You have a data connector and want to be part of a data space? Then you need one thing above all – trust! Trust in the functionality and the implementation of the data space, and in the way the connector is build and works. This is where the Spanish company SQS comes in.
SQS is the first approved IDS evaluation facility, responsible for the independent validation of the IDS components and the operational environment of data spaces. This means the test facility makes sure that all the elements are interoperable and secure. A good reason to ask Begoñia Laibarra, director of SQS, a few questions:
IDSA: Why should a company have its components and operation environment certified?
Begoñia Laibarra: As a participant of a data space, you want to use certified components in a certified operational environment to be sure your data is shared securely. IDS Certification ensures that components provide this security. If your company develops and commercializes IDS components, for example, the market requires certification. And once a component is certified, it can be used in various data spaces!
Organizations that offer services such as connector-as-a-service or data-space-as-a-service must have its operational environment certified. This is also a clear requirement of the market if you want to participate and do business around data spaces.
IDSA: What criteria are tested for the connector certification?
Laibarra: The certification criteria for a connector include security aspects, functionality and interoperability within an IDS architecture. We also test the installation and operational guidelines, review completeness and accuracy of the documentation, such as the test plan and the design documentation. Additionally, we assess some key activities of the development process configuration. So, not only the product itself is reviewed, but also the supporting documentation and key practices of the development life cycle.
IDSA: Are there different connectors for different scenarios?
Laibarra: Yes, data connectors share data in scenarios with different trust and security requirements. For example, sharing medical data needs more security than sharing climate data. The criteria correspond to three trust levels. Depending on the trust level, different levels of security must be met by the connector.
This means connectors on the market will have various security profiles. Let me explain: Connectors with a Trust 1 profile are suitable for sharing data with limited trust and security needs, for sharing data in a contained environment or for demonstration purposes. Trust 2 profile is designed for scenarios where the protection of processed and transmitted data is essential. Trust 3 profile includes the protection against insider attacks as well as external attackers who could gain privileged access. You find the certification criteria for each trust level in the criteria catalog.
IDSA: What does the certification process look like?
Laibarra: This process varies depending on the “Assurance Level”. If the applicant seeks an Assurance Level 1, no evaluation facility is involved. It is the applicant’s responsibility to perform a self-assessment and send the results to the certification body at IDSA.
To do so, the applicant must download and use two assets developed by IDSA: a questionnaire and the IDS reference testbed, that includes an automated test suite. The applicant must submit the completed questionnaire and the results of the execution of the test suite. For Assurance Levels 2, the evaluation process is carried out by the evaluation facility.
IDSA: How are the components tested by SQS?
Laibarra: We use the IDS reference testbed as the standardized test environment and perform the test according to the reference test plan – to cover all criteria. We also perform documentation and design reviews, vulnerability analysis and penetration testing. The extend of the evaluation depends as I said before on the level of trust required.
After the contract is signed, we explain the process to the applicant in detail and share the evaluation plan. Errors we might find during the evaluation, we will report immediately so that they can be corrected before the process is completed. At the end, we produce an evaluation report summarizing all the evaluation activities and results.
IDSA: How can companies prepare for certification?
Laibarra: We recommend to carefully review the catalog criteria and perform a self-assessment, documenting how each component implements each criteria. This will allow the company to decide which trust level to apply for. To assess whether the implementation complies with the criteria, you use the testbed and the test suite. We advise you to develop your own additional tests later.
A good idea might be to participate in the Plug Fests organized by Fraunhofer Institute for Software and Systems Engineering and in the ITS, short for Integration Test Camp, managed by SQS – both provide additional support. They help detect errors and clarify issues during the development. IDSA offers instruments and tools to support developers throughout.
IDSA: What is the Integration Test Camp?
Laibarra: The ITC is a service offered by us for IDS component developers. Currently it is free for IDSA members. We have implemented a complete IDS infrastructure to test the interoperability of IDS components in a production like scenario. The ITC service offers remote access to this infrastructure along with a set of interoperability tests and full support from an SQS test engineer throughout the process.
The service has proven to be a very useful instrument to detect defects during the design and development of a component. We had more than 70 participations with components at different stages of development.
IDSA: What is the value of an independent third-party evaluation?
Laibarra: We as an independent evaluator follow the principles of independence, impartiality, and integrity. There is no conflict of interest for us and conclusions are not influenced by any stakeholder.
These third-party evaluations are performed by specialized and accredited evaluation facilities, we must follow a uniform process and the results have to meet the highest quality standards and be comparable with each other. An independent review of a product can reveal weaknesses and problems that are not always easy to identify by the development team itself. Basically, we help companies using control to build trust.