Upload
crisp-project
View
31
Download
0
Embed Size (px)
Citation preview
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
Research approaches in standardisation and certification: CRISP and HECTOS
Ying Ying LauProject manager CRISP
Netherlands Standardisation Institute (NEN)
Anders Elfvingcoordinator HECTOS
Swedish Defence Research Agency (FOI)
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
Today
The HECTOS project: quick overviewThe CRISP project: quick overviewResearch approaches in certification
HECTOS CRISP
Research approaches in standardisation HECTOS CRISP
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
The HECTOS project: quick overview (1)
September 2014 – January 2018Support harmonisation of the European market by
producing a roadmap for the development of Harmonised Certification schemes for Physical Security Products
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
The HECTOS project: quick overview (2)
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
The CRISP project: quick overview (1)
CRISP = Evaluation and Certification Schemes for Security Products
3 year project: April 2014 - March 2017 Seven partners from seven European countries
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
The CRISP project: quick overview (2)
Mission: to develop an innovative evaluation and certification methodology for security systems, which:
Contributes to measures that increase citizen trust in security technologies through evaluating social impacts of security systems and certification of systems that comply with the protection of fundamental rights.
Contributes to a more harmonised playing field for the European security industry, through acceptance of security systems across Europe, with no need for re-certification in each country.
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
The CRISP and HECTOS projects
Common view on high level objectives Harmonisation of certification schemes Making use of standardisation Contributes to harmonised playing field for the European
security industry
Different focus CRISP: Security systems, holistic approach HECTOS: Security products, technical approach
Different research approaches
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
Certification in HECTOS (1)
The diverse technologies and applications for physical security products is a challenge
Many schemes are needed - but in a Framework for harmonised certification schemes for security products
The HECTOS Framework is based on the ISO/IEC 17000 CA standards series, adapted and supplemented by features to support the special requirements of security products
Adversarial testing, classified information, rapid evolving threat/requirements, complex performance information are examples of security-specific aspects
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
Certification in HECTOS (2)
Guided by Biometric and E&Wproduct case studies
HECTOS will present a high-level roadmap supporting the implementation of the scheme Framework to progress towards EU harmonised security product
certification
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
Certification in CRISP (1)
Absence of holistic approach to certification: inclusion of STEFi criteria
Scheme complementary, not competing Overall scheme (‘umbrella’), not replacing existing schemes or
standards Based on conformity assessment standards CRISP developed ‘building blocks’ for the certification
scheme for security systems Crucial building block is the CEN Workshop Agreement (CWA)
Next steps towards certification Development of assessment criteria (certification body) Identify scheme owner
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
Research approaches to certification
CRISP Based on conformity
assessment standards ‘Overall’ certification scheme
(complementary, not competing)
Holistic: including trust and socio-legal requirements
Developed CWA as basis for certification
For security systems
HECTOS Harmonised framework for
security product certification is based on ISO 17000
Adopt succesful features of existing systems. Adapt special requirements of security products
Biometric and Explosives & Weapons case studies
Test & Evaluation focus; where there are major differences between types of products
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
Standardisation in HECTOS
Standards as source of information Review of standards landscape for security products
Identification of • most relevant standards• types of standards• types of requirements• areas of missing or multiple standards
Identify stakeholder requirements for standards Standardisation to promote key research result
Liaison with CEN/TC 391 Societal and Citizen Security HECTOS will propose future standardisation activities Based on HECTOS harmonised scheme framework
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
Standardisation in CRISP
Standards as source of information Development of glossary and taxonomy – make use of
standardised terms and definitions Review of standards, certification and accrediation for security
products – analyse state of the art Input for STEFi criteria– identify existing standards that have
specific potential us (no need for reformulating requirements) Standardisation to promote key research result
Development of CWA ‘Guidelines for the evaluation of installed security systems, based on the STEFi dimensions’
Standardisation to engage stakeholders CWA = open workshop for all interested parties Use network of standardisation institutes
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
Approach to standardisation
CRISP Much knowledge is in standards
which can be used in the development of requirements
Standards provide a good basis for development of certification scheme
Developing the CWA has ‘pushed’ the project to present the key research result in a clear and unambiguous way
HECTOS Understanding the standards
landscape and requirements for standards have been important input to development of the HECTOS framework and roadmap
HECTOS plan to present the harmonised scheme framework as a proposal to the standards community
CRISP Final Conference – 16 March 2017 6th CoU Meeting, Brussels
Summary
Research approaches in standardisation and certification: CRISP and HECTOS Towards harmonised certification schemes for European security
market Use conformity assessment standards as basis for development
of certification scheme Standards as useful source of information Standardisation to promote key research results