[Owasp_embedded_application_security] Current state of security standards

Tim Sherlock tbsherlock at gmail.com
Wed Feb 13 05:13:48 UTC 2013

Hello Everyone,

Here are some rather specialised standards I have run into surrounding
embedded security. They may provide some good baselines in which general
embedded security guidelines can be derived.

Common Criteria: Protection profiles cover a range of topics, Maybe
somebody with more experience here could direct to profiles relevant to
embedded security.

FIPS 140-2: U.S. Government security standard surrounding cryptographic
modules. Contains a mixture of hardware/software.

PCI PTS: Payment Card standards around around PIN entry devices. Primarily
focused on protection of PIN and cryptographic keys against physical

Is anyone aware of anything else out there already?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_embedded_application_security/attachments/20130213/56022d7b/attachment.html>

More information about the Owasp_embedded_application_security mailing list