Accelerated Security Certification

The fast path to the German security certificate

IT security is a competitive advantage

IT security is crucial to your customers’ purchasing decisions. This applies to both private and commercial customers.

The certified security of your product is a significant competitive advantage!

With the German IT security certificate

  • you prove the security of your product
  • you stand out from your competitors and
  • win the trust of your customers!

Certify your own product

The Federal Office for Information Security of Germany
The German Federal Office for Information Security awards the German IT Security Certificate.

As a certified testing laboratory, we carry out the required security assessment of your product.

We assist you through the entire process from the initial application to the certification.

Are you interested in the Accelerated Security Certification or do you have questions?

Contact us!

Your advantages

National quality label

The German IT Security Certificate is awarded by the German Federal Office for Information Security. With this national quality label you provide your customers with impressive proof of your product’s high level of security and show them the high value you put on IT security.

Low effort for documentation

Accelerated security certification looks at the actual security of your product. In contrast to other certification procedures a risk-based approach is chosen. As a result, your documentation effort is minimal and the duration and costs of certification are significantly reduced.

Variable scope

You define the typical usage scenario of your product and decide, which functions are included in the accelerated security certification. Only core functions and basic security functions are mandatory. The risk-based approach of the Accelerated Security Certification focuses on the essentials!

Reliable results

We summarize the results of our security analysis for you in detail in a written report. After the assessment and approval by the the BSI, you will receive a comprehensive overview of the security level of your product.

Fast implementation

The entire duration from the placing of the order to the certification of your product by the BSI is only about three months. We carry out the Accelerated Security Certification in a binding timeframe agreed upon with you. This gives you a high degree of scheduling certainty.

You would like to learn more about the implementation of the Accelerated Security Certification?

Contact us!

The three pillars of certification

The three pillars of certification

Compliance with IT security requirements

Your product complies with the state of the art.

This includes for example:

  • Passwords can be changed.
  • Confidential communication is encrypted.
  • Updates are installed securely.

Full details of these requirements are given in AIS-B6.

Resilience to attacks

Your product withstands attacks from hackers.

We demonstrate this through a penetration test. We take on the role of a professional attacker and test the resistance of your product.

Full details of these requirements are given in AIS-B4.

Guaranteed security updates

Your product is secure in the long run.

If a vulnerability should arise after successful certification, you will provide an update.

The duration of this update guarantee is chosen by you. However, it should be based on the the typical duration of use of the product.

The path to your certificate

Assembling information

Accelerated security certification looks at the actual security of your product. The information required for certification include only three short documents:

  • Installation instructions for secure operation The Secure User Guidance explains to the customer how to set up your product to a secure operating condition. Full details of these requirements are given in AIS-B3.

  • Security Target
    In the security target, you define the typical usage scenario of your product. You specify the information to be protected and the protective measures implemented by the product. Here you define which functions will be considered in the certification. The length should not exceed 10 pages. The document is described in AIS-B1.

  • Description of the cryptographic mode of operation In the description of the cryptographic functionality you list the supported cryptographic methods and functions of your product. The requirements are listed in AIS-B2.

We will be glad to answer your questions and support you in this step.

Contact us!

Applying for the certificate

With the information collected, you submit the application for the German IT security certificate to the BSI. We accompany you in this process by checking the application for completeness and plausibility.

You send us samples of your device. Now all requirements are fulfilled and we start with the assessment of your product.

Assessment of your product

We examine your product. Thereby we check the conformity and resistance according to your security requirements. The results are reported in a detail.

Award of the certificate

We inform the Federal Office for Information Security of out results of the assessment. If your product meets all the requirements the BSI awards your product with the German IT Security Certificate.

The perfect partner

OpenSource Security …

  • is a labratory approved by the BSI.
  • has many years of experience in the field of IT security.
  • has already participated in the pilot phase of the Accelerated Security Certification.
  • can comprehensively examine complex and specialized systems.
  • can support you in the development of your products.

Contact

Do you have questions about Accelerated Security Certification? Write us an us an e-mail or arrange a non-binding meeting!

  • OpenSource Security GmbH
    Am Bahnhof 3-5
    48565 Steinfurt
  • info@os-s.de
  • Beschwerden/Complaints
    beschwerde@os-s.de
    complaints@os-s.de
  • +49 (0)2552 / 927009-0
  • +49 (0)2552 / 927009-9
  • Prüfstelle BSI-APS-9058
  • Geschäftsführer: Ralf Spenneberg, Hendrik Schwartke
  • Ust.-Id.Nr.: DE 815 773 501
  • Registergericht: Amtsgericht Steinfurt, HRB 12044
  • Inhaltlich Verantwortlicher gemäß §6 MDStV: Ralf Spenneberg
  • Privacy Information