This document serves as the initial framework for defining the subject. The document serves as a detailed breakdown of security testing methods related to software and hardware testing. it is to remain vendor agnostic and focus on the type of testing available at the time of release. This is not a comprehensive list and is intended to be updated on a yet to be defined timeline.
This document is intended to create a set of unified requirements for assuring that a product that is going to market with cybersecurity claims, has been tested and verified against a set of common criteria. While the SAE standard J3061 provides a process, this document intends to provide a comprehensive overview of the methods needed to achieve those process requirements set forth in J3061.