BiLisiM TEKNOLOJILERI TEST VE BELGELENDIRME DAiRESi BASKANLIGI/ Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT |Yaymn Tarihi |30/07/2015 Raison Tarti 29/04/2016 [Nol 05 Cen SZ. Certification Report EAL 4+ (ATE_DPT.2 and AVA_VAN.5) Evaluation of PARS AR-GE ve BiLGÏ TEKNOLOJILERÏ LTD. STI. PARS Motion Sensor PMS-101 v0.2 issued by Turkish Standards Institution Common Criteria Certification Scheme Certificate Number: 21.0.03/TSE-CCCS-50 ac Bu dokümanın güncelligi, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. Sayfa 1/17 BiLisiM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT ‘ayin Tarihi |30/07/2015 Revizyon Tarihi |29/04/2016 |Noj 05 TABLE OF CONTENTS TABLE OF CONTENTS sn 2 DOCUMENT INFORMATION nn 3 DOCUMENT CHANGE LOG. DISCLAIMER FOREWORD 1 - EXECUTIVE SUMMARY........csssscssecsssesserecesssessceneseusesssersoesasseseenessssessuceeseceasesseuseascaueassaseeeasensaneaseneaenetaes 7 1.1 TOE Overview 1.2 Threats . 2 CERTIFICATION RESULTS. 2.1 Identification of Target of Evaluation 2.2 Security Policy : 2.3 Assumptions and Clarification Of SCOPE ii 10 2.4 Architectural Information 2.4.1 Logical Scope. 2.4.2 Physical Scope 2.4.3 Hardware/Software environment of TOE........................ nn 12 2.5 Documentation... 2.6 IT Product Testing ..... 2.7 Evaluated Configuration 2.8 Results of the Evaluation. 2.9 Evaluator Comments / Recommendations............................…....s 14 3 SECURITY TARGET ........cccssessssssessesesstsnescecesesseeaceesstseseereennssesseceessssesescersecesaseneuessessesasenseaseasersecaesaseerareasans 15 MACRONYMS ms neenseneconee ee csemmamencenmnmenansrspesmens sense mes en eee semese oem een ne one ane era neone ose ne te == eemsersmsmrs 16 5 BIBLIOGRAPHY ........scsscsssescsesscerseesnscsessstsssscsssessnscessessscunescssscnssaeecscesseeeseusessaseaessesscadeecereaseensestseasaeeseseees 17 V7 Sayfa 2/17 Bu dokümanın güncelligi, elektronik ortamda TSE Dokiiman Yönetim Sisteminden takip edilmelid BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT ayın Tarihi |30/07/2015 \Revizyon Tarihi 29/04/2016 [Nol 05 DOCUMENT INFORMATION Date of Issue February 15, 2018 Approval Date February 15, 2018 Certification Report Number 21.0.03/18-003 Sponsor and Developer Pars Ar-Ge ve Bilgi Teknolojileri Ltd. $ti. Evaluation Facility Beam Technology Test Center TOE Pars Motion Sensor PMS-101 v0.2 Pages 17 Prepared by Cem ERDIVAN Common Criteria Inspection Expert ech Reviewed by Zümrüt MÜFTÜOGLU Common Criteria Technical Responsible (Hardware Product Group) This report has been prepared by signatures are above. the Certification Expert and reviewed by the Technical Responsible of whic! DOCUMENT CHANGE LOG Release Date Pages Affected | Remarks/Change Reference 1.0 February 15,2018 | All | First Release Bu dokümanın güncell Sayfa 3/17 ligi, elektronik ortamda TSE Doküman Yönetim Sisteminden takip ie: BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAiRESi BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT ayın Tarihi [30/07/2015 Revizyon Tarihi [29/04/2016 |Naj 05 DISCLAIMER This certification report and the IT product in the associated Common Criteria document has been evaluated at an accredited and licensed evaluation facility conformance to Common Criteria for IT Security Evaluation, version 3.1,revision 4, using Common Methodology for IT Products Evaluation, version 3.1, revision 4. This certification report and the associated Common Criteria document apply only to the identified version and release of the product in its evaluated configuration. Evaluation has been conducted in accordance with the provisions of the CCCS, and the conclusions of the evaluation facility in the evaluation report are consistent with the evidence adduced. This report and its associated Common Criteria document are not an endorsement of the product by the Turkish Standardization Institution, or any other organization that recognizes or gives effect to this report and its associated Common Criteria document, and no warranty is given for the product by the Turkish Standardization Institution, or any other organization that recognizes or gives effect to this report and its associated Common Criteria document. ci Van Bu dokümanın güncelligi, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. Sayfa 4/17 BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT 30/07/2015 CCCS CERTIFICATION REPORT sn Teri Reizentami [29/04/2016 ]Nd os FOREWORD The Certification Report is drawn up to submit the Certification Commission the results and evaluation information upon the completion of a Common Criteria evaluation service performed under the Common Criteria Certification Scheme. Certification Report covers all non-confidential security and technical information related with a Common Criteria evaluation which is made under the ITCD Common Criteria Certification Scheme. This report is issued publicly to and made available to all relevant parties for reference and use. The Common Criteria Certification Scheme (CCSS) provides an evaluation and certification service to ensure the reliability of Information Security (IS) products. Evaluation and tests are conducted by a public or commercial Common Criteria Evaluation Facility (CCTL = Common Criteria Testing Laboratory) under CCCS’ supervision. CCEF is a facility, licensed as a result of inspections carried out by CCCS for performing tests and evaluations which will be the basis for Common Criteria certification. As a prerequisite for such certification, the CCEF has to fulfill the requirements of the standard ISO/IEC 17025 and should be accredited by accreditation bodies. The evaluation and tests related with the concerned product have been performed by Beam Technology Testing Facility, which is a commercial CCTL. A Common Criteria Certificate given to a product means that such product meets the security requirements defined in its security target document that has been approved by the CCCS. The Security Target document is where requirements defining the scope of evaluation and test activities are set forth. Along with this certification report, the user of the IT product should also review the security target document in order to understand any assumptions made in the course of evaluations, the environment where the IT product will run, security requirements of the IT product and the level of assurance provided by the product. This certification report is associated with the Common Criteria Certificate issued by the CCCS for PARS Motion Sensor PMS-101 v0.2 whose evaluation was completed on February 13, 2018 and whose evaluation technical report was drawn up by Beam Technology (as CCTL), and with the Security Target document with version no 0.11T of the relevant product. The certification report, certificate of product evaluation and security target document are posted on the ITCD Certified Products List at bilisim.tse.org.tr portal and the Common Criteria Portal (the official web site of the Common Criteria Project). c.g AY Bu dokiimanin giincelligi, elektronik ortamda TSE Dokiiman Yénetim Sisteminden takip edilmelidir. Sayfa 5/17 BiLisiM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESi BASKANLIGI / INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT Doküman No |BTBD-03-01-FR-01 m CCCS CERTIFICATION REPORT ‘aym Tarihi |30/07/2015 Revizyon Tarihi |29/04/2016 RECOGNITION OF THE CERTIFICATE The Common Criteria Recognition Arrangement logo is printed on the certificate to indicate that this certificate is issued in accordance with the provisions of the CCRA. The CCRA has been signed by the Turkey in 2003 and provides mutual recognition of certificates based on the CC evaluation assurance levels up to and including EAL2. The current list of signatory nations and approved certification schemes can be found on: Attp://www.commoncriteriaportal.org. ct Bu dokümanın güncelligi, elektronik ortamda TSE Doküman Yöneti / sind takip edilmelidir. Sayfa 6/17 BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT Tarihi |30/07/2015 CCCS CERTIFICATION REPORT evn Tari ReviyonTarmi [29/04/2016 Ind] os 1- EXECUTIVE SUMMARY 1.1 TOE Overview The Target of Evaluation (TOE) addressed by this certification report is a second generation Tachograph Motion Sensor in the sense of Annex 1C (Commission Implementing Regulation (EU) 2016/799 of 18 March 2016 implementing Regulation (EU) 165/2014 of the European Parliament and of the Council laying down the requirements for the construction, testing, installation, operation and repair of tachographs and their components), intended to be used in the digital tachograph system. The Digital Tachograph system additionally contains a vehicle unit, tachograph cards, an external GNSS module (if applicable) and remote early detection communication readers. A motion sensor is installed within a road transport vehicle as part of a digital tachograph system. Its purpose is to provide a vehicle unit with motion data that accurately reflects the vehicle’s speed and distance travelled. The motion sensor is mechanically interfaced to a moving part of the vehicle, which movement is representative of the vehicle’s speed and distance travelled. It may be located in the vehicle’s gear box or in any other part of the vehicle. In the operational phase the motion sensor is connected to a vehicle unit. In its operational phase TOE will not connect any other device. This motion sensor can be paired and used with second generation vehicle units, and with first generation vehicle units. The functional requirements for a Motion Sensor are specified in Annex 1C, Chapter 3.2, and the common security mechanisms are specified in Appendix 11. Aspects of the electrical interface between the motion sensor and vehicle unit are described in ISO 16844-3. In its operational mode, the motion sensor is connected to a VU. PMS-101 motion sensor is described in the following figure: Mechanical interface Motion information = ; . 5 . Processing unit =|, ë en, VU Security components È 5 O — Power Figure 1 Typical motion sensor Lee Sayfa 7/17 Bu dokiimanin giincelligi, elektronik ortamda TSE Dokiiman Yénetim Sisteminden (akip edilmelidir. BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESi BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT paye Tarn S Revizyon Tarihi 29/04/2016 |Noy 05 Main objective of the digital tachograph system is given as "The data to be checked by control authorities must be available and reflect fully and accurately the activities of controlled drivers and vehicles in terms of driving, work, availability and rest periods and in terms of vehicle speed". Usage of the motion sensor provides data to the VU so as to allow the VU to determine fully and accurately the movement of the vehicle in terms of speed and distance travelled. 1.2 Threats Threats T.Access Definition Access control — A vehicle unit or other device (under control of an attacker) could try to use functions not allowed to them, and thereby compromise the integrity or authenticity of motion data (MOD). T.Design T.Environment T.Hardware T.Mechanical T.Motion_Data T.Security_Data Design knowledge - An attacker could try to gain illicit knowledge of the motion sensor design (TDS), either from manufacturer’s material (e.g. through theft or bribery) or from reverse engineering, and thereby more easily mount an attack to compromise the integrity or authenticity of motion data (MOD). Environmental attacks — An attacker could compromise the integrity or authenticity of motion data (MOD) through physical attacks on the motion sensor (thermal, electromagnetic, optical, chemical, mechanical). Modification of hardware - An attacker could modify the motion sensor hardware (THW), and thereby compromise the integrity or authenticity of motion data (MOD). Interference with mechanical interface — An attacker could manipulate the motion sensor input, for example, by disconnecting the sensor from the gearbox, such that motion data | (MOD) does not accurately reflect the vehicle’s motion. Interference with motion data - An attacker could add to, modify, delete or replay the vehicle’s motion data, and thereby compromise the integrity or authenticity of motion data (MOD). Access to security data - An attacker could gain illicit knowledge of secret cryptographic keys (SDK) during security data generation or transport or storage in the equipment, thereby allowing an Other Device to be connected. Attack on software - An attacker could modify motion sensor software (TDS) during T.Power_Supply T.Software operation, and thereby compromise the integrity, availability or authenticity of motion data (MOD). T.Tests Invalid test modes - The use by an attacker of non-invalidated test modes or of existing back doors could permit manipulation of motion data (MOD). Interference with power supply — An attacker could vary the power supply to the motion sensor, and thereby compromise the integrity or availability of motion data (MOD). Table 1: Threats CL den Sayfa 8/17 Bu dokümanın güncelligi, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir, BiLISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESi BASKANLIGI/ Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT ayın Tarini pommel IRevizyon Tarihi [29/04/2016 Nal 05 2 CERTIFICATION RESULTS 2.1 Identification of Target of Evaluation Certificate Number 21.0.03/TSE-CCCS-50 TOE Name and Version Pars Motion Sensor PMS-101 v0.2 Security Target Title Pars Motion Sensor PMS-101 v0.2 Security Target Security Target Version V0.11T. Security Target Date November 14, 2017 Assurance Level EAL4+ (ATE DPT.2 & AVA_VAN.5) Criteria e Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model; CCMB- 2012-09-001, Version 3.1, Revision 4, September 2012 e Common Criteria for Information Technology Security Evaluation, Part 2: Security Functional Components; CCMB- 2012-09-002, Version 3.1 Revision 4, September 2012 e Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Components; CCMB- 2012-09-003, Version 3.1 Revision 4, September 2012 Methodology Common Criteria for Information Technology Security Evaluation, Evaluation Methodology; CCMB-2012-09-004, Version 3.1, Revision 4, September 2012 Protection Profile Conformance e Common Criteria Protection Profile: Digital Tachograph — Motion Sensor (MS PP) v1.0 - BSI-CC-PP-0093 Common Criteria Conformance e Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model, Version 3.1, Revision 4, September 2012 e Common Criteria for Information Technology Security Evaluation, Part 2: Security Functional Components, Version 3.1, Revision 4, September 2012, extended e Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Components, Version 3.1, Revision 4, September 2012, conformant Sponsor and Developer Pars Ar-Ge ve Bilgi Teknolojileri Ltd. Sti. Evaluation Facility Beam Technology Test Center Certification Scheme TSE CCCS 2.2 Security Policy The motion sensor aims to protect data that is stored and transferred in such a way as to prevent unauthorized access to and manipulation of the data, and to detect and report any such attempts. The main security features of the TOE are as follows: e To maintain the integrity of motion data supplied to the vehicle unit; c.f TT Sayfa 9/17 Bu dokiimanin giincelligi, elektronik ortamda TSE Doküman Yünetim Sisteminden takip edilmelidir. BiLISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT \Yayin Tarihi 30/07/2015 IRevizyon Tarihi [29/04/2016 Ind 05 To demonstrate its authenticity to the vehicle unit through an authenticated pairing process; To detect physical tampering; To audit security relevant events and send these to the vehicle unit; To provide a secure communication channel between itself and the vehicle unit. The main security features stated above are provided by the following major security services: Vehicle Unit identification and authentication; Access control to functions and stored data, according to ISO 16844-3:2004 Road vehicles — Tachograph systems — Part 3: Motion sensor interface, 1 November 2004; Alerting of events and faults; Integrity of stored data; Reliability of services, including self-testing, physical protection, control of executable code, resource management, and secure handling of events; Data exchange with a Vehicle Unit; Cryptographic support for VU to motion sensor mutual authentication and secure messaging according to Annex 1C, Appendix 11. All cryptographic mechanisms for communications with first or second-generation vehicle units, including algorithms and the length of corresponding keys, have to be implemented exactly as required and defined in Annex 1C, Appendix 11, Parts A and B, respectively. 2.3 Assumptions and Clarification of Scope Policy Definition The cryptographic algorithms and keys described in Annex 1C, Appendix 11 shall be P.Crypto used where data confidentiality, integrity and authenticity need to be protected. Table 2: Organizational Security Policies Assumption Definition Approved Workshops - The Member States approve, regularly control and A.Approved_Workshops | certify trusted fitters and workshops to carry out installations, checks, inspections and repairs. Controls - Law enforcement controls of the TOE will be performed regularly A.Controls and randomly, and must include security audits (as well as visual inspection of the TOE). Type Approved VU - The motion sensor will only be operated together with a vehicle unit being type approved according to Annex IC. A.Type_Approved Table 3: Assumptions ce Sayfa 10/17 Bu dokümanın güncelligi, elektronik ortamda TSE Dokiiman Yénetim Sisteminden takip edilmelidir. INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 |Yayın Tarihi [30/07/2015 IRevizyon Tariii [29/04/2016 Nd 05 CCCS CERTIFICATION REPORT 2.4 Architectural Information 2.4.1 Logical Scope Identification and Authentication: The motion sensor performs an initial authentication of the VU during the pairing process. Authentication is performed by proofing knowledge of a common secret (KM(Master key), KID (derived Master key — identification key)) between the motion sensor and the vehicle unit. During the pairing process a new secret (KS (session key)) common only to the vehicle unit and the motion sensor that performed the pairing is established. Data Exchange: The motion sensor communicates with the Vehicle Unit. During communication the motion sensor exports sensor data, motion sensor identification data, motion sensor initial security data to the Vehicle Unit and imports motion sensor pairing security data from the Vehicle Unit. Cryptographic Support: TOE uses Triple-DES (with 2 keys) encryption and decryption operations for first generation digital tachograph systems and AES (128 bit, 192 bit, 256 bit) encryption and decryption operations for second generation digital tachograph systems during data exchange with reading information (from file) instructions (10, 11) and reading sensor data instructions (70, 80). Access Control: Access controls ensure that access to the TOE functions can be performed only by those authorised to do so. There is only one authorised entity (VU) of the motion sensor at a given time. Access control is performed on the basis of the commands that the vehicle unit is allowed to submit to the motion sensor. As an example; o If Vehicle unit is authorised; Motion sensor gives response to Instruction No.41 © If Vehicle unit is authorised; Motion sensor gives response to Instruction No.11 o If Vehicle unit is authorised; Motion sensor gives response to Instruction No.80 Integrity Protection: The sensor and the processing unit (uC) of the motion sensor are installed in a box designed so that it cannot be opened and the TOE is a sealed device. So integrity protection of the stored data is provided by design. Beyond that property active stored data integrity checks are performed by data hashing within the TOE for the integrity of stored data in the internal memory. Audit: The motion sensor generates audit records of the following events and transmits them to the Vehicle Unit: © security breach attempts (authentication failure, Stored data integrity error), © sensor fault. The VU time stamps the audit events which come from the Motion sensor. So motion sensor security functionality does not need to provide a reliable time stamp. Reliability: The physical construction of the motion sensor is of a way that opening the motion sensor box isn’t possible without destroying it. This way a manipulation gets obvious. Furthermore the motion sensor is sealed at the gearbox. The motion sensor contains a power supply unit that controls the voltage and smoothness of the power input. The TOE is designed in a way that each power cut-off or variation results in a reset which provides a secure state in each instance. TOE also provides a sensing element which is immune to magnetic fields. Self testing of the TOE is performed for the accuracy of the integrity of stored data. 2.4.2 Physical Scope TOE physically consists of the following hardware, software and documentation components; Hardware components: Ce ZT Sayfa 11/17 Bu dokiimanin giincelligi, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAiRESi BASKANLIGI/ Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT 30/07/2015 CCCS CERTIFICATION REPORT [even Tart RoiyonTarhi [29/04/2016 [Nd 05 Sensor (takes motion information from gearbox and sends it to the comparator or directly to the motion sensor connector) Comparator (adjusts electrical motion information level for uC) Microcontroller (uC) (do/manage motion sensor functionality according to regulations K-Line converter (convert serial communication to K-Line communication and vice versa) Regulator (regulates voltage received from Vehicle Unit) Oo 0000 e Software components © Motion sensor software (Runs on the uC) o User data (In uC's memory) o TSF data (In uC's memory) e Documentation o Preparative procedures © Operational user guidance Physically TOE has hardware and software components. Hardware component version is v0.1 and software component version is v0.2. 2.4.3 Hardware/Software environment of TOE The TOE is the Motion Sensor. It is an independent product, and does not need any additional hardware/software/firmware to ensure the security of the TOE. In order to be able to supply motion data, the TOE must be paired with a vehicle unit, and must be installed in a motor vehicle. 2.5 Documentation These documents listed below are provided to customer by the developer alongside the TOE: Document Name Version Release Date | PMS-101 Security Target v0.11T November 14, 2018 | PARS Motion Sensor Operational User Guidance Document | v0.3T December 6, 2017 | PARS Motion Sensor Preparative Procedures Document | v0.3T December 6, 2017 | 2.6 IT Product Testing e Developer Testing: All SFR-Enforcing TSFIs have been tested by developer. Developer has conducted 33 functional tests in total. e Evaluator Testing: Evaluator has chosen all 33 developer tests to conduct by itself. Additionally, evaluator has prepared 16 independent tests. TOE has passed all 49 functional tests to demonstrate that its security functions work as it is defined in the ST. Co DAN Sayfa 12/17 Bu dokümanın güncellißi, elektronik ortamda TSE Dokiiman Yénetim Sisteminden takip edilmelidir. BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT m CCCS CERTIFICATION REPORT |Yayın Tarihi 30/07/2015 |Revizyon Tarihi 29/04/2016 INo! 05 e Penetration Tests: TOE has been tested against common threats and other threats surfaced by vulnerability analysis. As a result, these penetration tests have been conducted: . Simple Power Analysis . Modifying Audit Data (Encrypted using T-DES) During Its Transfer to Vehicle Unit . Modifying Audit Data (Encrypted using AES) During Its Transfer to Vehicle Unit . Encrypted Data Monitoring When Pairing 1 2 3 4. Encrypted Data Monitoring When Operational Mode 5 6 . Brute Force Attack (Via Demonstrating Correct Implementation of Cryptographic Algorithms) . Magnetic Field Test for Motion Sensor Stored Data Integrity Error Generating Test 7 8. Bypass Tests (For Authentication and Order of Instructions) 9. 1 0. Physical Tamper Test on Epoxy Case of TOE 2.7 Evaluated Configuration PMS-101 v0.2 is a motion sensor which is ready to be paired with a compatible digital tachograph-vehicle unit. Thus, during evaluation; TOE is coupled with a modified vehicle unit in order to better understand the test results. This modified vehicle unit is functionally identical to any other vehicle unit but printed results have been made more human-readable. 2.8 Results of the Evaluation The verdict for the CC Part 3 assurance components (according to EAL4+ (ATE_DPT.2 and AVA_VAN.5) and the security target evaluation) is summarized in the following table: Class Heading Class Family | Description Result ADV: ADV_ARC.1_| Security architecture description PASS Development ADV_FSP.4 Complete functional specification PASS ADV_IMP. Implementation representation of the TSF PASS ADV_TDS.3 | Basic modular design PASS AGD: AGD_OPE.1__| Operational user guidance PASS Guidance AGD_PRE. Preparative procedures PASS Documents ALC: ALC_CMC.4_| Production support, acceptance procedures and automation | PASS Lifecycle Support | ALC_CMS.4 | Problem tracking CM coverage PASS ALC_DEL.1 _| Delivery procedures PASS ALC_DVS. Identification of security measures PASS ALC_LCD.1 _| Developer defined life-cycle model PASS ALC_TAT. Well-defined development tools PASS ASE: ASE CCL. Conformance claims PASS Security Target ASE_ECD.I Extended components definition PASS evaluation ASE_INT.1 ST introduction PASS ASE OBJ.2 Security objectives PASS ASE REQ.2 __| Derived security requirements PASS ASE_SPD. Security problem definition PASS ASE TSS. TOE summary specification PASS ec Sayfa 13/17 Bu dokümanın güncelligi, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edihhelidir. > BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESi BASKANLIGI / okiiman No INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT BTBD-03-01-FR-01 ayın Tarihi CCCS CERTIFICATION REPORT 30/07/2015 Roigon Tarihi 29/04/2016 No} 05 Class Heading Class Family | Description Result ATE: ATE_COV.2 | Analysis of coverage PASS Tests ATE_DPT.2 | Testing: security enforcing modules PASS ATE FUN.1 Functional testing PASS ATE _IND.2 Independent testing - sample PASS AVA: AVA_VAN.S5 | Advanced methodical vulnerability analysis PASS Vulnerability Analysis 2.9 Evaluator Comments / Recommendations No recommendations or comments have been communicated to CCCS by the evaluators related to the evaluation process of “Pars Motion Sensor PMS-101 v0.2” product, result of the evaluation, or the ETR. a Bu dokümanın güncelligi, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. Sayfa 14/17 > BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT DAÏRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 |Yayın Tarihi [30/07/2015 |Revizyon Tarihi 29/04/2016 CCCS CERTIFICATION REPORT d INol 05 3 SECURITY TARGET The security target associated with this Certification Report is identified by the following terminology: Title: Pars Motion Sensor PMS-101 v0.2 Security Target Version: v0.11T Date of Document: November 14, 2017 This Security Target describes the TOE, intended IT environment, security objectives, security requirements (for the TOE and IT environment), TOE security functions and all necessary rationale. er Bu dokümanın güncelligi, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. Sayfa 15/17 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 |Yayın Tarihi [30/07/2015 CCCS CERTIFICATION REPORT ReizonTarni 29/04/2016 |Nd 05 4 ACRONYMS AES CA CBC cc DES EAL EGF Advanced Encryption Standard Certification Authority Cipher Block Chaining (an operation mode of a block cipher) Common Criteria Data Encryption Standard (see FIPS PUB 46-3) Evaluation Assurance Level (a pre-defined package in CC) External GNSS Facility GNSS Global Navigation Satellite System MAC Message Authentication Code MS OSP PP SAR SFR ST TC Motion Sensor Organizational Security Policy Protection Profile Security Assurance Requirement Security Functional Requirement Security Target Tachograph Card TDES Triple-DES TOBB Türkiye Odalar ve Borsalar Birligi TOE TSF TSP VU Target of Evaluation TOE Security Functionality TOE Security Policy Vehicle Unit ce WT Bu dokümanın güncelligi, elektronik ortamda TSE Dokiiman Yönetim Sisteminden takip edilmelidir. Sayfa 16/17 BiLisiM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / [Dokiman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT 30/07/2015 CCCS CERTIFICATION REPORT plays Tachi (Revizyon Tarihi |29/04/2016 [No 05 5 BIBLIOGRAPHY [1] Common Criteria for Information Technology Security Evaluation, Version 3.1 Revision 4, September 2012 [2] Common Methodology for Information Technology Security Evaluation, CEM, Version 3.1 Revision 4, September 2012 [3] BTBD-03-01-TL-01 Certification Report Preparation Instructions, Rel. Date: February 8, 2016 [4] ETR v4.2 of PMS-101 v0.2, Rel. Date: February 13,2018 [5] PMS-101 v0.2 Security Target, Version v0.11T, Rel. Date: November 14, 2017 cf nv Bu dokümanın güncelligi, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. Sayfa 17/17