Working group : WG1: Standardisation, certification, labelling and supply chain management

WG1: European Cyber Security Certification

December 2017
A Meta-Scheme Approach

A very broad set of security certification schemes exist for products, systems, solutions, services and organisations, but there is no unified or combined solution available, which makes it difficult to understand what is finally required to make things consistently secure.

In this document, ECSO introduces the concept of a meta-scheme. This meta-scheme will encompass many of the existing certification schemes (e.g. components certification, process certification, service certification, etc.). It will do so by evaluating the level of confidence in the security strength of a product, system, solution, service or organisation that results from a scheme used, and map this onto a harmonised set of levels defined by ECSO.

