The Common Criteria framework is built on a structured vocabulary of functional and assurance components that allow for the precise specification and rigorous evaluation of a product's security properties.
Security Target (ST)
A vendor-provided document that specifies the security properties of a specific, identified product (the Target of Evaluation or TOE). The ST can claim conformance to one or more Protection Profiles and details the exact Security Functional Requirements (SFRs) and Security Assurance Requirements (SARs) the product meets.
- Key Distinction: A PP is a generic wishlist; an ST is a product's specific promise.
- Content: Includes the TOE boundary, operational environment assumptions, and a rationale for how the SFRs counter identified threats.
Target of Evaluation (TOE)
The specific product or system—including its documentation, guidance, and supporting hardware/software—that is the subject of a Common Criteria evaluation. Defining a clear TOE boundary is critical, as it separates the security-relevant components from the rest of the operational environment.
- Example: A TOE could be a complete operating system, a hardware security module, or a specific application's cryptographic module.
- Context: The evaluation only validates the security claims made about the components inside the TOE boundary.
Evaluation Assurance Level (EAL)
A numerical grade from EAL1 (functionally tested) to EAL7 (formally verified design and tested) that represents the depth and rigor of the evaluation. A higher EAL does not mean 'more secure'; it means the security claims were verified to a higher degree of assurance.
- EAL1-EAL4: Focus on commercial-grade development practices and testing.
- EAL5-EAL7: Require semi-formal to formal design specifications and rigorous vulnerability analysis, often for high-risk government or critical infrastructure use.
Security Functional Requirements (SFRs)
The specific, auditable security behaviors that the TOE must exhibit. These are selected from a standardized catalog in Part 2 of ISO/IEC 15408. SFRs define functions like identification and authentication (FIA), audit (FAU), and cryptographic support (FCS).
- Structure: Each SFR is a verbatim requirement from the standard, with vendor-defined assignments and selections.
- Example:
FIA_UAU.5.1requires the TOE to provide a specific set of authentication mechanisms to verify a user's claimed identity.
Security Assurance Requirements (SARs)
The criteria that specify the measures taken during the product's development, engineering, and delivery to ensure it meets its SFRs. SARs are defined in Part 3 of ISO/IEC 15408 and cover the rigor of life-cycle management (ALC), testing depth (ATE), and vulnerability assessment (AVA).
- Focus: SARs validate the process and evidence, not just the final product's features.
- Example:
ALC_CMC.4requires a documented configuration management system to track all implementation representation changes.
Frequently Asked Questions
Essential questions about the ISO/IEC 15408 standard for evaluating and certifying the security properties of IT products and systems.
Common Criteria (CC) is an international standard (ISO/IEC 15408) for the independent evaluation and certification of security properties in IT products. It works through a framework where users define their security requirements in a Protection Profile (PP), vendors document their implementation in a Security Target (ST), and accredited laboratories evaluate the product against these specifications. The evaluation verifies that the product's security functions are correctly implemented and resistant to defined threats at a specific Evaluation Assurance Level (EAL1 through EAL7). The result is a globally recognized certificate valid across 31 member nations under the Common Criteria Recognition Arrangement (CCRA), eliminating the need for redundant national evaluations.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Common Criteria does not exist in isolation. It is part of a broader ecosystem of hardware security standards and evaluation methodologies that together establish a verifiable chain of trust for AI infrastructure.
Hardware Root of Trust (HRoT)
The immutable cryptographic foundation upon which Common Criteria evaluations for silicon are built. An HRoT provides the initial trust anchor—typically a ROM or eFuse—that validates the first firmware stage. For AI accelerators seeking CC certification, the HRoT must resist physical tampering and provide secure key storage that persists through the entire boot chain. Without a properly implemented HRoT, higher-level security functions like secure boot and remote attestation lack a verifiable starting point.
FIPS 140-3
The U.S. government standard for cryptographic module validation, now aligned with ISO/IEC 19790, that complements Common Criteria evaluations. While CC assesses a product's overall security functionality, FIPS 140-3 focuses specifically on cryptographic algorithm implementation and key management. For AI infrastructure components, a module may hold both certifications: CC for the system-level security target and FIPS 140-3 for the embedded cryptographic library. The standard defines four security levels, from basic software cryptography to tamper-resistant hardware with environmental failure protection.
Secure Boot
A platform integrity mechanism that Common Criteria evaluations verify as part of the Trusted Computing Base. Secure boot ensures that only cryptographically signed firmware and bootloaders execute during system startup. Each stage verifies the signature of the next before passing control, creating an unbroken chain of trust anchored in the HRoT. For AI inference servers, secure boot prevents the injection of malicious firmware that could exfiltrate model weights or manipulate inference results. CC evaluations examine the signature verification algorithms, key storage, and anti-rollback mechanisms.
Remote Attestation
A critical capability evaluated under Common Criteria that allows a remote verifier to cryptographically confirm a platform's integrity. The process involves:
- Quote Generation: A TPM signs PCR values with an Attestation Identity Key
- Verification Service: Validates the quote against known-good PCR measurements
- Freshness Proof: Nonce inclusion prevents replay attacks In sovereign AI contexts, remote attestation enables a central orchestrator to verify that edge inference nodes are running authorized firmware before dispatching sensitive model workloads.
Supply Chain Traceability
The end-to-end verification of component provenance that Common Criteria evaluations increasingly require for high-assurance products. Traceability ensures that every silicon component—from the foundry to the deployment site—has not been substituted or tampered with. Techniques include cryptographic die-level identity, secure provisioning during manufacturing, and hardware bills of materials (HBOMs). For AI infrastructure, this prevents the insertion of compromised accelerators or memory modules that could create covert exfiltration channels for training data.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us