Petr Švenda is an associate professor at Masaryk University, Brno, Czech Republic. He first touched the domain of security certifications in 2002 while working on the side-channel analysis of cryptographic devices and has kept his passion for cryptographic smartcards ever since. The Common Criteria and FIPS 140 security certification artifacts proved to be an essential source of information during a responsible disclosure of ROCA
and Minerva vulnerabilities his team found. If only the documents would be automatically processable at that time…