CBSE gets final cybersecurity clearance for re-evaluation portal after IIT review
The Central Board of Secondary Education (CBSE) has received final cybersecurity clearance for its re-evaluation portal after an IIT-led review, allowing Class 12 answer scripts reassessment to begin. The clearance follows the identification of high-severity vulnerabilities in the Board’s software, prompting a shift to CBSE-managed infrastructure and a redesign of the re-evaluation workflow.
The Central Board of Secondary Education (CBSE) has obtained final cybersecurity clearance for its examiner-facing re-evaluation portal, enabling the reassessment of Class 12 answer scripts. The clearance came after a rigorous review by teams from Indian Institutes of Technology (IITs), which completed its final round of testing on Friday night. This follows earlier concerns about the security of CBSE’s digital examination systems, which led to delays in launching the Post-Result Activities (PRA) portal. The IIT teams identified multiple high-severity vulnerabilities in CBSE’s software infrastructure, prompting the Board to abandon the Coempt EduTeck platform used for this year’s On-Screen Marking (OSM) system. Instead, CBSE shifted student and examination data to its own managed infrastructure and redesigned the re-evaluation process to operate through CBSE-controlled systems. The IIT-led review employed a ‘red team-blue team’ methodology, where CBSE’s developers and experts from IIT Madras and the Digital India Corporation (DIC) worked to fix vulnerabilities, while a team from IIT Kanpur attempted to exploit weaknesses. The final testing concluded without detecting major vulnerabilities, though minor issues may remain. CBSE has begun informing examiners that they can now access the system to process students’ re-evaluation requests, focusing only on flagged questions rather than reassessing entire answer books. The process will be conducted digitally, with examiners reviewing scanned answer scripts on tablets. The IIT teams are preparing recommendations for the Education Ministry and CBSE to strengthen cybersecurity standards for future examination software. These recommendations emphasize integrating safeguards early in development and conducting comprehensive ‘red-teaming’ exercises by independent experts before deploying any examination software. The clearance resolves a delay in the re-evaluation process, which had been inaccessible since the PRA portal launched on June 2.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.