Insights from Automated Large-Scale Analysis of FIPS 140 Certificates (G12a)
Security certification frameworks like FIPS 140-2/3 or Common Criteria subject certified products to extensive scrutiny. This talk will discuss insights gleaned from the ecosystem of certified devices through extensive analysis of certification documents. Automation tools extract machine-readable features from tens of thousands of certification-related documents, providing valuable insights and assessment of the certification process.