IT Security Standards and Legal Metrology – Transfer and Validation

F. Thiel; V. Hartmann; U. Grottker; D. Richter

doi:10.1051/epjconf/20147700001

EPJ

a
b
d
e
ap
st
h
plus

Proceedings

Open Access

EPJ Web of Conferences 77, 00001 (2014)
https://doi.org/10.1051/epjconf/20147700001

IT Security Standards and Legal Metrology – Transfer and Validation

F. Thiel^a, V. Hartmann, U. Grottker and D. Richter

Physikalisch-Technische Bundesanstalt (PTB), Abbe Str. 2-12, 10587 Berlin, Germany

^a Corresponding author: florian.thiel@ptb.de

Published online: 19 August 2014

Abstract

Legal Metrology’s requirements can be transferred into the IT security domain applying a generic set of standardized rules provided by the Common Criteria (ISO/IEC 15408). We will outline the transfer and cross validation of such an approach. As an example serves the integration of Legal Metrology’s requirements into a recently developed Common Criteria based Protection Profile for a Smart Meter Gateway designed under the leadership of the Germany’s Federal Office for Information Security. The requirements on utility meters laid down in the Measuring Instruments Directive (MID) are incorporated. A verification approach to check for meeting Legal Metrology’s requirements by their interpretation through Common Criteria’s generic requirements is also presented.

© Owned by the authors, published by EDP Sciences, 2014

This is an Open Access article distributed under the terms of the Creative Commons Attribution License 2.0, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.