This is the primary repository for the Dedicated Security Components iTC and its work on creating collaborative Protection Profiles and related supporting documents. The Common Criteria Portal page can be found here.
Check out the main page for the iTC at https://DSC-iTC.github.io.
The DSC-iTC consists of members of Certification Bodies, labs, vendors and academia working together to create requirements for the testing of Dedicated Security Components. A DSC is the combination of a hardware component and its controlling firmware, normally used to provide a larger platform with protection of sensitive data.
If you are interested to join the iTC and become a member of the mailing list, please send an email with a short request to iTC-DSC@niap-ccevs.org.
The DSC-iTC expects participants to follow a code of conduct. This is laid out in the Terms of Reference and in the Code of Conduct.
The DSC-iTC welcomes contributions to the ongoing work of creating and maintaining the cPP and SD. Issues and Pull Requests can be submitted at any time for review by the iTC. New Issues can be submitted here.
The DSC-iTC uses asciidoc files as the source files for generating the cPP and all related documents. Asciidoc is a text format that can be read directly in GitHub as well as offline using any number of editors (including simple text editors). Asciidoctor is used as the post-processor for generating the final (i.e. PDF or HTML) output from these files. The format of these files is fairly simple to understand.
A syntax guide for the main flags you are likely to run into can be found in the the iTC Team Tools WG repository Syntax Guide. This file is designed to be viewed as both source and output (to see what the flags do). Questions about the syntax can be posted to as an Issue to that WG.
The DSC-iTC generally utilizes a GitHub workflow for accepting new changes into the documents. An outline of this workflow can be found at the iTC Documentation Workflow page provided by the iTC Team Tools WG.
The DSC-iTC has three primary branches:
| Branch | Description |
|---|---|
Main |
The current, approved released version of the documents. |
Working |
The active branch for next version of the documents. |
Interpretation |
This branch is for working on technical decisions to the current, published release. |
All Pull Requests should be made to the Working branch.
This table provides an overview of the files in the repository.
| Folder | File | Description |
|---|---|---|
Protection Profile |
cPP_DSC.adoc |
The DSC cPP |
Supporting Documents |
SD_DSC.adoc |
The Supporting Documentation for the cPP |
PP-Configurations |
In many of the templates there will be a series of lines after the header all starting with :iTC.
:iTC-longname: Dedicated Security Components :iTC-shortname: DSC-iTC :iTC-email: iTC-DSC@niap-ccevs.org :iTC-website: https://DSC-iTC.github.io/ :iTC-GitHub: https://github.com/DSC-iTC/cPP
There may be more or less lines depending on the template, but all will follow this basic structure.
The purpose of these lines is to make it easier to enter this information within the template without needing to edit it individually every time. This can be done by entering the name between the colons inside curly brackets {}. When this is done, the value entered in the line above will be replaced when the file is processed.
For example, entering {iTC-website} would replace that with the URL specified in the line in the heading.
Using these variables will allow you to maintain consistency throughout the document.
The variable values that are currently being used can be found at this link: