Dear all, We submitted the paper "Incremental Common Criteria Certification Processes using DevSecOps Practices" to EuroSPW 2021. We request to acknowledge SPARTA if the paper is accepted. Abstract:  The growing digitalisation of our economies and societies is driving the need for increased connectivity of critical applications and infrastructures to the point where failures can lead to important disruptions and consequences to our lives. One growing source of failures for critical applications and infrastructures originates from cybersecurity threats and vulnerabilities that can be exploited in attacks. One approach to mitigating these risks is verifying that critical applications and infrastructures are sufficiently protected by certification of products and services. However, reaching sufficient assurance levels for product certification may require detailed evaluation of product properties. An important challenge for product certification is dealing with product evolution: now that critical applications and infrastructures are connected they are being updated on a more frequent basis. To ensure continuity of certification, updates must be analysed to verify the impact on certified cybersecurity properties. Impacted properties need to be re-certified. This paper proposes a lightweight and flexible incremental certification process that can be integrated with DevSecOps practices to automate as much as possible evidence gathering and certification activities. The approach is illustrated on the Common Criteria product certification scheme and a firewall update on an automotive case study. Only the impact analysis phase of the incremental certification process is illustrated. Best Regards, -- Sebastien Dupont Expert Research Engineer Model-Based Engineering and Distributed Systems CETIC Avenue Jean Mermoz 28 B-6041 Charleroi Tel: +32 488 237 483