Research Reports

Home / Research Reports

Research Reports

Below you will find links to all public outputs from the CRISP projects and a short description of each report:

D1.1 Glossary of security products and systems

Deliverable 1.1 lays the terminological foundation for the CRISP project. Like in standardisation documents, a common understanding of the terminology used is an important aspect, which is why we have started with the creation of a glossary. The unique characteristic of the CRISP glossary for security products, systems and services (PSS) is the focus on the functionality of security PSS instead of the technique itself. With the function of a security PSS, we describe the intended result of the PSS in operation. By linking the function of a security PSS with the area of security it is deployed, different security contexts are reflected. For the CRISP glossary, four areas of security were identified: (1) security of the citizen; (2) critical infrastructures; (3) border security; (4) crisis management.

Finally, in order to classify and also compare security functions, we have considered the existence of different levels on which the functions operate in security products, systems and services, based on the dependency functions have on other functions. As an example the function ‘to identify’ is only possible if the function ‘information collection’ has been performed beforehand. This results in three levels of functions, with an increase in dependency (and often complexity), being primitive, connective and performative functions.

D1.2 Taxonomy of security products, systems and services

Based on the glossary of the first deliverable, in Deliverable 1.2 a categorisation of security PSS was established. In form of taxonomies for security products, security systems and security services, this deliverable examines the wide diversity in the domain of security PSS. The categorisation of the taxonomy is done on three levels:

On the first level is are the security application areas. Similar to the glossary, the taxonomy categorises security PSS depending on where the intended application is based. The second level of categorisation of the taxonomy are the security demands. The demands are mainly based on reviews of commercial security company websites, European policy literature and related security research projects and further specify the areas where the security PSS can operate, while already refining the intended security function. On the third and last level of categorisation are the security needs (as a follow-up of the demand category), which are equivalent to the security functions of the glossary and thus specify the intended result of the security PSS.

Lastly the security product, system or service is listed, depending on their application within that classification. The security PSS is of course not exclusive classified within one categorisation, but can, similar to the security function, be part of different application areas, security demands and needs. As such, the taxonomy is a very flexible tool for the categorisation of security PSS.

D2.1 Report on security standards and certification in Europe – A historical/evolutionary perspective

This report is the first deliverable for CRISP’s Work Package 2. Building on security-related definitions of the glossary and taxonomies in CRISP’s Deliverables 1.1 and 1.2, this report provides a literature review and a historical perspective of security standards and certification in Europe.

The report introduces both the rationale and need for standards and certification, and outlines what is certified. Examples of standards and certification schemes in different security sectors covering different areas of certification are illustrated. In addition, opportunities to link standards and certification in the future are shown. This document consists of seven chapters. After the introduction, Chapter 2 reflects the state of the art in research on conformity assessment, certification, standardisation and accreditation. Specific emphasis is put on the security field. In particular advantages of using standards in certification processes are shown. Chapter 3 describes general framework conditions in Europe and specific European documents related to security standardisation and certification. Chapter 4 gives detailed insight into the state of the art in European security standards in different sectors, standardisation organisations, technical committees and working groups and offers an overview of specific standards documents. Chapter 5 provides information on security fields where standards for certain security applications should only be made available to entities which have the required security clearances. A detailed analysis of the state of harmonisation and mutual recognition in Europe is given in Chapter 6.  All findings are summarized in Chapter 7. An updated, extended version of this document will be provided in summer 2015.

D2.2 Consolidated Report on security standards, certification and accreditation – best practices and lessons learnt

This report is the second deliverable of CRISP Work Package 2 – ‘Review of standards, certification and accreditation for security products’ and consists of nine chapters. After a short introduction to conformity assessment in chapter 2, chapter 3 illustrates the state of the art in security standards and certification in ten European countries: Austria, Belgium, Germany, France, the Netherlands, Poland, Slovenia, Spain, Sweden and the United Kingdom. Chapter 4 provides selected international examples including Brazil, Canada, India, Israel, Japan and the United States. The following chapters (5 to 7) show pan-European and international security standardisation activities and certification schemes. Chapter 8 provides information on the state of accreditation in the security context, followed by a summary in chapter 9.

D3.1 Stakeholder Analysis Report

This report is the deliverable for Work Package 3 of the CRISP project, which builds on expert interviews, survey and literature review.  The report’s starting point is the assertion that the European security market is highly fragmented and the idea of a European certification scheme is one of the action points that should go some way to achieve harmonisation. The report focuses on identifying key stakeholder groups in the security products, systems and services sectors and understanding their motivations and needs with regard to standardisation and certification.  The report furthermore gauges stakeholder views on security certification challenges and their views on the proposed CRISP certification scheme and its implementation across Europe.

In short, the report found an overall agreement among all stakeholder groups that the current standardisation and certification landscape in Europe is overly complex and opaque.  Most stakeholders were positive towards harmonisation and the proposed CRISP scheme, but would like to know more about how it would be implemented across Europe.  With regard to benefits, stakeholder mentioned lower costs, quicker time to market and improved transparency. With regard to challenges, the issue of national differences considered to be of key importance and consequently the view that CRISP scheme would need to be somewhat flexible.  To read the report in full, please click the title link above.

D4.1 Legal Analysis of existing schemes

The Legal Analysis of existing schemes is one of the deliverables of Work Package 4. The report incorporates the legal study on security products, systems and services on the basis of four dimensions: security, trust, efficiency and freedom infringements (STEFi). It also examines the legal framework, standards and guidance from standardisation bodies related to certification. The chapter on the security aspect outlines the core legislation of the main security areas in the EU as categorised in the CRISP taxonomy, such as security of citizens and security of infrastructures, and identifies legal demands for security products, systems and services. The chapter on the trust aspect addresses the issue of trust of the scrutinised and end users to security products, systems and services and draws special requirements for security standards and certification schemes in that respect. The chapter on the efficiency aspect approaches the matter of how efficient security measures are through the three case studies of WP4: CCTV, alarm systems and drones. The chapter on the freedom infringements aspect analyses the legal demands for security measures in terms of data protection and privacy, presumption of innocence, equal treatment and non-discrimination, fair trial and due process. The last part of the report presents and analyses existing evaluation and certification schemes for CCTV, alarm systems and drones and assesses to what extent the schemes correspond to the legal demands and requirements identified in the legal study of the report and highlights good practices from a legal perspective.

D4.2 Ethical expert report on freedom infringement evaluation

The deliverable contains the advice and recommendations of the CRISP ethical expert on the task of the consortium to analyse the impact of the security technologies and measures to the freedoms of individuals. The deliverable also includes a report on the actions taken by the  consortium in response to the advice provided by the ethical expert.

D4.3 S-T-E-F-I based SWOT analysis of existing schemes

The third and last deliverable of WP4 presents the SWOT (strengths-weaknesses-opportunities-threats) analysis of existing evaluation and certification schemes for security products, systems and services. It also incorporates the three case studies of WP4 on CCTV systems, alarms and drones. The deliverable identifies strong and weak points of existing schemes on the basis of security-trust-efficiency-freedom infringements requirements and makes recommendations for further enhancement and adaptation for the assessment and certification of products, systems and services used for security purposes.

D5.1 Validated CRISP Methodology

This report is the first deliverable of Work Package 5 and presents the evaluation and certification methodology of the CRISP project . This two-part methodology emerged during the research work of the project.  It takes into account existing evaluation and certification processes and procedures, as well as expert recommendations emerging from various validation activities. The report illustrates in which part of the methodology the S-T-E-Fi approach has been integrated, and summarises some first recommendations, requirements and next steps in the ongoing project work.

D5.2 Report on the scenario based workshop and the refinement of the CRISP methodology

This second and final deliverable report of Work Package 5 presents the refinement of the CRISP Methodology based on the outcomes of four scenario-based workshops and the reflections made by the CRISP consortium afterwards.

D6.1 Final roadmap and implementation plan

This deliverable includes the CRISP roadmap for the proposed certification scheme, the implementation measures and the steps required by different stakeholders so that the CRISP scheme is supported, set up and implemented in accordance with best practice. Roadmaps are used across different fields and sectors to strategically plan and describe the steps to achieve outlined outcomes and goals. They are flexible and thus easily adaptable to changes in outlook, focus and goals, which are bound to change during the development of complex systems and processes. The CRISP roadmap is modelled on the basis of guidance from the IEA[3] and thus includes the sections goals; milestones, priorities and a timeline; barriers and gaps; and implementation plan and action items. Furthermore, the roadmap includes an outlook chapter to visualise the future for the CRISP scheme.

D6.2 Final certification manual

This report belongs to CRISP’s Work Package 6 (WP 6), ‘Developing a roadmap. The objectives of this WP are stated as follows: “To develop and validate a clear roadmap for the proposed certification scheme and to develop and refine the certification manual”[4]. The validation activity was carried out in Delft (the Netherlands) as a half-day workshop on 12 May 2016, inviting stakeholders from certification and accreditation bodies, during which the topics of the developed first draft of the Certification Manual were presented and discussed. Furthermore, CRISP’s Advisory Board Members were consulted as well during a web-meeting on 10 June 2016. In the following, the recommendations and comments from the workshop participants and the Advisory Board Members were used by the CRISP consortium for the finalisation of the Certification Manual. The outcomes are presented in this deliverable.

D7.1 Consolidated report on enhancing confidence and acceptability of new certification measures

The report summarizes the activities the consortium has undertaken in 9 months from the beginning of June 2016 to the end of February 2017 to approach and engage with various stakeholders with the above-listed aims, and how these efforts have been linked to the finalization of the CEN Workshop Agreement (CWA), a best practice document – one of the main outputs of the CRISP project and the foundation of future standardization activities.[1] One of the aims of engaging the stakeholders was also to spur interest in establishing an organization that would continue the work towards the finalization of the CRISP certification scheme.

D7.2 CEN Workshop Agreement

A CEN Workshop Agreement (CWA) is a document published by CEN in at least one of the CEN three official languages. A CWA is an agreement developed and approved in a CEN Workshop; the latter is open to the direct participation of anyone with an interest in the development of the agreement.[2]

The CRISP project partners together with other CWA participants have developed the CWA 17147 “Guidelines for the evaluation of installed security systems, based on the STEFi dimensions”.

D7.3 Interim exploitation plan

This report ‘Interim exploitation plan’ will explore and outline how CRISP’s results could best be transferred, commercialised and sustained, and how the CRISP Roadmap can be implemented, gaining confidence for and trust in the certification measures. This report describes how to best approach stakeholders with the above listed aims and how to link these efforts to the successful finalization of the CEN Workshop Agreement (CWA), one of the main outputs of the CRISP project and the foundation of future standardization activities. This Interim exploitation plan was finalized at the beginning of WP7, whereas the final exploitation plan will be delivered at the end of the WP and project duration

D7.4 Final, consolidated exploitation plan 

This report belongs to Work Package 7 ‘Enhancing confidence in the new certification measures’ (WP7) of the CRISP project. The objectives of this report are to summarise information that is relevant for the short-term next steps needed to successfully exploit the results of the CRISP project and to initiate the development of the certification scheme itself.

 

 

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.