Image by Rohan Makhecha


CyTAL’s primary focus is to support the development of cybersecurity certification schemes which are aimed at improving the security and robustness of products. 

Members of CyTAL have been instrumental in the development and maintenance of Common Criteria (ISO 15408 & ISO 18045); the Commercial Product Assurance (CPA) scheme for UK Smart Meters, which is overseen by the National Cyber Security Centre (NCSC); and the Cyber Assurance of Physical Security Systems (CAPSS) scheme which is operated by the Centre for Protection of National Infrastructure (CPNI). CyTAL is an assessment partner for both organisations and can perform CPA and CAPSS evaluations.


For more details on our role in CPA, click here

For more details on the CAPSS scheme, click here

CyTAL has recently contributed to recommendations for a new EU cybersecurity certification scheme targeting industrial automation and control systems (IACS) as part of the IACS Thematic Group, under the EU ERNCIP project.

Our experience with the design and practice of standards-based cybersecurity evaluation schemes has also been used to help in the design of internal assurance schemes for infrastructure companies. We work on both the design of bespoke laboratory procedures, and the design of test programmes to implement internal assurance controls. Building on the general nature of our analysis and test approaches enables us to take this beyond cybersecurity and into more general functional and robustness testing.