Building on its global expertise in device and cybersecurity testing, Keysight has achieved accreditation as an IT Security Evaluation Facility (ITSEF) under the EU Cybersecurity Certification Scheme on Common Criteria (EUCC). This designation authorizes Keysight’s Device Security Lab in Delft, Netherlands, to conduct substantial and high-assurance level security evaluations. These assessments support certification for critical information and communication technology (ICT) products, including secure hardware, smartcards, and software solutions.
The Common Criteria (CC) framework serves as a globally accepted benchmark for assessing and certifying the security of IT products. Within Europe, it has long established a harmonized and trustworthy foundation for high-assurance evaluations through mutual recognition among national certification bodies. The newly introduced EUCC, developed under the EU Cybersecurity Act (Regulation (EU) 2019/881), further strengthens this system by offering a unified European approach to cybersecurity certification.
With extensive experience in the Common Criteria domain, Keysight’s experts assist clients in managing complex certification processes, optimizing evaluation timelines, and aligning with evolving cybersecurity mandates. Their proven expertise now extends seamlessly into the EUCC framework.
Why EUCC Certification Is Important
EUCC certification delivers a single, trusted mark of security assurance, reducing the complexity of compliance for manufacturers and increasing user confidence. It holds particular significance in sectors where cybersecurity is both a core requirement and a competitive advantage, such as:
Payments & Digital Identity: eSE/iSE/eID solutions, smartcards, HSMs, and cryptographic libraries Networking & Cloud/Enterprise IT: network infrastructure, software, and enterprise platforms Semiconductor & Embedded/IoT: secure integrated circuits, IoT modules, and connected devices Automotive & Industrial: vehicle connectivity systems, industrial gateways, and controllers Public Sector & Citizen ID: government-level identification and access management systems The Common Criteria (CC) framework serves as a globally accepted benchmark for assessing and certifying the security of IT products. Within Europe, it has long established a harmonized and trustworthy foundation for high-assurance evaluations through mutual recognition among national certification bodies. The newly introduced EUCC, developed under the EU Cybersecurity Act (Regulation (EU) 2019/881), further strengthens this system by offering a unified European approach to cybersecurity certification.
With extensive experience in the Common Criteria domain, Keysight’s experts assist clients in managing complex certification processes, optimizing evaluation timelines, and aligning with evolving cybersecurity mandates. Their proven expertise now extends seamlessly into the EUCC framework.
Why EUCC Certification Is Important
EUCC certification delivers a single, trusted mark of security assurance, reducing the complexity of compliance for manufacturers and increasing user confidence. It holds particular significance in sectors where cybersecurity is both a core requirement and a competitive advantage, such as:
EUCC-certified products offer independent assurance that ICT systems are robust against vulnerabilities. This certification not only builds trust and reliability but also provides market advantages, as it is recognized throughout the European Union, removing the need for multiple national certifications and accelerating time-to-market. As a result, Keysight’s clients can enter and compete in Europe’s unified digital market more efficiently.
“Keysight’s EUCC accreditation allows us to test and certify both hardware and software products to meet Europe’s most stringent cybersecurity standards,” said Gerrit van der Bij, Compliance Lead at Keysight Device Security Lab. “EUCC also serves as a compliance pathway for the Cyber Resilience Act (CRA), meaning certified products are presumed compliant with CRA requirements. This significantly streamlines our customers’ journey to deliver secure solutions to market.”
Advancing Toward Post-Quantum Security
With cryptographic standards evolving, the EUCC framework is adapting to post-quantum security requirements. The 2025 revision of the Agreed Cryptographic Mechanisms (ACM) will incorporate Post-Quantum Cryptography (PQC) algorithms, emphasizing hybrid cryptographic approaches to ensure long-term resilience.
Keysight supports organizations through this transition by providing strategic guidance on implementing hybrid cryptography and enabling future-proof, quantum-resistant security for critical systems across multiple industries.
Click here to know about Keysight Device Security solutions and services.
“Keysight’s EUCC accreditation allows us to test and certify both hardware and software products to meet Europe’s most stringent cybersecurity standards,” said Gerrit van der Bij, Compliance Lead at Keysight Device Security Lab. “EUCC also serves as a compliance pathway for the Cyber Resilience Act (CRA), meaning certified products are presumed compliant with CRA requirements. This significantly streamlines our customers’ journey to deliver secure solutions to market.”
Advancing Toward Post-Quantum Security
With cryptographic standards evolving, the EUCC framework is adapting to post-quantum security requirements. The 2025 revision of the Agreed Cryptographic Mechanisms (ACM) will incorporate Post-Quantum Cryptography (PQC) algorithms, emphasizing hybrid cryptographic approaches to ensure long-term resilience.
Keysight supports organizations through this transition by providing strategic guidance on implementing hybrid cryptography and enabling future-proof, quantum-resistant security for critical systems across multiple industries.
Click here to know about Keysight Device Security solutions and services.