|
 |
|
|
|
We are excited to announce C5-DEC CAD v1.2 – our open-source, AI-enabled toolkit for computer-aided secure system design, development, and evaluation.
C5-DEC CAD unifies Common Criteria (CC) tooling, SSDLC traceability, compliance workflows, cyber-physical system security assessment, cryptography, and resource management in one repository-centric platform.
C5-DEC CAD helps teams run a complete secure-by-design workflow in one place:
Common Criteria engineering support with structured knowledge and specification workflows
End-to-end requirements, design artifacts, tests, and traceability built on our SpecEngine subsystem
Practical SSDLC tooling for compliance, threat modelling, risk analysis, documentation, and evidence generation via our DocEngine
What’s new in v1.2:
CRA compliance module: Annex I checklist, Annex VII technical documentation generation, Annex V EU Declaration of Conformity, with support for Default, Class I, Class II, and Critical classes
SBOM lifecycle management: Syft-based generation (CycloneDX/SPDX), validation, diffing, traceability, and CRA cross-verification
Native cryptography module: PQC, SHA-256 integrity checks, GnuPG signing/encryption, Shamir’s Secret Sharing, and digital signatures
Expanded CPSSA: threat model generation (OWASP pytm/Threagile-compatible), FAIR-based quantitative risk analysis, STRIDE-based reporting
SpecEngine and DocEngine enhancements: richer traceability visualization, interactive specification browser, traceability statistics, Mermaid rendering pipeline, design artifact hygiene utilities, and CRA-ready report/presentation templates
Also in v1.2: completed CC:2022 knowledge base content, stronger Docker hardening, and a significantly expanded test suite.
