iTeh Standards logo
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 15408-5

(Main)

Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements

Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements

This document provides packages of security assurance and security functional requirements that have been identified as useful in support of common usage by stakeholders. EXAMPLE Examples of provided packages include the evaluation assurance levels (EAL) and the composed assurance packages (CAPs). This document presents: — evaluation assurance level (EAL) family of packages that specify pre-defined sets of security assurance components that may be referenced in PPs and STs and which specify appropriate security assurances to be provided during an evaluation of a target of evaluation (TOE); — composition assurance (CAP) family of packages that specify sets of security assurance components used for specifying appropriate security assurances to be provided during an evaluation of composed TOEs; — composite product (COMP) package that specifies a set of security assurance components used for specifying appropriate security assurances to be provided during an evaluation of a composite product TOEs; — protection profile assurance (PPA) family of packages that specify sets of security assurance components used for specifying appropriate security assurances to be provided during a protection profile evaluation; — security target assurance (STA) family of packages that specify sets of security assurance components used for specifying appropriate security assurances to be provided during a security target evaluation. The users of this document can include consumers, developers, and evaluators of secure IT products.

Sécurité de l'information, cybersécurité et protection de la vie privée — Critères d'évaluation pour la sécurité des technologies de l'information — Partie 5: Paquets prédéfinis d'exigences de sécurité

General Information

Status
Not Published
ICS
35.030 - IT Security
Technical Committee
ISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protection
Drafting Committee
ISO/IEC JTC 1/SC 27/WG 3 - Security evaluation, testing and specification
Current Stage
6000 - International Standard under publication
Start Date
09-Dec-2025
Completion Date
13-Dec-2025
Ref Project

Relations

Consolidates
ISO 4382-1:2021 - Plain bearings — Copper alloys — Part 1: Cast copper alloys for solid and multilayer thick-walled plain bearings
Effective Date
08-Jun-2024
Revises
ISO/IEC 15408-5:2022 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements
Effective Date
28-Oct-2023
ISO/IEC FDIS 15408-5 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements Released:9/29/2025ISO/IEC FDIS 15408-5 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements Released:9/29/2025
PreviousNext
Draft
ISO/IEC FDIS 15408-5 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements Released:9/29/2025
English language
27 pages
sale 15% off
sale 15% off
REDLINE ISO/IEC FDIS 15408-5 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements Released:9/29/2025REDLINE ISO/IEC FDIS 15408-5 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements Released:9/29/2025
PreviousNext
Draft
REDLINE ISO/IEC FDIS 15408-5 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements Released:9/29/2025
English language
27 pages
sale 15% off
sale 15% off
ISO/IEC FDIS 15408-5 - Sécurité de l'information, cybersécurité et protection de la vie privée — Critères d'évaluation pour la sécurité des technologies de l'information — Partie 5: Paquets prédéfinis d'exigences de sécurité Released:3. 11. 2025ISO/IEC FDIS 15408-5 - Sécurité de l'information, cybersécurité et protection de la vie privée — Critères d'évaluation pour la sécurité des technologies de l'information — Partie 5: Paquets prédéfinis d'exigences de sécurité Released:3. 11. 2025
PreviousNext
Draft
ISO/IEC FDIS 15408-5 - Sécurité de l'information, cybersécurité et protection de la vie privée — Critères d'évaluation pour la sécurité des technologies de l'information — Partie 5: Paquets prédéfinis d'exigences de sécurité Released:3. 11. 2025
French language
30 pages
sale 15% off
sale 15% off

Standards Content (Sample)


FINAL DRAFT
International
Standard
ISO/IEC
FDIS
15408-5
ISO/IEC JTC 1/SC 27
Information security, cybersecurity
Secretariat: DIN
and privacy protection —
Voting begins on:
Evaluation criteria for IT security —
2025-10-13
Part 5:
Voting terminates on:
2025-12-08
Pre-defined packages of security
requirements
Sécurité de l'information, cybersécurité et protection de la vie
privée — Critères d'évaluation pour la sécurité des technologies
de l'information —
Partie 5: Paquets prédéfinis d'exigences de sécurité
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT,
WITH THEIR COMMENTS, NOTIFICATION OF ANY
RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE
AND TO PROVIDE SUPPOR TING DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
ISO/CEN PARALLEL PROCESSING LOGICAL, COMMERCIAL AND USER PURPOSES, DRAFT
INTERNATIONAL STANDARDS MAY ON OCCASION HAVE
TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL
TO BECOME STAN DARDS TO WHICH REFERENCE MAY BE
MADE IN NATIONAL REGULATIONS.
Reference number
ISO/IEC FDIS 15408­5:2025(en) © ISO/IEC 2025

FINAL DRAFT
ISO/IEC FDIS 15408-5:2025(en)
International
Standard
ISO/IEC
FDIS
15408-5
ISO/IEC JTC 1/SC 27
Information security, cybersecurity
Secretariat: DIN
and privacy protection —
Voting begins on:
Evaluation criteria for IT security —
Part 5:
Voting terminates on:
Pre-defined packages of security
requirements
Sécurité de l'information, cybersécurité et protection de la vie
privée — Critères d'évaluation pour la sécurité des technologies
de l'information —
Partie 5: Paquets prédéfinis d'exigences de sécurité
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT,
WITH THEIR COMMENTS, NOTIFICATION OF ANY
RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE
AND TO PROVIDE SUPPOR TING DOCUMENTATION.
© ISO/IEC 2025
IN ADDITION TO THEIR EVALUATION AS
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
ISO/CEN PARALLEL PROCESSING
LOGICAL, COMMERCIAL AND USER PURPOSES, DRAFT
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
INTERNATIONAL STANDARDS MAY ON OCCASION HAVE
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL
or ISO’s member body in the country of the requester.
TO BECOME STAN DARDS TO WHICH REFERENCE MAY BE
MADE IN NATIONAL REGULATIONS.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland Reference number
ISO/IEC FDIS 15408­5:2025(en) © ISO/IEC 2025

© ISO/IEC 2025 – All rights reserved
ii
ISO/IEC FDIS 15408-5:2025(en)
Contents Page
Foreword .vi
Introduction .vii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Evaluation assurance levels (EAL) . 1
4.1 Family name .1
4.2 Family overview .2
4.2.1 General .2
4.2.2 Relationship between assurances and assurance levels .2
4.3 Family objectives .4
4.4 Evaluation assurance level 1 (EAL1) — Functionally tested .5
4.4.1 Package name .5
4.4.2 Package type .5
4.4.3 Package overview .5
4.4.4 Package objectives .5
4.4.5 Package components.5
4.5 Evaluation assurance level 2 (EAL2) — Structurally tested .6
4.5.1 Package name .6
4.5.2 Package type .6
4.5.3 Package overview .6
4.5.4 Package objectives .6
4.5.5 Package components.7
4.6 Evaluation assurance level 3 (EAL3) — Methodically tested and checked .7
4.6.1 Package name .7
4.6.2 Package type .7
4.6.3 Package overview .7
4.6.4 Package objectives .8
4.6.5 Package components.8
4.7 Evaluation assurance level 4 (EAL4) — Methodically designed, tested and reviewed .9
4.7.1 Package name .9
4.7.2 Package type .9
4.7.3 Package overview .9
4.7.4 Package objectives .9
4.7.5 Package components.9
4.8 Evaluation assurance level 5 (EAL5) — Semi-formally designed and tested .10
4.8.1 Package name .10
4.8.2 Package type .10
4.8.3 Package overview .10
4.8.4 Package objectives .10
4.8.5 Package components.11
4.9 Evaluation assurance level 6 (EAL6) — Semi-formally verified design and tested . 12
4.9.1 Package name . 12
4.9.2 Package type . 12
4.9.3 Package overview . 12
4.9.4 Package objectives . 12
4.9.5 Package components. 12
4.10 Evaluation assurance level 7 (EAL7) — Formally verified design and tested . 13
4.10.1 Package name . 13
4.10.2 Package type . 13
4.10.3 Package overview .14
4.10.4 Package objectives .14
4.10.5 Package components.14

© ISO/IEC 2025 – All rights reserved
iii
ISO/IEC FDIS 15408-5:2025(en)
5 Composed assurance packages (CAP) .15
5.1 Family name . 15
5.2 Family overview . 15
5.2.1 General . 15
5.2.2 Relationship between assurances and assurance packages . 15
5.3 Family objectives .17
5.4 Composed assurance package A (CAP-A) — Structurally composed .18
5.4.1 Package name .18
5.4.2 Package type .18
5.4.3 Package overview .18
5.4.4 Package objectives .18
5.4.5 Package components.18
5.5 Composed assurance package B (CAP-B) — Methodically composed .19
5.5.1 Package name .19
5.5.2 Package type .19
5.5.3 Package overview .19
5.5.4 Package objectives .19
5.5.5 Package components. 20
5.6 Composed assurance package C (CAP-C) — Methodically composed, tested and
reviewed . 20
5.6.1 Package name . 20
5.6.2 Package type . 20
5.6.3 Package overview . 20
5.6.4 Package objectives . 20
5.6.5 Package components.21
6 Composite product packages (COMP) .21
6.1 Family name .21
6.2 Family overview .21
6.3 Family objectives . 22
6.4 Composite product package 1 (COMP1) — Consistent, integrated, tested and assessed . 22
6.4.1 Package name . 22
6.4.2 Package type . 22
6.4.3 Package overview . 22
6.4.4 Package objectives . 22
6.4.5 Package components. 22
7 Protection profile assurances (PPA) .23
7.1 Family name . 23
7.2 Family overview . 23
7.3 Family objectives .24
7.4 Protection profile assurance DR (PPA-DR) — Direct rationale .24
7.4.1 Package name .24
7.4.2 Package type .24
7.4.3 Package overview .24
7.4.4 Package objectives .24
7.4.5 Package components.24
7.5 Protection profile assurance STD (PPA-STD) — Standard .24
7.5.1 Package name .24
7.5.2 Package type .24
7.5.3 Package overview .24
7.5.4 Package objectives . 25
7.5.5 Package components. 25
8 Security target assurances (STA) .25
8.1 Family name . 25
8.2 Family overview . 25
8.3 Family objectives . 26
8.4 Security target assurance DR (STA-DR) — Direct rationale . 26
8.4.1 Package name . 26

© ISO/IEC 2025 – All rights reserved
iv
ISO/IEC FDIS 15408-5:2025(en)
8.4.2 Package type . 26
8.4.3 Package overview . 26
8.4.4 Package objectives . 26
8.4.5 Package components. 26
8.5 Security target assurance STD (STA-STD) — Standard . 26
8.5.1 Package name . 26
8.5.2 Package type . 26
8.5.3 Package overview . 26
8.5.4 Package objectives .27
8.5.5 Package components.27

© ISO/IEC 2025 – All rights reserved
v
ISO/IEC FDIS 15408-5:2025(en)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical activity.
ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations,
governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/
IEC Directives, Part 2 (see www.iso.org/directives or www.iec.ch/members_experts/refdocs).
ISO and IEC draw attention to the possibility that the implementation of this document may involve the
use of (a) patent(s). ISO and IEC take no position concerning the evidence, validity or applicability of any
claimed patent rights in respect thereof. As of the date of publication of this document, ISO and IEC had not
received notice of (a) patent(s) which may be required to implement this document. However, implementers
are cautioned that this may not represent the latest information, which may be obtained from the patent
database available at www.iso.org/patents and https://patents.iec.ch. ISO and IEC shall not be held
responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www.iso.org/iso/foreword.html.
In the IEC, see www.iec.ch/understanding-standards.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 27, Information security, cybersecurity and privacy protection, in collaboration with the
European Committee for Standardization (CEN) Technical Committee CEN/CLC/JTC 13, Cybersecurity and
data protection, in accordance with the Agreement on technical cooperation between ISO and CEN (Vienna
Agreement).
This second edition cancels and replaces the first edition (ISO/IEC 15408-5:2022), which has been technically
revised.
The main changes are as follows:
— the terminology has been reviewed and updated;
— mistakes have been corrected.
A list of all parts in the ISO/IEC 15408 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards
body. A complete listing of these bodies can be found at www.iso.org/members.html and
www.iec.ch/national-committees.

© ISO/IEC 2025 – All rights reserved
vi
ISO/IEC FDIS 15408-5:2025(en)
Introduction
This document provides pre-defined packages of security requirements. Such security requirements can be
useful for stakeholders as they strive for conformity between evaluations. Packages of security requirements
can also help reduce the effort in developing Protection Profiles (PPs) and Security Targets (STs).
ISO/IEC 15408-1 defines the term “package” and describes the fundamental concepts concerning packages.
This document presents:
— evaluation assurance levels (EAL) (see Clause 4) family of packages that specify pre-defined sets of
security assurance components that may be referenced in PPs and STs and which specify appropriate
security assurances to be provided during an evaluation of a target of evaluation (TOE);
— composed assurance packages (CAP) (see Clause 5) family of packages that specify sets of security
assurance components used for specifying appropriate security assurances to be provided during an
evaluation of composed TOEs;
— composite product packages (COMP) (see Clause 6) family of packages that specifies a set of security
assurance components used for specifying appropriate security assurances to be provided during an
evaluation of a composite product TOEs;
— protection profile assurances (PPA) (see Clause 7) family of packages that specify sets of security
assurance components used for specifying appropriate security assurances to be provided during a
protection profile evaluation;
— security target assurances (STA) (see Clause 8) family of packages that specify sets of security assurance
components used for specifying appropriate security assurances to be provided during a security target
evaluation.
This document uses bold type to highlight hierarchical relationships between package objectives. This
convention calls for the use of bold type for all new objectives.

© ISO/IEC 2025 – All rights reserved
vii
FINAL DRAFT International Standard ISO/IEC FDIS 15408-5:2025(en)
Information security, cybersecurity and privacy protection —
Evaluation criteria for IT security —
Part 5:
Pre-defined packages of security requirements
1 Scope
This document provides packages of security assurance and security functional requirements that are
intended to be useful in support of common usage by stakeholders.
The users of this document can include consumers, developers and evaluators of secure IT products.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
1)
ISO/IEC 15408-1:— , Information security, cybersecurity and privacy protection — Evaluation criteria for IT
security — Part 1: Introduction and general model
2)
ISO/IEC 15408-3:— , Information security, cybersecurity and privacy protection — Evaluation criteria for IT
security — Part 3: Security assurance components
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 15408-1:— and
ISO/IEC 15408-3:— apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp;
— IEC Electropedia: available at https:// www .electropedia .org.
4 Evaluation assurance levels (EAL)
4.1 Family name
The name of this family of packages is evaluation assurance levels (EALs).
1) Under preparation. Stage at the time of publication: ISO/IEC FDIS 15408-1:2025.
2) Under preparation. Stage at the time of publication: ISO/IEC FDIS 15408-3:2025.

© ISO/IEC 2025 – All rights reserved
ISO/IEC FDIS 15408-5:2025(en)
4.2 Family overview
4.2.1 General
The EALs provide an increasing scale that balances the level of assurance obtained with the cost and
feasibility of acquiring that degree of assurance. The approach of ISO/IEC 15408-1:— identifies the separate
concepts of assurance in a TOE at the end of the evaluation, and of maintenance of that assurance during the
operational use of the TOE.
NOTE Not all families and components given in ISO/IEC 15408-3:— are included in the EALs. This is not to say that
these do not provide meaningful and desirable assurances. Instead, it is expected that these families and components
can be considered for augmentation of an EAL in those Protection Profiles (PPs) and Security Targets (STs) for which
they provide utility. Additionally, some classes found in ISO/IEC 15408-3:— are not relevant for the EALs. Examples of
such classes include class APE (Protection Profile (PP) evaluation) (see ISO/IEC 15408-3:—, Clause 7) and class ACO
(Composition) (see ISO/IEC 15408-3:—, Clause 15).
A set of assurance components have been chosen for each EAL.
A higher level of assurance than that provided by a given EAL can be achieved by:
— including additional assurance components from other assurance families; or
— replacing an assurance component with a higher-level assurance component from the same assurance family.
4.2.2 Relationship between assurances and assurance levels
Figure 1 illustrates the relationship between the security assurance requirements (SARs) found in
ISO/IEC 15408-3:— and the assurance levels defined in this document. While assurance components further
decompose into assurance elements, assurance elements cannot be individually referenced by assurance levels.

© ISO/IEC 2025 – All rights reserved
ISO/IEC FDIS 15408-5:2025(en)
NOTE The arrow in the figure represents a reference from an EAL to an assurance component within the class
where it is defined.
Figure 1 — Assurance and assurance level association
Table 1 represents a summary of the EAL.

© ISO/IEC 2025 – All rights reserved
ISO/IEC FDIS 15408-5:2025(en)
Table 1 — Evaluation assurance level summary
Assurance class Assurance EAL1 EAL2 EAL3 EAL4 EAL5 EAL6 EAL7
Family
ADV (Develop- ADV_ARC 1 1 1 1 1 1
ment)
ADV_FSP 1 2 3 4 5 5 6
ADV_IMP  1 1 2 2
ADV_INT  2 3 3
ADV_SPM   1 1
ADV_TDS 1 2 3 4 5 6
AGD (Guidance AGD_OPE 1 1 1 1 1 1 1
documents)
AGD_PRE 1 1 1 1 1 1 1
ALC (life cycle ALC_CMC 1 2 3 4 4 5 5
support)
ALC_CMS 1 2 3 4 5 5 5
ALC_DEL 1 1 1 1 1 1
ALC_DVS 1 1 1 2 2
ALC_LCD 1 1 1 1 2
ALC_TAT  1 2 3 3
ASE (Security ASE_CCL 1 1 1 1 1 1 1
Target (ST) evalu-
ASE_ECD 1 1 1 1 1 1 1
ation)
ASE_INT 1 1 1 1 1 1 1
ASE_OBJ 1 2 2 2 2 2 2
ASE_REQ 1 2 2 2 2 2 2
ASE_SPD 1 1 1 1 1 1
ASE_TSS 1 1 1 1 1 1 1
ATE (Tests) ATE_COV 1 2 2 2 3 3
ATE_DPT 1 1 3 3 4
ATE_FUN 1 1 1 1 2 2
ATE_IND 1 2 2 2 2 2 3
AVA (Vulnerability AVA_VAN 1 2 2 3 4 5 5
assessment)
The columns represent a hierarchically ordered set of EALs, while the rows represent assurance families.
Each number in the resulting matrix identifies a specific assurance component where applicable.
Those items marked in grey are not applicable in the EAL specification. However, they can be used to
augment the EAL package.
NOTE Although the ALC_FLR (Flaw remediation) (see ISO/IEC 15408-3:—, 12.6) and ALC_TDA (TOE development
artefacts) (see ISO/IEC 15408-3:—, 12.8) families are not shown, they are often used as an augmentation to the EALs.
4.3 Family objectives
Seven hierarchically ordered evaluation assurance levels are defined in this document for the rating of a
TOE’s assurance. They are hierarchically ordered inasmuch as each EAL represents more assurance than
all lower EALs. The increase in assurance from one EAL to another is accomplished by substitution of a
hierarchically higher assurance component from the same assurance family (i.e. increasing rigour, scope
and depth) and from the addition of assurance components from other assurance families (i.e. adding new
requirements).
These EALs consist of an appropriate combination of assurance components as described in
ISO/IEC 15408-3:—. More precisely, each EAL includes no more than one component of each assurance
family and all the assurance dependencies of every component are addressed.

© ISO/IEC 2025 – All rights reserved
ISO/IEC FDIS 15408-5:2025(en)
The notion of “augmentation” allows the addition of assurance components (from assurance families not
already included in the EAL) or the substitution of assurance components (with another hierarchically
higher assurance component in the same assurance family) to an EAL. Of the assurance constructs defined
in ISO/IEC 15408-1:—, only EALs may be augmented. The notion of an “EAL minus a constituent assurance
component” is not recognized in ISO/IEC 15408-1:— as a valid claim. Augmentation carries with it the
obligation on the part of the claimant to justify the utility and added value of the added assurance component
to the EAL. An EAL may also be augmented with extended assurance requirements.
NOTE An EAL cannot be augmented if it is included in an ST that claims exact conformance to a PP.
4.4 Evaluation assurance level 1 (EAL1) — Functionally tested
4.4.1 Package name
The name of the package is evaluation assurance level 1 (EAL1) — Functionally tested.
4.4.2 Package type
This is an assurance package.
4.4.3 Package overview
EAL1 is applicable where some confidence in correct operation is required, but the threats to security are
not viewed as serious. Where independent assurance is required to support the contention that due care has
been exercised with respect to the protection of personal or similar information, the application of EAL1 is
recommended.
EAL1 requires only a limited ST. It is sufficient to simply state the required security functional requirements
(SFRs) for the TOE, rather than deriving them from threats, organizational security policies (OSPs) and
assumptions through security objectives.
EAL1 provides an evaluation of the TOE as made available to the customer, including independent testing
against a specification, and an examination of the guidance documentation provided. It is intended that an
EAL1 evaluation can be successfully conducted without assistance from the developer of the TOE, and for
minimal outlay.
An evaluation at this level provides evidence that the TOE functions in a manner consistent with its
documentation.
4.4.4 Package objectives
EAL1 provides a basic level of assurance by a limited ST and an analysis of the SFRs in that ST using
a functional and interface specification and guidance documentation, to understand the security
behaviour.
The analysis is supported by a search for potential vulnerabilities in the public domain and
independent testing (functional and penetration) of the TOE security functionality (TSF).
EAL1 also provides assurance through unique identification of the TOE and of the relevant evaluation
documents.
This EAL provides a meaningful increase in assurance over unevaluated IT.
4.4.5 Package components
Table 2 gives the assurance components included in EAL1.

© ISO/IEC 2025 – All rights reserved
ISO/IEC FDIS 15408-5:2025(en)
Table 2 — EAL1
Assurance class Assurance component
ADV (Development) ADV_FSP.1 (Basic functional specification)
AGD (Guidance documents) AGD_OPE.1 (Operational user guidance)
AGD_PRE.1 (Preparative procedures)
ALC (life cycle support) ALC_CMC.1 (Labelling of the TOE)
ALC_CMS.1 (TOE CM coverage)
ASE (Security Target (ST) evaluation) ASE_CCL.1 (Conformance claims)
ASE_ECD.1 (Extended components definition)
ASE_INT.1 (ST introduction)
ASE_OBJ.1 (Security objectives for the operational environment)
ASE_REQ.1 (Direct rationale security requirements)
ASE_TSS.1 (TOE summary specification)
ATE (Tests) ATE_IND.1 (Independent testing - conformance)
AVA (Vulnerability assessment) AVA_VAN.1 (Vulnerability survey)
4.5 Evaluation assurance level 2 (EAL2) — Structurally tested
4.5.1 Package name
The name of the package is evaluation assurance level 2 (EAL2) — Structurally tested.
4.5.2 Package type
This is an assurance package.
4.5.3 Package overview
EAL2 requires the co-operation of the developer in terms of the delivery of design information and
test results but should not demand more effort on the part of the developer than is consistent with good
commercial practice. As such, it should not require a substantially increased investment of cost or time.
EAL2 is therefore applicable in those circumstances where developers or users require a low to moderate
level of independently assured security in the absence of ready availability of the complete development
record. Such a situation can arise when securing legacy systems or where access to the developer can be
limited.
4.5.4 Package objectives
EAL2 provides assurance by a full ST and an analysis of the SFRs in that ST, using a functional and interface
specification, guidance documentation and a basic description of the architecture of the TOE, to
understand the security behaviour.
The analysis is supported by:
— independent testing of the TSF;
— evidence of developer testing based on the functional specification, selective independent
confirmation of the developer test results; and
— a vulnerability analysis (based on the functional specification, TOE design, security architecture
description and guidance evidence provided) demonstrating resistance to penetration attackers
with a Basic attack potential (see ISO/IEC 15408-1:—, Clause 3).

© ISO/IEC 2025 – All rights reserved
ISO/IEC FDIS 15408-5:2025(en)
EAL2 also provides assurance through use of a configuration management system and evidence of
secure delivery procedures.
This EAL represents a meaningful increase in assurance from EAL1 by requiring developer testing, a
vulnerability analysis (in addition to the search of the public domain) and independent testing based
on more detailed TOE specifications.
4.5.5 Package components
Table 3 gives the assurance components included in EAL2.
Table 3 — EAL2
Assurance class Assurance component
ADV (Development) ADV_ARC.1 (Security architecture description)
ADV_FSP.2 (Security-enforcing functional specification)
ADV_TDS.1 (Basic design)
AGD (Guidance documents) AGD_OPE.1 (Operational user guidance)
AGD_PRE.1 (Preparative procedures)
ALC (life cycle support) ALC_CMC.2 (Use of the CM system)
ALC_CMS.2 (Parts of the TOE CM coverage)
ALC_DEL.1 (Delivery procedures)
ASE (Security Target (ST) evaluation) ASE_CCL.1 (Conformance claims)
ASE_ECD.1 (Extended components definition)
ASE_INT.1 (ST introduction)
ASE_OBJ.2 (Security objectives)
ASE_REQ.2 (Derived security requirements)
ASE_SPD.1 (Security problem definition)
ASE_TSS.1 (TOE summary specification)
ATE (Tests) ATE_COV.1 (Evidence of coverage)
ATE_FUN.1 (Functional testing)
ATE_IND.2 (Independent testing - sample)
AVA (Vulnerability assessment) AVA_VAN.2 (Vulnerability analysis)
4.6 Evaluation assurance level 3 (EAL3) — Methodically tested and checked
4.6.1 Package name
The name of the package is evaluation assurance level 3 (EAL3) — Methodically tested and checked.
4.6.2
...


Style Definition
FDIS ISO 15408--5(E:2025(en) .
Formatted
...
Secretariat: DIN
Formatted: zzCover, Left
ISO/JTC 1/SC 27/WG 3
Formatted: English (United States)
Formatted: zzCover, Left, Don't adjust space between
Date: 2025-07-0109-26
Latin and Asian text, Don't adjust space between Asian
text and numbers
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security
Formatted: English (United States)
— Part 5: Pre-defined packages of security requirements
Formatted: English (United States)
Formatted: zzCover, Left, Space After: 0 pt, Don't
adjust space between Latin and Asian text, Don't adjust
space between Asian text and numbers
Formatted: Font: 11 pt
Formatted: zzCover, Line spacing: single, Don't adjust
space between Latin and Asian text, Don't adjust space
between Asian text and numbers

FDIS stage
Warning for WDs and CDs
This document is not an ISO International Standard. It is distributed for review and comment. It is subject to
change without notice and may not be referred to as an International Standard.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of
which they are aware and to provide supporting documentation.

A model document of an International Standard (the Model International Standard) is available at:
https://www.iso.org/drafting-standards.html
Sécurité de l'information, cybersécurité et protection de la vie privée — Critères d'évaluation pour la
sécurité des technologies de l'information — Partie 5: Paquets prédéfinis d'exigences de sécurité

FDIS ISO 15408-5(E)
© ISO/IEC 2025
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no
Formatted: Font: 11 pt, Font color: Blue
part of this publication may be reproduced or utilized otherwise in any form or by any means,
Formatted: Border: Box: (Single solid line, Blue, 0.5 pt
electronic or mechanical, including photocopying, or posting on the internet or an intranet, without
Line width)
prior written permission. Permission can be requested from either ISO at the address below or ISO’s
member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.orgwww.iso.org
Formatted: Font: 11 pt, Font color: Blue
Published in Switzerland
iv
FDIS ISO 15408-5(E)
Contents Formatted: Space Before: 48 pt, Don't adjust space
between Latin and Asian text, Don't adjust space
between Asian text and numbers
Introduction . xii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Evaluation assurance levels (EAL) . 1
4.1 Family name . 1
4.2 Family overview . 2
4.2.1 General . 2
4.2.2 Relationship between assurances and assurance levels . 2
4.3 Family objectives . 5
4.4 Evaluation assurance level 1 (EAL1) — Functionally tested . 6
4.4.1 Package name . 6
4.4.2 Package type . 6
4.4.3 Package overview . 6
4.4.4 Package objectives . 6
4.4.5 Package components . 7
4.5 Evaluation assurance level 2 (EAL2) — Structurally tested . 7
4.5.1 Package name . 7
4.5.2 Package type . 7
4.5.3 Package overview . 7
4.5.4 Package objectives . 7
4.5.5 Package components . 8
4.6 Evaluation assurance level 3 (EAL3) — Methodically tested and checked . 9
4.6.1 Package name . 9
4.6.2 Package type . 9
4.6.3 Package overview . 9
4.6.4 Package objectives . 9
4.6.5 Package components . 9
4.7 Evaluation assurance level 4 (EAL4) — Methodically designed, tested and reviewed
......................................................................................................................................................... 10
4.7.1 Package name . 10
4.7.2 Package type . 10
4.7.3 Package overview . 10
4.7.4 Package objectives . 10
4.7.5 Package components . 11
4.8 Evaluation assurance level 5 (EAL5) — Semi-formally designed and tested . 12
4.8.1 Package name . 12
4.8.2 Package type . 12
4.8.3 Package overview . 12
4.8.4 Package objectives . 12
4.8.5 Package components . 12
4.9 Evaluation assurance level 6 (EAL6) — Semi-formally verified design and tested . 14
4.9.1 Package name . 14
4.9.2 Package type . 14
4.9.3 Package overview . 14
4.9.4 Package objectives . 14
4.9.5 Package components . 14
4.10 Evaluation assurance level 7 (EAL7) — Formally verified design and tested . 15
v
FDIS ISO 15408-5(E)
4.10.1 Package name . 15
4.10.2 Package type . 16
4.10.3 Package overview . 16
4.10.4 Package objectives . 16
4.10.5 Package components . 16
5 Composed assurance packages (CAP) . 17
5.1 Family name . 17
5.2 Family overview . 17
5.2.1 General . 17
5.2.2 Relationship between assurances and assurance packages . 18
5.3 Family objectives . 21
5.4 Composed assurance package A (CAP-A) — Structurally composed . 22
5.4.1 Package name . 22
5.4.2 Package type . 22
5.4.3 Package overview . 22
5.4.4 Package objectives . 22
5.4.5 Package components . 22
5.5 Composed assurance package B (CAP-B) — Methodically composed. 23
5.5.1 Package name . 23
5.5.2 Package type . 23
5.5.3 Package overview . 23
5.5.4 Package objectives . 23
5.5.5 Package components . 24
5.6 Composed assurance package C (CAP-C) — Methodically composed, tested and
reviewed. 24
5.6.1 Package name . 24
5.6.2 Package type . 24
5.6.3 Package overview . 25
5.6.4 Package objectives . 25
5.6.5 Package components . 25
6 Composite product packages (COMP) . 26
6.1 Family name . 26
6.2 Family overview . 26
6.3 Family objectives . 26
6.4 Composite product package 1 (COMP1) — Consistent, integrated, tested and
assessed . 26
6.4.1 Package name . 26
6.4.2 Package type . 26
6.4.3 Package overview . 27
6.4.4 Package objectives . 27
6.4.5 Package components . 27
7 Protection profile assurances (PPA) . 27
7.1 Family name . 27
7.2 Family overview . 27
7.3 Family objectives . 28
7.4 Protection profile assurance DR (PPA-DR) — Direct rationale . 28
7.4.1 Package name . 28
7.4.2 Package type . 28
7.4.3 Package overview . 28
7.4.4 Package objectives . 28
7.4.5 Package components . 28
7.5 Protection profile assurance STD (PPA-STD) — Standard. 29
vi
FDIS ISO 15408-5(E)
7.5.1 Package name . 29
7.5.2 Package type . 29
7.5.3 Package overview . 29
7.5.4 Package objectives . 29
7.5.5 Package components . 29
8 Security target assurances (STA) . 30
8.1 Family name . 30
8.2 Family overview . 30
8.3 Family objectives . 30
8.4 Security target assurance DR (STA-DR) — Direct rationale . 30
8.4.1 Package name . 30
8.4.2 Package type . 30
8.4.3 Package overview . 31
8.4.4 Package objectives . 31
8.4.5 Package components . 31
8.5 Security target assurance STD (STA-STD) — Standard . 31
8.5.1 Package name . 31
8.5.2 Package type . 31
8.5.3 Package overview . 31
8.5.4 Package objectives . 31
8.5.5 Package components . 31
Foreword . x
Introduction . xii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Evaluation assurance levels (EAL) . 1
4.1 Family name . 1
4.2 Family overview . 2
4.2.1 General . 2
4.2.2 Relationship between assurances and assurance levels . 2
4.3 Family objectives . 5
4.4 Evaluation assurance level 1 (EAL1) — Functionally tested . 6
4.4.1 Package name . 6
4.4.2 Package type . 6
4.4.3 Package overview . 6
4.4.4 Package objectives . 6
4.4.5 Package components . 7
4.5 Evaluation assurance level 2 (EAL2) — Structurally tested . 7
4.5.1 Package name . 7
4.5.2 Package type . 7
4.5.3 Package overview . 7
4.5.4 Package objectives . 7
4.5.5 Package components . 8
4.6 Evaluation assurance level 3 (EAL3) — Methodically tested and checked . 9
4.6.1 Package name . 9
4.6.2 Package type . 9
4.6.3 Package overview . 9
4.6.4 Package objectives . 9
4.6.5 Package components . 9
vii
FDIS ISO 15408-5(E)
4.7 Evaluation assurance level 4 (EAL4) — Methodically designed, tested and reviewed
......................................................................................................................................................... 10
4.7.1 Package name . 10
4.7.2 Package type . 10
4.7.3 Package overview . 10
4.7.4 Package objectives . 10
4.7.5 Package components . 11
4.8 Evaluation assurance level 5 (EAL5) — Semi-formally designed and tested . 12
4.8.1 Package name . 12
4.8.2 Package type . 12
4.8.3 Package overview . 12
4.8.4 Package objectives . 12
4.8.5 Package components . 12
4.9 Evaluation assurance level 6 (EAL6) — Semi-formally verified design and tested . 14
4.9.1 Package name . 14
4.9.2 Package type . 14
4.9.3 Package overview . 14
4.9.4 Package objectives . 14
4.9.5 Package components . 14
4.10 Evaluation assurance level 7 (EAL7) — Formally verified design and tested . 15
4.10.1 Package name . 15
4.10.2 Package type . 16
4.10.3 Package overview . 16
4.10.4 Package objectives . 16
4.10.5 Package components . 16
5 Composed assurance packages (CAP) . 17
5.1 Family name . 17
5.2 Family overview . 17
5.2.1 General . 17
5.2.2 Relationship between assurances and assurance packages . 18
5.3 Family objectives . 21
5.4 Composed assurance package A (CAP-A) — Structurally composed . 22
5.4.1 Package name . 22
5.4.2 Package type . 22
5.4.3 Package overview . 22
5.4.4 Package objectives . 22
5.4.5 Package components . 22
5.5 Composed assurance package B (CAP-B) — Methodically composed. 23
5.5.1 Package name . 23
5.5.2 Package type . 23
5.5.3 Package overview . 23
5.5.4 Package objectives . 23
5.5.5 Package components . 24
5.6 Composed assurance package C (CAP-C) — Methodically composed, tested and
reviewed. 24
5.6.1 Package name . 24
5.6.2 Package type . 24
5.6.3 Package overview . 25
5.6.4 Package objectives . 25
5.6.5 Package components . 25
6 Composite product packages (COMP) . 26
6.1 Family name . 26
viii
FDIS ISO 15408-5(E)
6.2 Family overview . 26
6.3 Family objectives . 26
6.4 Composite product package 1 (COMP1) — Consistent, integrated, tested and
assessed . 26
6.4.1 Package name . 26
6.4.2 Package type . 26
6.4.3 Package overview . 27
6.4.4 Package objectives . 27
6.4.5 Package components . 27
7 Protection profile assurances (PPA) . 27
7.1 Family name . 27
7.2 Family overview . 27
7.3 Family objectives . 28
7.4 Protection profile assurance DR (PPA-DR) — Direct rationale . 28
7.4.1 Package name . 28
7.4.2 Package type . 28
7.4.3 Package overview . 28
7.4.4 Package objectives . 28
7.4.5 Package components . 28
7.5 Protection profile assurance STD (PPA-STD) — Standard. 29
7.5.1 Package name . 29
7.5.2 Package type . 29
7.5.3 Package overview . 29
7.5.4 Package objectives . 29
7.5.5 Package components . 29
8 Security target assurances (STA) . 30
8.1 Family name . 30
8.2 Family overview . 30
8.3 Family objectives . 30
8.4 Security target assurance DR (STA-DR) — Direct rationale . 30
8.4.1 Package name . 30
8.4.2 Package type . 30
8.4.3 Package overview . 31
8.4.4 Package objectives . 31
8.4.5 Package components . 31
8.5 Security target assurance STD (STA-STD) — Standard . 31
8.5.1 Package name . 31
8.5.2 Package type . 31
8.5.3 Package overview . 31
8.5.4 Package objectives . 31
8.5.5 Package components . 31
ix
FDIS ISO 15408-5(E)
Formatted: Foreword Title, Don't adjust space between
Foreword
Latin and Asian text, Don't adjust space between Asian
text and numbers
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical activity.
ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directiveswww.iso.org/directives or
www.iec.ch/members_experts/refdocswww.iec.ch/members_experts/refdocs).
ISO and IEC draw attention to the possibility that the implementation of this document may involve the
use of (a) patent(s). ISO and IEC take no position concerning the evidence, validity or applicability of any
claimed patent rights in respect thereof. As of the date of publication of this document, ISO and IEC had
Formatted: Font color: Auto
not received notice of (a) patent(s) which may be required to implement this document. However,
implementers are cautioned that this may not represent the latest information, which may be obtained
from the patent database available at www.iso.org/patents and
https://patents.iec.ch.www.iso.org/patents and https://patents.iec.ch. ISO and IEC shall not be held
responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
Formatted: std_publisher
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see
Formatted: std_docNumber
www.iso.org/iso/foreword.html.www.iso.org/iso/foreword.html. In the IEC, see
www.iec.ch/understanding-standardswww.iec.ch/understanding-standards.
Formatted: Don't adjust space between Latin and Asian
text, Don't adjust space between Asian text and
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
numbers
Subcommittee SC 27, Information security, cybersecurity and privacy protection, in collaboration with the
Formatted: std_publisher
European Committee for Standardization (CEN) Technical Committee CEN/CLC/JTC 13, Cybersecurity
Formatted: std_docNumber
and data protection, in accordance with the Agreement on technical cooperation between ISO and CEN
(Vienna Agreement). Formatted: std_docPartNumber
Formatted: std_year
This second edition cancels and replaces the first edition (ISO/IEC 15408-5:2022), which has been
Formatted: List Continue 1, No bullets or numbering,
technically revised.
Don't adjust space between Latin and Asian text, Don't
adjust space between Asian text and numbers, Tab
The main changes are as follows:
stops: 0.7 cm, Left + 1.4 cm, Left + 2.1 cm, Left + 2.8
cm, Left + 3.5 cm, Left + 4.2 cm, Left + 4.9 cm, Left +
— — the terminology has been reviewed and updated;
5.6 cm, Left + 6.3 cm, Left + 7 cm, Left
— — mistakes have been corrected. Formatted: Don't adjust space between Latin and Asian
text, Don't adjust space between Asian text and
numbers
A list of all parts in the ISO/IEC 15408 series can be found on the ISO website.
Formatted: std_publisher
Formatted: std_docNumber
Formatted: std_docPartNumber
x
FDIS ISO 15408-5(E)
Any feedback or questions on this document should be directed to the user’s national standards body.
A complete listing of these bodies can be found at www.iso.org/members.html and
www.iec.ch/national-committees.www.iso.org/members.html and www.iec.ch/national-committees.

xi
FDIS ISO 15408-5(E)
Formatted: No page break before, Don't adjust space
Introduction
between Latin and Asian text, Don't adjust space
between Asian text and numbers
This document provides pre-defined packages of security requirements. Such security requirements can
Formatted: Don't adjust space between Latin and Asian
be useful for stakeholders as they strive for conformity between evaluations. Packages of security
text, Don't adjust space between Asian text and
requirements can also help reduce the effort in developing Protection Profiles (PPs) and Security
numbers
Targets (STs).
ISO/IEC 15408-1 defines the term “package” and describes the fundamental concepts concerning
Formatted: std_publisher
packages.
Formatted: std_docNumber
This document presents:
Formatted: std_docPartNumber
— — evaluation assurance levels (EAL) (see Clause 4) family of packages that specify pre-defined
Formatted: No bullets or numbering
sets of security assurance components that may be referenced in PPs and STs and which specify
Formatted: cite_sec
appropriate security assurances to be provided during an evaluation of a target of evaluation (TOE);
Formatted: cite_sec
— — composed assurance packages (CAP) (see Clause 5) family of packages that specify sets of
Formatted: cite_sec
security assurance components used for specifying appropriate security assurances to be provided
Formatted: cite_sec
during an evaluation of composed TOEs;
— — composite product packages (COMP) (see Clause 6) family of packages that specifies a set of
Formatted: cite_sec
security assurance components used for specifying appropriate security assurances to be provided
Formatted: cite_sec
during an evaluation of a composite product TOEs;
— — protection profile assurances (PPA) (see Clause 7) family of packages that specify sets of
Formatted: cite_sec
security assurance components used for specifying appropriate security assurances to be provided
Formatted: cite_sec
during a protection profile evaluation;
— — security target assurances (STA) (see Clause 8) family of packages that specify sets of security
Formatted: cite_sec
assurance components used for specifying appropriate security assurances to be provided during a
Formatted: cite_sec
security target evaluation.
This document uses bold type to highlight hierarchical relationships between package objectives. This
Formatted: Don't adjust space between Latin and Asian
convention calls for the use of bold type for all new objectives. text, Don't adjust space between Asian text and
numbers
The catalogue of security assurance requirements defined in this document is provided in machine
readable format (XML) at: https://standards.iso.org/iso-iec/TBD.
...


PROJET FINAL
Norme
internationale
ISO/IEC
FDIS
15408-5
ISO/IEC JTC 1/SC 27
Sécurité de l'information,
Secrétariat: DIN
cybersécurité et protection de la
Début de vote:
vie privée — Critères d'évaluation
2025-10-13
pour la sécurité des technologies de
Vote clos le:
l'information —
2025-12-08
Partie 5:
Paquets prédéfinis d'exigences de
sécurité
Information security, cybersecurity and privacy protection —
Evaluation criteria for IT security —
Part 5: Pre-defined packages of security requirements
LES DESTINATAIRES DU PRÉSENT PROJET SONT
INVITÉS À PRÉSENTER, AVEC LEURS OBSERVATIONS,
NOTIFICATION DES DROITS DE PROPRIÉTÉ DONT ILS
AURAIENT ÉVENTUELLEMENT CONNAISSANCE ET À
FOURNIR UNE DOCUMENTATION EXPLICATIVE.
OUTRE LE FAIT D’ÊTRE EXAMINÉS POUR
ÉTABLIR S’ILS SONT ACCEPTABLES À DES FINS
INDUSTRIELLES, TECHNOLOGIQUES ET COM-MERCIALES,
AINSI QUE DU POINT DE VUE DES UTILISATEURS, LES
PROJETS DE NORMES
TRAITEMENT PARALLÈLE ISO/CEN
INTERNATIONALES DOIVENT PARFOIS ÊTRE CONSIDÉRÉS
DU POINT DE VUE DE LEUR POSSI BILITÉ DE DEVENIR DES
NORMES POUVANT
SERVIR DE RÉFÉRENCE DANS LA RÉGLEMENTATION
NATIONALE.
Numéro de référence
ISO/IEC FDIS 15408-5:2025(fr) © ISO/IEC 2025

PROJET FINAL
ISO/IEC FDIS 15408-5:2025(fr)
Norme
internationale
ISO/IEC
FDIS
15408-5
ISO/IEC JTC 1/SC 27
Sécurité de l'information,
Secrétariat: DIN
cybersécurité et protection de la
Début de vote:
vie privée — Critères d'évaluation
2025-10-13
pour la sécurité des technologies de
Vote clos le:
l'information —
2025-12-08
Partie 5:
Paquets prédéfinis d'exigences de
sécurité
Information security, cybersecurity and privacy protection —
Evaluation criteria for IT security —
Part 5: Pre-defined packages of security requirements
LES DESTINATAIRES DU PRÉSENT PROJET SONT
INVITÉS À PRÉSENTER, AVEC LEURS OBSERVATIONS,
NOTIFICATION DES DROITS DE PROPRIÉTÉ DONT ILS
AURAIENT ÉVENTUELLEMENT CONNAISSANCE ET À
FOURNIR UNE DOCUMENTATION EXPLICATIVE.
DOCUMENT PROTÉGÉ PAR COPYRIGHT
OUTRE LE FAIT D’ÊTRE EXAMINÉS POUR
ÉTABLIR S’ILS SONT ACCEPTABLES À DES FINS
© ISO/IEC 2025
INDUSTRIELLES, TECHNOLOGIQUES ET COM-MERCIALES,
AINSI QUE DU POINT DE VUE DES UTILISATEURS, LES
Tous droits réservés. Sauf prescription différente ou nécessité dans le contexte de sa mise en œuvre, aucune partie de cette
PROJETS DE NORMES
publication ne peut être reproduite ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, TRAITEMENT PARALLÈLE ISO/CEN
INTERNATIONALES DOIVENT PARFOIS ÊTRE CONSIDÉRÉS
y compris la photocopie, ou la diffusion sur l’internet ou sur un intranet, sans autorisation écrite préalable. Une autorisation peut DU POINT DE VUE DE LEUR POSSI BILITÉ DE DEVENIR DES
NORMES POUVANT
être demandée à l’ISO à l’adresse ci-après ou au comité membre de l’ISO dans le pays du demandeur.
SERVIR DE RÉFÉRENCE DANS LA RÉGLEMENTATION
NATIONALE.
ISO copyright office
Case postale 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Genève
Tél.: +41 22 749 01 11
E-mail: copyright@iso.org
Web: www.iso.org
Publié en Suisse
Numéro de référence
ISO/IEC FDIS 15408-5:2025(fr) © ISO/IEC 2025

© ISO/IEC 2025 – Tous droits réservés
ii
ISO/IEC FDIS 15408-5:2025(fr)
Sommaire Page
Avant-propos .vi
Introduction .vii
1 Domaine d'application . 1
2 Références normatives . 1
3 Termes et définitions . 1
4 Niveaux d'assurance de l'évaluation (EAL) . 1
4.1 Nom de la famille .1
4.2 Vue d'ensemble de la famille .2
4.2.1 Généralités .2
4.2.2 Relation entre exigences et niveaux d'assurance .2
4.3 Objectifs de la famille .4
4.4 Niveau d'assurance de l'évaluation 1 (EAL1) — Testé fonctionnellement .5
4.4.1 Nom du paquet .5
4.4.2 Type de paquet .5
4.4.3 Vue d'ensemble des paquetages .5
4.4.4 Objectifs du paquet.5
4.4.5 Composants du paquet .6
4.5 Niveau d'assurance de l'évaluation 2 (EAL2) — Testé structurellement .6
4.5.1 Nom du paquet .6
4.5.2 Type de paquet .6
4.5.3 Vue d'ensemble des paquetages .6
4.5.4 Objectifs du paquet.6
4.5.5 Composants du paquet .7
4.6 Niveau d'assurance de l'évaluation 3 (EAL3) — Testé et vérifié méthodiquement .7
4.6.1 Nom du paquet .7
4.6.2 Type de paquet .7
4.6.3 Vue d'ensemble des paquetages .8
4.6.4 Objectifs du paquet.8
4.6.5 Composants du paquet .8
4.7 Niveau d'assurance de l'évaluation 4 (EAL4) — Conçu, testé et revu méthodiquement.9
4.7.1 Nom du paquet .9
4.7.2 Type de paquet .9
4.7.3 Vue d'ensemble des paquetages .9
4.7.4 Objectifs du paquet.9
4.7.5 Composants du paquet .10
4.8 Niveau d'assurance de l'évaluation 5 (EAL5) — Conçu à l'aide de méthodes semi-
formelles et testé .10
4.8.1 Nom du paquet .10
4.8.2 Type de paquet .11
4.8.3 Vue d'ensemble des paquetages .11
4.8.4 Objectifs du paquet.11
4.8.5 Composants du paquet .11
4.9 Niveau d'assurance de l'évaluation 6 (EAL6) — Testé et conception vérifiée à l'aide de
méthodes semi-formelles . 12
4.9.1 Nom du paquet . 12
4.9.2 Type de paquet . 12
4.9.3 Vue d'ensemble des paquetages . 12
4.9.4 Objectifs du paquet. 13
4.9.5 Composants du paquet . 13
4.10 Niveau d'assurance de l'évaluation 7 (EAL7) — Testé et conception vérifiée à l'aide de
méthodes formelles .14
4.10.1 Nom du paquet .14
4.10.2 Type de paquet .14
4.10.3 Vue d'ensemble des paquetages .14

© ISO/IEC 2025 – Tous droits réservés
iii
ISO/IEC FDIS 15408-5:2025(fr)
4.10.4 Objectifs du paquet.14
4.10.5 Composants du paquet . 15
5 Paquets d'assurance composés (CAP) .16
5.1 Nom de la famille .16
5.2 Vue d'ensemble de la famille .16
5.2.1 Généralités .16
5.2.2 Relation entre exigences et paquets d'assurance .16
5.3 Objectifs de la famille .18
5.4 Paquet d'assurance composé A (CAP— A) — Composé structurellement .19
5.4.1 Nom du paquet .19
5.4.2 Type de paquet .19
5.4.3 Vue d'ensemble des paquetages .19
5.4.4 Objectifs du paquet.19
5.4.5 Composants du paquet .19
5.5 Paquet d'assurance composé B (CAP— B) — Composé méthodiquement . 20
5.5.1 Nom du paquet . 20
5.5.2 Type de paquet . 20
5.5.3 Vue d'ensemble des paquetages . 20
5.5.4 Objectifs du paquet. 20
5.5.5 Composants du paquet .21
5.6 Paquet d'assurance composé C (CAP-C) — Composé, testé et revu méthodiquement.21
5.6.1 Nom du paquet .21
5.6.2 Type de paquet .21
5.6.3 Vue d'ensemble des paquetages .21
5.6.4 Objectifs du paquet. 22
5.6.5 Composants du paquet . 22
6 Paquets de produits composites (COMP) .22
6.1 Nom de la famille . 22
6.2 Vue d'ensemble de la famille . 22
6.3 Objectifs de la famille . 23
6.4 Paquet de produit composite 1 (COMP1) — Cohérent, intégré, testé et évalué. 23
6.4.1 Nom du paquet . 23
6.4.2 Type de paquet . 23
6.4.3 Vue d'ensemble des paquetages . 23
6.4.4 Objectifs du paquet. 23
6.4.5 Composants du paquet . 23
7 Assurances du profil de protection (PPA) .24
7.1 Nom de la famille .24
7.2 Vue d'ensemble de la famille .24
7.3 Objectifs de la famille . 25
7.4 Assurance du profil de protection DR (PPA-DR) — Justification directe. 25
7.4.1 Nom du paquet . 25
7.4.2 Type de paquet . 25
7.4.3 Vue d'ensemble des paquetages . 25
7.4.4 Objectifs du paquet. 25
7.4.5 Composants du paquet . 25
7.5 Assurance du profil de protection STD (PPA-STD) — Standard . 25
7.5.1 Nom du paquet . 25
7.5.2 Type de paquet . 25
7.5.3 Vue d'ensemble des paquetages . 26
7.5.4 Objectifs du paquet. 26
7.5.5 Composants du paquet . 26
8 Assurances de la cible de sécurité (STA) .26
8.1 Nom de la famille . 26
8.2 Vue d'ensemble de la famille . 26
8.3 Objectifs de la famille .27
8.4 Assurance de la cible de sécurité DR (STA-DR) — Justification directe .27

© ISO/IEC 2025 – Tous droits réservés
iv
ISO/IEC FDIS 15408-5:2025(fr)
8.4.1 Nom du paquet .27
8.4.2 Type de paquet .27
8.4.3 Vue d'ensemble des paquetages .27
8.4.4 Objectifs du paquet.27
8.4.5 Composants du paquet .27
8.5 Assurance de la cible de sécurité STD (STA-STD) — Standard . 28
8.5.1 Nom du paquet . 28
8.5.2 Type de paquet . 28
8.5.3 Vue d'ensemble des paquetages . 28
8.5.4 Objectifs du paquet. 28
8.5.5 Composants du paquet . 28

© ISO/IEC 2025 – Tous droits réservés
v
ISO/IEC FDIS 15408-5:2025(fr)
Avant-propos
L'ISO (Organisation internationale de normalisation) et l'IEC (Commission électrotechnique internationale)
forment le système spécialisé de la normalisation mondiale. Les organismes nationaux membres de l'ISO
ou de l'IEC participent au développement de Normes Internationales par l'intermédiaire des comités
techniques créés par l'organisation concernée afin de s'occuper des domaines particuliers de l'activité
technique. Les comités techniques de l'ISO et de l'IEC collaborent dans des domaines d'intérêt commun.
D'autres organisations internationales, gouvernementales et non gouvernementales, en liaison avec l'ISO et
l'IEC participent également aux travaux.
Les procédures utilisées pour élaborer le présent document et celles destinées à sa mise à jour sont décrites
dans les Directives ISO/IEC, Partie 1. Il convient, en particulier de prendre note des différents critères
d'approbation requis pour les différents types de documents. Le présent document a été rédigé conformément
aux règles de rédaction données dans les Directives ISO/IEC, Partie 2 (voir www.iso.org/directives ou
www.iec.ch/members_experts/refdocs).
L'ISO et l'IEC attirent l'attention sur le fait que la mise en application du présent document peut entraîner
l'utilisation d'un ou de plusieurs brevets. L'ISO et L'IEC ne prennent pas position quant à la preuve, à la
validité et à l'applicabilité de tout droit de propriété revendiqué à cet égard. À la date de publication du
présent document, l'ISO et l'IEC n'avaient pas reçu notification qu'un ou plusieurs brevets pouvaient être
nécessaires à sa mise en application. Toutefois, il y a lieu d'avertir les responsables de la mise en application
du présent document que des informations plus récentes sont susceptibles de figurer dans la base de données
de brevets, disponible à l'adresse www.iso.org/brevets et https://patents.iec.ch. L'ISO et l'IEC ne sauraient
être tenues pour responsables de ne pas avoir identifié de tels droits de propriété et averti de leur existence.
Les appellations commerciales éventuellement mentionnées dans le présent document sont données pour
information, par souci de commodité, à l'intention des utilisateurs et ne sauraient constituer un engagement.
Pour une explication de la nature volontaire des normes, la signification des termes et expressions
spécifiques de l'ISO liés à l'évaluation de la conformité, ou pour toute information au sujet de l'adhésion de
l'ISO aux principes de l'Organisation mondiale du commerce (OMC) concernant les obstacles techniques au
commerce (OTC), voir www.iso.org/avant-propos. Pour l'IEC, voir www.iec.ch/understanding-standards.
Le présent document a été élaboré par le comité technique mixte ISO/IEC JTC 1, Technologies de l'information,
sous-comité SC 27, Sécurité de l'information, cybersécurité et protection de la vie privée, en collaboration
avec le comité technique CEN/CLC/JTC 13, Cybersécurité et protection des données, du Comité européen de
normalisation (CEN), conformément à l'Accord de coopération technique entre l'ISO et le CEN (Accord de
Vienne).
Cette deuxième édition annule et remplace la première édition (ISO/IEC 15408-5:2022), qui fait l'objet d'une
révision technique.
Les principales modifications sont les suivantes:
— la terminologie a été revue et mise à jour;
— des erreurs ont été corrigées.
Une liste de toutes les parties de la série ISO/IEC 15408 se trouve sur le site web de l'ISO.
Il convient que l'utilisateur adresse tout retour d'information ou toute question concernant le présent
document à l'organisme national de normalisation de son pays. Une liste exhaustive desdits organismes se
trouve aux adresses www.iso.org/fr/members.html et www.iec.ch/national-committees.

© ISO/IEC 2025 – Tous droits réservés
vi
ISO/IEC FDIS 15408-5:2025(fr)
Introduction
Le présent document fournit des paquets prédéfinis d'exigences en matière de sécurité. Ces exigences en
matière de sécurité peuvent être utiles aux parties prenantes qui s'efforcent d'assurer la conformité des
évaluations. Les paquets d'exigences de sécurité peuvent également contribuer à réduire les efforts pour
développer des profils de protection (PP) et des cibles de sécurité (ST).
L'ISO/IEC 15408-1 définit le terme «paquet» et décrit les concepts fondamentaux relatifs aux paquets.
Le présent document met en relief:
— les niveaux d'assurance de l'évaluation (EAL) (voir Article 4, famille de paquets qui spécifie des ensembles
prédéfinis de composants d'assurance de sécurité qui peuvent être référencés dans les PP et les ST et qui
précisent les assurances de sécurité appropriées à fournir lors de l'évaluation d'une cible d'évaluation (TOE);
— les paquets d'assurance composés (CAP) (voir Article 5, famille de paquets qui spécifie des ensembles de
composants d'assurance de sécurité utilisés pour déterminer les assurances de sécurité appropriées à
fournir au cours d'une évaluation de TOE composées;
— les paquets de produits composites (COMP) (voir Article 6), famille de paquets qui spécifie un ensemble
de composants d'assurance de sécurité utilisés pour déterminer les assurances de sécurité appropriées
à fournir lors de l'évaluation des TOE d'un produit composite;
— les assurances du profil de protection (PPA) (voir Article 7), famille de paquets qui spécifie des ensembles
de composants d'assurance de sécurité utilisés pour déterminer les assurances de sécurité appropriées à
fournir lors de l'évaluation d'un profil de protection;
— les assurances de la cible de sécurité (STA) (voir Article 8), famille de paquets qui spécifie des ensembles
de composants d'assurance de sécurité utilisés pour déterminer les assurances de sécurité appropriées
à fournir lors de l'évaluation d'une cible de sécurité.
Dans le présent document, les caractères gras sont utilisés pour mettre en évidence les relations
hiérarchiques entre les objectifs du paquet. Cette convention d'écriture impose les caractères gras à tous les
nouveaux objectifs.
© ISO/IEC 2025 – Tous droits réservés
vii
PROJET FINAL Norme internationale ISO/IEC FDIS 15408-5:2025(fr)
Sécurité de l'information, cybersécurité et protection de
la vie privée — Critères d'évaluation pour la sécurité des
technologies de l'information —
Partie 5:
Paquets prédéfinis d'exigences de sécurité
1 Domaine d'application
Le présent document fournit des paquets d'exigences fonctionnelles de sécurité et d'assurance de sécurité
qui sont destinés à être utiles à l'appui d'une utilisation commune par les parties prenantes.
Les utilisateurs du présent document comprennent les consommateurs, les développeurs et les évaluateurs
de produits TI sûrs.
2 Références normatives
Les documents suivants sont cités dans le texte de sorte qu'ils constituent, pour tout ou partie de leur
contenu, des exigences du présent document. Pour les références datées, seule l'édition citée s'applique. Pour
les références non datées, la dernière édition du document de référence s'applique (y compris les éventuels
amendements).
1)
ISO/IEC 15408-1:— , Sécurité de l’information, cybersécurité et protection de la vie privée — Critères
d’évaluation pour la sécurité des technologies de l’information — Partie 1: Introduction et modèle général
2)
ISO/IEC 15408-3:— , Sécurité de l’information, cybersécurité et protection de la vie privée — Critères
d’évaluation pour la sécurité des technologies de l’information — Partie 3: Composants d’assurance de sécurité
3 Termes et définitions
Pour les besoins du présent document, les termes et définitions de l'ISO/IEC 15408-1:— et
l'ISO/IEC 15408-3:— s'appliquent.
L'ISO et l'IEC tiennent à jour des bases de données terminologiques destinées à être utilisées en normalisation,
consultables aux adresses suivantes:
— ISO Online browsing platform: disponible à l'adresse https:// www .iso .org/ obp:
— IEC Electropedia: disponible à l'adresse https:// www .electropedia .org.
4 Niveaux d'assurance de l'évaluation (EAL)
4.1 Nom de la famille
Le nom de cette famille de paquets est Niveaux d'assurance de l'évaluation (EAL).
1) En cours d'élaboration. Stade à la date de publication: ISO/IEC FDIS 15408-1:2025.
2) En cours d'élaboration. Stade à la date de publication: ISO/IEC FDIS 15408-3:2025.

© ISO/IEC 2025 – Tous droits réservés
ISO/IEC FDIS 15408-5:2025(fr)
4.2 Vue d'ensemble de la famille
4.2.1 Généralités
Les EAL fournissent une échelle croissante qui permet d'obtenir un équilibre entre le niveau d'assurance
obtenu et le coût et la faisabilité nécessaires pour parvenir à ce degré d'assurance. L'approche de
l'ISO/IEC 15408-1:— identifie les concepts séparés d'assurance dans une TOE à la fin de l'évaluation, et de
maintenance de cette assurance pendant l'exploitation opérationnelle de la TOE.
NOTE Toutes les familles et tous les composants indiqués dans l'ISO/IEC 15408-3:— ne sont pas inclus dans les
EAL. Cela ne veut pas dire que ces familles et composants ne fournissent pas une assurance significative et souhaitable.
En fait, il est prévu de pouvoir les prendre en compte pour augmenter un EAL dans les Profils de protection (PP) et les
Cibles de sécurité (ST) pour lesquels ils seront utiles. En outre, certaines classes figurant dans l'ISO/IEC 15408-3:— ne
sont pas pertinentes pour les EAL. La Classe APE: évaluation du profil de protection (PP) (voir ISO/IEC 15408-3:—,
Article 7) et la Classe ACO: Composition (voir ISO/IEC 15408-3:—, Article 15) sont des exemples de ces classes.
Un ensemble de composants d'assurance a été sélectionné pour chaque EAL.
Un niveau d'assurance plus élevé que celui procuré par un EAL donné peut être obtenu:
— en incluant des composants d'assurance supplémentaires pris dans d'autres familles d'assurance; ou
— en remplaçant un composant d'assurance par un composant d'assurance de niveau plus élevé pris dans
la même famille d'assurance.
4.2.2 Relation entre exigences et niveaux d'assurance
La Figure 1 représente la relation entre les exigences d'assurance de la sécurité (SAR) issues de
l'ISO/IEC 15408-3:— et les niveaux d'assurance définis dans le présent document. Alors que les composants
d'assurance se décomposent encore en éléments d'assurance, les éléments d'assurance ne peuvent pas être
référencés individuellement par les niveaux d'assurance.

© ISO/IEC 2025 – Tous droits réservés
ISO/IEC FDIS 15408-5:2025(fr)
NOTE La flèche dans la figure représente une référence d'un EAL vers un composant d'assurance à l'intérieur de
la classe où il est défini.
Figure 1 — Correspondance entre exigences et niveaux d'assurance
Le Tableau 1 constitue un résumé des EAL.

© ISO/IEC 2025 – Tous droits réservés
ISO/IEC FDIS 15408-5:2025(fr)
Tableau 1 — Résumé des niveaux d'assurance de l'évaluation
Classe d'assu- Famille EAL1 EAL2 EAL3 EAL4 EAL5 EAL6 EAL7
rance d'assurance
ADV (Développe- ADV_ARC 1 1 1 1 1 1
ment)
ADV_FSP 1 2 3 4 5 5 6
ADV_IMP  1 1 2 2
ADV_INT  2 3 3
ADV_SPM   1 1
ADV_TDS 1 2 3 4 5 6
AGD (Guides AGD_OPE 1 1 1 1 1 1 1
d'orientation)
AGD_PRE 1 1 1 1 1 1 1
ALC (prise en ALC_CMC 1 2 3 4 4 5 5
charge du cycle de
ALC_CMS 1 2 3 4 5 5 5
vie)
ALC_DEL 1 1 1 1 1 1
ALC_DVS 1 1 1 2 2
ALC_LCD 1 1 1 1 2
ALC_TAT  1 2 3 3
ASE (Évaluation de ASE_CCL 1 1 1 1 1 1 1
la cible de sécurité
ASE_ECD 1 1 1 1 1 1 1
(ST))
ASE_INT 1 1 1 1 1 1 1
ASE_OBJ 1 2 2 2 2 2 2
ASE_REQ 1 2 2 2 2 2 2
ASE_SPD 1 1 1 1 1 1
ASE_TSS 1 1 1 1 1 1 1
ATE (Essais) ATE_COV 1 2 2 2 3 3
ATE_DPT 1 1 3 3 4
ATE_FUN 1 1 1 1 2 2
ATE_IND 1 2 2 2 2 2 3
AVA (Évaluation de AVA_VAN 1 2 2 3 4 5 5
la vulnérabilité)
Les colonnes représentent un ensemble hiérarchiquement ordonné d'EAL, tandis que les lignes représentent
les familles d'assurance. Chaque numéro indiqué dans la matrice qui en résulte identifie un composant
d'assurance spécifique lorsque cela est applicable.
Les éléments marqués en gris ne sont pas applicables dans la spécification des EAL. Toutefois, ils peuvent
être utilisés pour augmenter le paquet de l'EAL.
NOTE Bien que les familles ALC_FLR (Correction des défaillances) (voir ISO/IEC 15408-3:—, 12.6) et ALC_
TDA (Artefacts de développement de la TOE) (voir ISO/IEC 15408-3:—, 12.8) ne soient pas représentées, elles sont
souvent utilisées comme augmentation des EAL.
4.3 Objectifs de la famille
Sept niveaux d'assurance de l'évaluation, hiérarchiquement ordonnés, sont définis dans le présent document
pour la cotation de l'assurance de la TOE. Ils sont hiérarchiquement ordonnés en ce sens que chaque EAL
procure plus d'assurance que tous les EAL qui lui sont inférieurs. L'augmentation de l'assurance d'un EAL à
l'autre est réalisée par la substitution d'un composant d'assurance par un composant hiérarchique provenant
de la même famille d'assurance (c'est-à-dire augmentation de la rigueur, du champ d'application et du degré
d'approfondissement) et par l'addition de composants d'assurance provenant d'autres familles d'assurance
(c'est-à-dire ajoutant de nouvelles exigences).

© ISO/IEC 2025 – Tous droits réservés
ISO/IEC FDIS 15408-5:2025(fr)
Ces EAL consistent en une combinaison pertinente de composants d'assurance, comme cela est décrit dans
l'ISO/IEC 15408-3:—. Plus précisément, chaque EAL n'inclut pas plus d'un composant de chaque famille
d'assurance et toutes les dépendances d'assurance de chaque composant sont prises en compte.
La notion d'«augmentation» pour un EAL autorise l'addition de composants d'assurance (provenant de
familles d'assurance qui ne sont pas déjà incluses dans l'EAL) ou la substitution de composants d'assurance
(par un autre composant d'assurance hiérarchique provenant de la même famille d'assurance). Parmi les
structures d'assurance définies dans l'ISO/IEC 15408-1:—, seuls les EAL peuvent être augmentés. La notion
d'un «EAL diminué d'un de ses composants d'assurance» n'est pas reconnue dans l'ISO/IEC 15408-1:—
comme une annonce valide. L'augmentation entraîne l'obligation pour celui qui en use de justifier l'utilité et
la valeur ajoutée du composant d'assurance ajouté à l'EAL. Un EAL peut aussi être étendu à l'aide d'exigences
d'assurance explicitement spécifiées.
NOTE Un EAL ne peut pas être augmenté s'il est inclus dans une ST qui revendique la conformité exacte à un PP.
4.4 Niveau d'assurance de l'évaluation 1 (EAL1) — Testé fonctionnellement
4.4.1 Nom du paquet
Le nom du paquet est Niveau d'assurance de l'évaluation 1 (EAL1) — Testé fonctionnellement.
4.4.2 Type de paquet
Il s'agit d'un paquet d'assurance.
4.4.3 Vue d'ensemble des paquetages
Le niveau EAL1 est applicable quand une certaine confiance dans un fonctionnement correct est exigée, mais
que les menaces contre la sécurité ne sont pas considérées comme sérieuses. Quand une assurance, obtenue
de façon indépendante, est nécessaire pour confirmer qu'un soin approprié aura été apporté pour protéger
les informations personnelles ou similaires, l'application du niveau EAL1 est recommandée.
Le niveau EAL1 nécessite seulement une ST limitée. Il suffit simplement d'énoncer les exigences
fonctionnelles de sécurité (SFR) pour la TOE, plutôt que de les déduire des menaces, des politiques de
sécurité de l'organisation (OSP) et des hypothèses par l'intermédiaire des objectifs de sécurité.
Le niveau EAL1 permet d'obtenir une évaluation de la TOE, telle qu'elle est disponible à l'utilisateur,
comprenant des tests indépendants par rapport à une spécification, ainsi qu'un examen des guides fournis.
Une évaluation EAL1 doit pouvoir être réalisée avec succès sans l'assistance du développeur de la TOE et
avec un coût minimal.
Une évaluation effectuée à ce niveau procure des éléments de preuve que la TOE fonctionne d'une manière
conforme à celle décrite dans sa documentation.
4.4.4 Objectifs du paquet
Le niveau EAL1 procure un niveau d'assurance élémentaire en fournissant une ST limitée et une
analyse des SFR de cette ST, à partir des spécifications fonctionnelles et d'interfaces ainsi que des
guides, afin de comprendre le comportement de sécurité.
L'analyse est confortée par une recherche des vulnérabilités potentielles dans le domaine public et
par des tests indépendants (fonctionnels et de pénétration) de la fonction de sécurité de la TOE (TSF).
Le niveau EAL1 procure également une assurance par une identification unique de la TOE et des
documents d'évaluation pertinents.
Cet EAL procure un accroissement significatif de l'assurance par rapport à un produit TI non évalué.

© ISO/IEC 2025 – Tous droits réservés
ISO/IEC FDIS 15408-5:2025(fr)
4.4.5 Composants du paquet
Le Tableau 2 présente les composants d'assurance inclus dans l'EAL1.
Tableau 2 — EAL1
Classe d'assurance Composant d'assurance
ADV (Développement) ADV_FSP.1 (Spécification fonctionnelle de base)
AGD (Guides d'orientation) AGD_OPE.1 (Guide opérationnel de l'utilisateur)
AGD_PRE.1 (Guide préparatoire)
ALC (prise en charge du cycle de vie) ALC_CMC.1 (Étiquetage de la TOE)
ALC_CMS.1 (Couverture de la CM de la TOE)
ASE (Évaluation de la cible de sécurité (ST)) APE_CCL.1 (Revendications de conformité)
ASE_ECD.1 (Définition étendue des composants)
ASE_INT.1 (Introduction de la ST)
ASE_OBJ.1 (Objectifs de sécurité pour l'environnement opérationnel)
ASE_REQ.1 (Exigences de sécurité avec argumentaire direct)
ASE_TSS.1 (Spécifications globales de la TOE)
ATE (Essais) ATE_IND.1 (Tests indépendants - conformité)
AVA (Évaluation de la vulnérabilité) AVA_VAN.1 (Étude des vulnérabilités)
4.5 Niveau d'assurance de l'évaluation 2 (EAL2) — Testé structurellement
4.5.1 Nom du paquet
Le nom du paquet est Niveau d'assurance de l'évaluation 2 (EAL2) — Testé structurellement.
4.5.2 Type de paquet
Il s'agit d'un paquet d'assurance.
4.5.3 Vue d'ensemble des paquetages
Le niveau EAL2 nécessite la coopération du développeur pour la livraison des informations de conception et
des résultats de tests mais il convient qu'il n'exige pas plus d'efforts de la part du développeur que ce qui est
compatible avec une bonne pratique commerciale. Ainsi, il convient de ne pas entraîner un investissement
substantiellement accru en termes de coûts et de délais.
Le niveau EAL2 s'applique par conséquent dans les circonstances où les développeurs et les utilisateurs
exigent un niveau élémentaire à modéré de sécurité assurée de manière indépendante en l'absence de
disponibilité immédiate du dossier complet de développement. Une telle situation peut surveni
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

This May Also Interest You

ISO
ISO/IEC 27566-1:2025(Main)
Information security, cybersecurity and privacy protection — Age assurance systems — Part 1: Framework

This document establishes a framework for age assurance systems and describes their core characteristics, including privacy and security, for enabling age-related eligibility decisions.

  • Standard
    29 pages
    English language
    sale 15% off
ISO
ISO/IEC 29192-1:2012/Amd 1:2025(Amendment)
Information technology — Security techniques — Lightweight cryptography — Part 1: General — Amendment 1
  • Standard
    2 pages
    English language
    sale 15% off
ISO
ISO/IEC 19896-3:2025(Main)
Information security, cybersecurity and privacy protection — Requirements for the competence of IT security conformance assessment body personnel — Part 3: Knowledge and skills requirements for evaluators and reviewers according to the ISO/IEC 15408 series and ISO/IEC 18045

This document provides the specialized requirements for individuals to demonstrate competence in performing IT product security evaluations and reviews according to the ISO/IEC 15408 series and ISO/IEC 18045. NOTE It is possible that evaluators and testers belong to bodies operating under ISO/IEC 17025 and reviewers belong to bodies operating under ISO/IEC 17065.

  • Standard
    46 pages
    English language
    sale 15% off
  • Standard
    48 pages
    French language
    sale 15% off
ISO
ISO/IEC 19896-1:2025(Main)
Information security, cybersecurity and privacy protection — Requirements for the competence of IT security conformance assessment body personnel — Part 1: Overview and concepts

This document establishes an organized set of concepts and relationships to understand the competency requirements for information security conformance-testing and evaluation specialists, thereby establishing a basis for shared understanding of the concepts and principles central to the ISO/IEC 19896 series across its user communities.

  • Standard
    12 pages
    English language
    sale 15% off
  • Standard
    13 pages
    French language
    sale 15% off
ISO
ISO/IEC 27404:2025(Main)
Cybersecurity — IoT security and privacy — Cybersecurity labelling framework for consumer IoT

This document defines a cybersecurity labelling framework for the development and implementation of cybersecurity labelling programmes for consumer Internet of things (IoT) products. It provides requirements and guidance on the following topics: — risks and threats associated with consumer IoT products; — stakeholders, roles and responsibilities; — relevant standards and guidance documents; — conformity assessment; — labelling issuance and maintenance; — mutual recognition. This document is limited to consumer IoT products, such as: — IoT gateways, base stations and hubs to which multiple devices connect; smart cameras, televisions, and speakers; — wearable devices; — connected smoke detectors, door locks and window sensors; — connected home automation and alarm systems; — connected appliances, such as washing machines and fridges; — smart home assistants; and — connected children’s toys and baby monitors. Products that are not intended for consumer use are excluded from this document. Examples of excluded devices are those that are primarily intended for manufacturing, healthcare and other industrial purposes. This document is applicable to consumers, developers, issuing bodies of cybersecurity labels and conformity assessment bodies.

  • Standard
    63 pages
    English language
    sale 15% off
ISO
ISO/IEC 27706:2025(Main)
Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of privacy information management systems

This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701, in addition to the requirements contained within ISO/IEC 17021-1. The requirements contained in this document are demonstrated in terms of competence and reliability by bodies providing PIMS certification. The guidance contained in this document provides additional interpretation of these requirements for bodies providing PIMS certification. NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Standard
    24 pages
    English language
    sale 15% off
  • Standard
    25 pages
    French language
    sale 15% off
ISO
ISO/IEC 27701:2025(Main)
Information security, cybersecurity and privacy protection — Privacy information management systems — Requirements and guidance

This document specifies requirements for establishing, implementing, maintaining and continually improving a privacy information management system (PIMS). Guidance is also provided to assist in the implementation of the requirements in this document. This document is intended for personally identifiable information (PII) controllers and PII processors holding responsibility and accountability for PII processing. This document is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations.

  • Standard
    64 pages
    English language
    sale 15% off
  • Standard
    71 pages
    French language
    sale 15% off
ISO
ISO/IEC TS 27564:2025(Main)
Privacy protection — Guidance on the use of models for privacy engineering

This document provides guidance on how to use modelling in privacy engineering. It describes categories of models that can be used, the use of modelling to support engineering, and the relationships with other references, including International Standards on privacy engineering and on modelling. It provides high-level use cases describing how models are used.

  • Technical specification
    32 pages
    English language
    sale 15% off
ISO
ISO/IEC 24760-3:2025(Main)
Information security, cybersecurity and privacy protection — A framework for identity management — Part 3: Practice

This document: — provides requirements and guidance for the management of identity information and for ensuring that an identity management system conforms to ISO/IEC 24760-1 and ISO/IEC 24760-2; — is applicable to any information system where information relating to identity is processed or stored; — is considered to be a horizontal document for the following reasons: — it applies concepts such as distinguishing the term “identity” from the term “identifier” on the implementation of systems for the management of identity information and on the requirements for the implementation and operation of a framework for identity management, — it provides an important contribution to assess identity management systems with regard to their privacy-friendliness and their ability to assure the relevant attributes of an identity, and consequently it provides a foundation and a common understanding for any other standard addressing identity, identity information, and identity management.

  • Standard
    31 pages
    English language
    sale 15% off
ISO
ISO/IEC 24760-1:2025(Main)
Information security, cybersecurity and privacy protection — A framework for identity management — Part 1: Core concepts and terminology

This document: — defines terms for identity management and specifies core concepts of identity and identity management, and their relationships; — is applicable to any information system where information relating to identity is processed or stored; — is considered to be a horizontal document for the following reasons: ¾ it applies concepts such as distinguishing the term “identity” from the term “identifier” on the implementation of systems for the management of identity information and on the requirements for the implementation and operation of a framework for identity management, ¾ it provides an important contribution to assess identity management systems with regard to their privacy-friendliness and their ability to assure the relevant attributes of an identity, and consequently it provides a foundation and a common understanding for any other standard addressing identity, identity information, and identity management.

  • Standard
    23 pages
    English language
    sale 15% off