- Email: [email protected]
IT certification in Europe
169
IT Certification in Europe W.K.
WIECHERS
1.
Introduction
KEMA, Postbus 9035, 6800 El" Arnhem, The Netherlands
The establishment of a European market for IT products requires not only the development of standards but also an adequate system for certification of conformity to these standards. Certification is particularly needed in the area of open systems interconnection to protect users against incompatibility of equipment. Certification of IT products differs from other forms of product certification. For instance test specifications are very often purposely not included in IT standards. In the IT certifications schemes the development and approval of test methods have also to be dealt with. A proposal for a European IT certification scheme has been developed by C E N / C E N E L E C / C E P T . This proposal contains on the one hand the actions to be taken to set up IT certification activities in particular in the OSI area; on the other hand the organisational structure required to ensure mutual recognition of IT certificates throughout Europe. IT certification will furthermore be stimulated by the EEC funded programme for the development of IT testing services. The main aspects of these developments and proprosals will be explained and the progress on the policy discussion will be given. Kevwords: Information Technology, Certification, Standards, Test Methods, Mutual Recognition of Certification.
W.K. Wieehers was born in 1940. He studied physics at the Technical University in Delft. After graduating in 1966 he joined KEMA, the central testing, quality control, research and engineering institute of the Dutch electric utilities. His first responsibility was the creation of a computer department. In 1973 he became head of KEMA's electrical testing Division, in 1977 deputy managing director and in 1982 managing director of KEMA and in this position he became more directly involved in the general problems of the electricity supply industry which lead in 1982 to his appointment as general secretary of the association of the Dutch electric utilities (VEEN). In 1981 Mr. Wiechers was elected as vice president and in 1983 as president of CENELEC for the statutory period of two years. North-Holland Computer Standards & Interfaces 7 (1988) 169-173
Interworking is the keywork in all present-day discussions on IT. The ability of products from different manufacturers to be interconnected and perform the tasks that are required is the essential factor for the further development of IT and for the establishment of a European market for IT products. Interworking requires on the one hand standards that define the relevant product characteristics. On the other hand it requires an adequate system for the certification of conformity to these standards. It should be stressed that testing and certification is never a goal in itself, but only a means by which buyers can protect themselves against certain risks, such as: unsafe product; inability to function properly in connection with other products; insufficient durability; other incorrect functional characteristics. Certification is a business like any other business. It can only succeed if there is a market: in other words a need among buyers to be protected against certain risks. Buyers of IT-products will and can judge a number of product characteristics themselves. Buyers of an electronic game will judge themselves whether they like the game or not and if it works properly. However, there are product characteristics which are difficult to evaluate for individual buyers and as a result they will look for other ways to get the assurance they are looking for. Interworking is one of the most prominent examples of such a characteristic. It is difficult to judge whether products interwork properly also in abnormal situations. Furthermore buyers want to have the assurance that systems can be expanded and partly replaced with new products without problems. This leads to the conclusion that the European IT policy requires not only the definition of the necessary standards for interworking but also a European IT certification system. The joint efforts of C E N / C E N E L E C and CEPT in the IT field which are controlled by the
0920-5489/88/$3.50 © 1988, Elsevier Science Publishers B.V. (North-Holland)
170
W.K. Wiechers / I T Certification in Europe
IT Steering Committee (ITSTC) concentrated subsequently not only on standardisation but also on the development of proposals for a European IT certification scheme. This proposal was developed by the ITAEGC. This advisory expert group concentrated its work on: - priorities in IT-certification; -the design of a European IT-certification scheme. Before presenting its recommendations I would like to make some general remarks on the principles of certification.
2. P r i n c i p l e s
TEST
COMPLIANCE
?
of Certification
Generally speaking, product certification implies (see Fig. 1): - design approval, through testing of conformity to a standard; - assurance that products of approved designs are properly manufactured, through the use of mechanisms like market surveillance, factory inspection, control of manufacturers' quality assurance, etc. In the IT field, the main emphasis in the discussions concerning certification is on the problem of design approval through type testing. This is understandable, since techniques for design approval have to be generally available and accepted before a meaningful discussion on manufacturing control can be started. The latter aspect should, however, not be forgotten. Buyers are not only interested in approved designs but also, and in particular, in the capabilities of the individual product. In product certification - if limited to design
Fig. 2. Two Phases of Product Certification when Limited to Design Approval.
approval - two phases can be identitleil (see Fig. 2): - testing; - evaluation of test results to see if they comply with the technical requirements of the standard. In many cases test methods and technical requirements are both in the standard. This is by no means a necessity and may even imply a number of disadvantages. The IT standards presently under development do not incorporate test methods. Test methods will have to be defined separately, which leads in the IT field to the situation illustrated in Fig. 3. 3. Priorities
CERTIFICATE OF CONFORMITY
Y DESIGN
CONFIDENCE
APPROVAL
PRODUCTS ACCORDING TO APPROVED
THAT DESIGN
ARE MANIFACTURED
Fig. 1. Product Certification.
CERTIFICATE
in IT-Certification
Considering the many items that are being discussed in IT priority-setting is of utmost importance. The limited amount of experts knowledgeable in this field can only be used effectively if clear priorities are defined. ITAEGC is of the opinion that basically there are two priority areas: - open system interconnection (OSI); - software portability. The efforts to develop certification techniques and services should be directed to these two areas.
W.K. Wiechers / I T Certification in Europe
I
I
TEST METHOD
I
4. European IT-Certification
TEST
STANDARD
?
COMPLIANCE
CERTIFICATE
Fig. 3. Present Situation in Information Technology where IT Standards Do Not Comprise Test Methods.
COUNTRY
A
Completely independent IT certification for each of the different European countries is quite unacceptable as it results in: - unnecessary duplication of work; - p r e v e n t i o n of the establishment of a truly European IT market. When setting up a structure for an international certification system, there are basically two alternatives: the establishment of a central European certification institute: - to guarantee within Europe mutual recognition of national certification activities. Although in theory the first solution seems to be the most attractive, in practice the second approach may be more effective. All existing and operating European certification schemes are based on this principle. It seems that this approach should also then be chosen in the IT field. ITAEGC also took mutual recognition as the basis for its proposals. A mutual recognition is impossible without generally accepted standards and test specifications (see Fig. 4).
c
B
I l
HARMON
I S ED
TEST
TEST
TEST
I .
H A R M O N I S E D
l
I
METHOD
TEST
.
.
.
171
----I -~I
.
I
t
STANDARD
COMPL, ?
COMPL, ?
L
] 1
I
I
I N T E R N A T I O N A L L Y
RECOGNIZED
CERTIFICATE
Fig. 4. Mutual Recognition on the Basis of Generally Accepted Standards and Test Specifications.
W.I~ Wiechers / IT Certification in Europe
172
Furthermore, it requires: mutual confidence amongst the institutes involved in testing and evaluation of test results; - proper formal procedures. The basic components of an international certification scheme on the basis of these principles are given in Fig. 5. In this scheme emphasis lies on the national level where all testing and certification activities will be performed, probably by already existing bodies. In order to achieve general recognition of harmonized certificates in the participating countries some international harmonization and coordinated is necessary. The certification scheme has to operate with a minimum of administrative overhead and economical burden. The components of the scheme are described as independent functions, which need not necessarily be carried out by separate or newly formed bodies. The necessary functions can in many cases be carried out by already existing bodies, e.g. a standardization body, a CEPT member or a government service. Also one particular -
body may comprise more than one function. In all cases provisions have to be made for a clearcut separation of responsibilities in order to ensure the necessary independence and impartiality of the different functions. At a national level the following functions can be identified: a. The National IT-Certification Coordinating Member (organization) will coordinate the national IT-Certification and is responsible at an international level for the proper functioning of the national IT-Certification activities. It should be kept in mind that problems of coordination at a national level can not be resolved internationally but should be resolved nationally. Two alternatives are possible in defining the National ITCertification Coordinating Member, it could be either the national government or a body nominated by the national government. The National IT-Certification Coordinating Member will decide on its delegation to the Management Committee for IT-Certification. b. The certification and testing activities will be
Management Committee for IT-CERTIFICATION
Testing Support Service per area
International level National level
National IT- Certification Coordinating Member
t ...........
[1 Harmonized Certificate
I--
\ Test Report
Certifying body
I
Testing Laboratory
I
t ..............
Fig. 5. Basic Components of an International Certification Scheme.
W.K. Wiechers / IT Certification in Europe
carried out by one or more Certification Bodies and one or more Testing Laboratories, which could include Manufacturer Testing Laboratories. These have to be accredited and their performance has to be monitored. The accreditation and surveillance of Certification Bodies and Testing Laboratories may be carried out by National Accreditation Schemes in countries where these are in operation. In other cases the accreditation and surveillance will be the responsibility of the National IT-Certification Coordinating Member in the international Scheme. c. A Certification Body will issue harmonized European Certificates for IT-products or processes which have been found to be in conformity with the relevant standards. d. A Testing Laboratory performs the necessary tests of IT products or processes and issues a harmonized European test report using approved test methods, tools and report formats. e. The client is a manufacturer or supplier who may have his IT product or process tested by a Testing Laboratory and who, after successful tests, may apply to a Certification Body for a harmonized European Certificate. Such a Certificate will be recognized in all other countries participating in the IT-Scheme. At the international level there are two more functions: f. The Management Committee for IT-Certification is composed of representatives of all participating National IT-Certification Coordinating Members. It will establish the specific rules which are necessary to make general recognition of harmonized European Certificates possible. Also this Committee will authorize one or more Testing Support Services for specified areas of It products or processes (e.g. OSI protocols, telecommunication terminals, language compilers, magnetic supports etc.) and manages the approval of the test methods, proposed by these Services. g. A testing Support Service will in its area of competence give support for the test methods, tools and report formats which have to be applied by the Testing Laboratories, that should be available to all interested parties. A Testing Support Service will, on request, also advise and assist in the accreditation and monitoring of Testing Laboratories with regard to specific conditions lying in its area of competence. After distributing these policy proposals more detailed rules for such a system have been made available in the form of a C E N C E R document
173
N71 Rev. 2 "Specific Rules for a Certification Scheme for Information Technology". 5. Action Plan In parallel to the policy discussion a lot of work is being done at the technical level to develop testing and certification techniques both in the OSI an non-OSI field. On the one hand the European Commission very successfully stimulated the development of conformance test services in the IT-field by partially funding a number of development projects. This encouraged international contacts between IT-testing institutes and supplied an important technical impulse at a critical moment. It can be expected that the first services as a result of these projects will become operational in this year. Furthermore quite some experience already exists within the European administrations of telecommunications and some private companies which provides a good basis for starting up certification services. Of course there is a risk that these activities lead to divergent technical solutions due to a lack of coordination. Fortunately all developers of test~ ing tools and certification services are well aware of each others activities so the developments in Europe can be expected to be in line with the international framework. Considering the availability of standards on the one hand and the expected availability of test methods and tools in the course of this year on the other hand, it is very essential to make the necessary policy decisions in the very near future and to start operational activities on the basis of these decisions. CEN, C E N E L E C and CEPT intend to do so in the first quarter of this year. In view of the amount of feed-back from different interested parties involved that will be taken into account we expect that these decisions will be supported at the political level by the EC and EFTA. In parallel a number of IT product-areas will be defined where harmonized certification can become operational. These recommendations can also be expected before the middle of this year. The result will be that at the end of this year European IT-certification will be a fact offering a number of services to the international IT-community. Once this very essential complement to the IT-standardisation has also been established we can rightly state the basic conditions are met for the further development of our information society.
IT Certification in Europe W.K.
WIECHERS
1.
Introduction
KEMA, Postbus 9035, 6800 El" Arnhem, The Netherlands
The establishment of a European market for IT products requires not only the development of standards but also an adequate system for certification of conformity to these standards. Certification is particularly needed in the area of open systems interconnection to protect users against incompatibility of equipment. Certification of IT products differs from other forms of product certification. For instance test specifications are very often purposely not included in IT standards. In the IT certifications schemes the development and approval of test methods have also to be dealt with. A proposal for a European IT certification scheme has been developed by C E N / C E N E L E C / C E P T . This proposal contains on the one hand the actions to be taken to set up IT certification activities in particular in the OSI area; on the other hand the organisational structure required to ensure mutual recognition of IT certificates throughout Europe. IT certification will furthermore be stimulated by the EEC funded programme for the development of IT testing services. The main aspects of these developments and proprosals will be explained and the progress on the policy discussion will be given. Kevwords: Information Technology, Certification, Standards, Test Methods, Mutual Recognition of Certification.
W.K. Wieehers was born in 1940. He studied physics at the Technical University in Delft. After graduating in 1966 he joined KEMA, the central testing, quality control, research and engineering institute of the Dutch electric utilities. His first responsibility was the creation of a computer department. In 1973 he became head of KEMA's electrical testing Division, in 1977 deputy managing director and in 1982 managing director of KEMA and in this position he became more directly involved in the general problems of the electricity supply industry which lead in 1982 to his appointment as general secretary of the association of the Dutch electric utilities (VEEN). In 1981 Mr. Wiechers was elected as vice president and in 1983 as president of CENELEC for the statutory period of two years. North-Holland Computer Standards & Interfaces 7 (1988) 169-173
Interworking is the keywork in all present-day discussions on IT. The ability of products from different manufacturers to be interconnected and perform the tasks that are required is the essential factor for the further development of IT and for the establishment of a European market for IT products. Interworking requires on the one hand standards that define the relevant product characteristics. On the other hand it requires an adequate system for the certification of conformity to these standards. It should be stressed that testing and certification is never a goal in itself, but only a means by which buyers can protect themselves against certain risks, such as: unsafe product; inability to function properly in connection with other products; insufficient durability; other incorrect functional characteristics. Certification is a business like any other business. It can only succeed if there is a market: in other words a need among buyers to be protected against certain risks. Buyers of IT-products will and can judge a number of product characteristics themselves. Buyers of an electronic game will judge themselves whether they like the game or not and if it works properly. However, there are product characteristics which are difficult to evaluate for individual buyers and as a result they will look for other ways to get the assurance they are looking for. Interworking is one of the most prominent examples of such a characteristic. It is difficult to judge whether products interwork properly also in abnormal situations. Furthermore buyers want to have the assurance that systems can be expanded and partly replaced with new products without problems. This leads to the conclusion that the European IT policy requires not only the definition of the necessary standards for interworking but also a European IT certification system. The joint efforts of C E N / C E N E L E C and CEPT in the IT field which are controlled by the
0920-5489/88/$3.50 © 1988, Elsevier Science Publishers B.V. (North-Holland)
170
W.K. Wiechers / I T Certification in Europe
IT Steering Committee (ITSTC) concentrated subsequently not only on standardisation but also on the development of proposals for a European IT certification scheme. This proposal was developed by the ITAEGC. This advisory expert group concentrated its work on: - priorities in IT-certification; -the design of a European IT-certification scheme. Before presenting its recommendations I would like to make some general remarks on the principles of certification.
2. P r i n c i p l e s
TEST
COMPLIANCE
?
of Certification
Generally speaking, product certification implies (see Fig. 1): - design approval, through testing of conformity to a standard; - assurance that products of approved designs are properly manufactured, through the use of mechanisms like market surveillance, factory inspection, control of manufacturers' quality assurance, etc. In the IT field, the main emphasis in the discussions concerning certification is on the problem of design approval through type testing. This is understandable, since techniques for design approval have to be generally available and accepted before a meaningful discussion on manufacturing control can be started. The latter aspect should, however, not be forgotten. Buyers are not only interested in approved designs but also, and in particular, in the capabilities of the individual product. In product certification - if limited to design
Fig. 2. Two Phases of Product Certification when Limited to Design Approval.
approval - two phases can be identitleil (see Fig. 2): - testing; - evaluation of test results to see if they comply with the technical requirements of the standard. In many cases test methods and technical requirements are both in the standard. This is by no means a necessity and may even imply a number of disadvantages. The IT standards presently under development do not incorporate test methods. Test methods will have to be defined separately, which leads in the IT field to the situation illustrated in Fig. 3. 3. Priorities
CERTIFICATE OF CONFORMITY
Y DESIGN
CONFIDENCE
APPROVAL
PRODUCTS ACCORDING TO APPROVED
THAT DESIGN
ARE MANIFACTURED
Fig. 1. Product Certification.
CERTIFICATE
in IT-Certification
Considering the many items that are being discussed in IT priority-setting is of utmost importance. The limited amount of experts knowledgeable in this field can only be used effectively if clear priorities are defined. ITAEGC is of the opinion that basically there are two priority areas: - open system interconnection (OSI); - software portability. The efforts to develop certification techniques and services should be directed to these two areas.
W.K. Wiechers / I T Certification in Europe
I
I
TEST METHOD
I
4. European IT-Certification
TEST
STANDARD
?
COMPLIANCE
CERTIFICATE
Fig. 3. Present Situation in Information Technology where IT Standards Do Not Comprise Test Methods.
COUNTRY
A
Completely independent IT certification for each of the different European countries is quite unacceptable as it results in: - unnecessary duplication of work; - p r e v e n t i o n of the establishment of a truly European IT market. When setting up a structure for an international certification system, there are basically two alternatives: the establishment of a central European certification institute: - to guarantee within Europe mutual recognition of national certification activities. Although in theory the first solution seems to be the most attractive, in practice the second approach may be more effective. All existing and operating European certification schemes are based on this principle. It seems that this approach should also then be chosen in the IT field. ITAEGC also took mutual recognition as the basis for its proposals. A mutual recognition is impossible without generally accepted standards and test specifications (see Fig. 4).
c
B
I l
HARMON
I S ED
TEST
TEST
TEST
I .
H A R M O N I S E D
l
I
METHOD
TEST
.
.
.
171
----I -~I
.
I
t
STANDARD
COMPL, ?
COMPL, ?
L
] 1
I
I
I N T E R N A T I O N A L L Y
RECOGNIZED
CERTIFICATE
Fig. 4. Mutual Recognition on the Basis of Generally Accepted Standards and Test Specifications.
W.I~ Wiechers / IT Certification in Europe
172
Furthermore, it requires: mutual confidence amongst the institutes involved in testing and evaluation of test results; - proper formal procedures. The basic components of an international certification scheme on the basis of these principles are given in Fig. 5. In this scheme emphasis lies on the national level where all testing and certification activities will be performed, probably by already existing bodies. In order to achieve general recognition of harmonized certificates in the participating countries some international harmonization and coordinated is necessary. The certification scheme has to operate with a minimum of administrative overhead and economical burden. The components of the scheme are described as independent functions, which need not necessarily be carried out by separate or newly formed bodies. The necessary functions can in many cases be carried out by already existing bodies, e.g. a standardization body, a CEPT member or a government service. Also one particular -
body may comprise more than one function. In all cases provisions have to be made for a clearcut separation of responsibilities in order to ensure the necessary independence and impartiality of the different functions. At a national level the following functions can be identified: a. The National IT-Certification Coordinating Member (organization) will coordinate the national IT-Certification and is responsible at an international level for the proper functioning of the national IT-Certification activities. It should be kept in mind that problems of coordination at a national level can not be resolved internationally but should be resolved nationally. Two alternatives are possible in defining the National ITCertification Coordinating Member, it could be either the national government or a body nominated by the national government. The National IT-Certification Coordinating Member will decide on its delegation to the Management Committee for IT-Certification. b. The certification and testing activities will be
Management Committee for IT-CERTIFICATION
Testing Support Service per area
International level National level
National IT- Certification Coordinating Member
t ...........
[1 Harmonized Certificate
I--
\ Test Report
Certifying body
I
Testing Laboratory
I
t ..............
Fig. 5. Basic Components of an International Certification Scheme.
W.K. Wiechers / IT Certification in Europe
carried out by one or more Certification Bodies and one or more Testing Laboratories, which could include Manufacturer Testing Laboratories. These have to be accredited and their performance has to be monitored. The accreditation and surveillance of Certification Bodies and Testing Laboratories may be carried out by National Accreditation Schemes in countries where these are in operation. In other cases the accreditation and surveillance will be the responsibility of the National IT-Certification Coordinating Member in the international Scheme. c. A Certification Body will issue harmonized European Certificates for IT-products or processes which have been found to be in conformity with the relevant standards. d. A Testing Laboratory performs the necessary tests of IT products or processes and issues a harmonized European test report using approved test methods, tools and report formats. e. The client is a manufacturer or supplier who may have his IT product or process tested by a Testing Laboratory and who, after successful tests, may apply to a Certification Body for a harmonized European Certificate. Such a Certificate will be recognized in all other countries participating in the IT-Scheme. At the international level there are two more functions: f. The Management Committee for IT-Certification is composed of representatives of all participating National IT-Certification Coordinating Members. It will establish the specific rules which are necessary to make general recognition of harmonized European Certificates possible. Also this Committee will authorize one or more Testing Support Services for specified areas of It products or processes (e.g. OSI protocols, telecommunication terminals, language compilers, magnetic supports etc.) and manages the approval of the test methods, proposed by these Services. g. A testing Support Service will in its area of competence give support for the test methods, tools and report formats which have to be applied by the Testing Laboratories, that should be available to all interested parties. A Testing Support Service will, on request, also advise and assist in the accreditation and monitoring of Testing Laboratories with regard to specific conditions lying in its area of competence. After distributing these policy proposals more detailed rules for such a system have been made available in the form of a C E N C E R document
173
N71 Rev. 2 "Specific Rules for a Certification Scheme for Information Technology". 5. Action Plan In parallel to the policy discussion a lot of work is being done at the technical level to develop testing and certification techniques both in the OSI an non-OSI field. On the one hand the European Commission very successfully stimulated the development of conformance test services in the IT-field by partially funding a number of development projects. This encouraged international contacts between IT-testing institutes and supplied an important technical impulse at a critical moment. It can be expected that the first services as a result of these projects will become operational in this year. Furthermore quite some experience already exists within the European administrations of telecommunications and some private companies which provides a good basis for starting up certification services. Of course there is a risk that these activities lead to divergent technical solutions due to a lack of coordination. Fortunately all developers of test~ ing tools and certification services are well aware of each others activities so the developments in Europe can be expected to be in line with the international framework. Considering the availability of standards on the one hand and the expected availability of test methods and tools in the course of this year on the other hand, it is very essential to make the necessary policy decisions in the very near future and to start operational activities on the basis of these decisions. CEN, C E N E L E C and CEPT intend to do so in the first quarter of this year. In view of the amount of feed-back from different interested parties involved that will be taken into account we expect that these decisions will be supported at the political level by the EC and EFTA. In parallel a number of IT product-areas will be defined where harmonized certification can become operational. These recommendations can also be expected before the middle of this year. The result will be that at the end of this year European IT-certification will be a fact offering a number of services to the international IT-community. Once this very essential complement to the IT-standardisation has also been established we can rightly state the basic conditions are met for the further development of our information society.