Discover our working group

This Working Group brings together certifiers, test labs, component manufacturers, system integrators, service providers, national public administrations, RTOs, etc. to contribute to activities for pre-standardisation and to support the development and use of trusted European certified solutions across the supply chain and the various sectors.

Mission & Objectives

The mission of this WG is to support the roll-out of EU ICT security certification schemes, standard and legislative recommendations, and ensure the establishment of trusted and resilient supply chains in Europe. Some of the objectives are:

  • Understand the challenges of the industry in using standards and certification schemes.
  • Understand the needs of the market to identify the gaps in standardisation and propose a roadmap for priorities.
  • Define methodologies and approaches to facilitate and support the use of certification schemes.
  • Provide guidelines & recommendations on European legislations and policy initiatives.

Ongoing work

  • Continue and strengthen collaborations with ENISA, EC, European SDOs and other relevant stakeholders.
  • Support policy implementation: link with DEP priorities describing challenges and plan for the future. Development of capabilities.
  • Address the challenges for a trusted supply chain and management of the risks.
  • Identify the challenges for SMEs in using certification schemes and define guidelines / best practices.
  • Study and explain system and service lifecycle and associated risk management.
  • Focus on the technical details of the composition approach: the operational phase (e.g. vulnerability and patch management) of the composed product and expectations for product composition. Link with first EU certification schemes.


Collaboration at EU level on standardisation

MoU signed with CEN/CENELEC and ETSI for definition of priorities for developing EU standards linked to certification an...

Read more

Collaboration with ENISA on certification

As part of the Stakeholder Cybersecurity Certification Group (SCCG), ECSO collaborates with ENISA on cybersecurity certi...

Read more

Participation to the Joint Research Center on IACS (ERNCIP IACS)

Collaboration on recommendations for the IACS Components Cybersecurity Certifications Scheme

Read more

Participation to the ICT Standardisation Multi-Stakeholder Platform

Collaboration on the ICT Standardisation Multi-Stakeholder Platform & Rolling Plan with the European Commission

Read more

Our achievements

Guidelines & recommendations on certification policies and standards

Cooperation with ESOs, EC and EU Agencies

ECSO has positioned itself as a key actor in the European standardisation and certification institutional landscape. Thanks to its constituency and cumulated expertise, it has gained recognition and is frequently solicited by EU Institutions for recommendations and advice.

ECSO Secretariat:

WG1 Co-Chairs

  • Mario Jardim (Schneider Electric)
  • Philippe Jeanmart (Bureau Veritas)
  • Mark Miller (Conceptivity)

SWG 1.1 – Connected Components

Work on the inter-relationship (“composition”) of EU scheme certified components based on standards for trusted supply chain and product certification in line with to the EU Cyber Act.

SWG1.2 –Digital Services and Systems

Understand the systems’ & services’ dependencies, needs and current approaches for risk management and operational aspects.