Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in MTS 14th May2013 SIG Report

Published byElvira Böhme Modified over 6 years ago

Similar presentations

Presentation on theme: "Security in MTS 14th May2013 SIG Report"— Presentation transcript:

1 Security in MTS 14th May2013 SIG Report
Fraunhofer FOKUS

2 Agenda (14.5.) 4 Participants: I. Bryant, A. Takanen, P. Schmitting, A. Rennoch, (supported by E. Chaulot-Talmon) ISO SC27 & ETSI Security workshop presentation 26th April Idea: MTS & SC27/WG3 Liaison TODO: send request (with current working documents) Discussion of draft document

3 SC27 WG3 liaison (to be decided)
ISO/IEC Test requirements for cryptographic modules ISO/IEC 30127: Detailing software penetration testing under ISO/IEC and ISO/IEC vulnerability analysis ISO/IEC TR Refining software vulnerability analysis under ISO/IEC and ISO/IEC 18045 for ETSI (Terminology) for ETSI (Security guidelines) WG3 is interested in ETSI (case studies)

4 SC27 WG4 liaison (to be decided)
ISO/IEC Application security validation for ETSI (Security guidelines)

5 WI status and schedules
Terminology and Concepts (Ari): 3rd draft (word document) considered comments and updates -> need to be reviewed (CTI or E2NA) Case studies (Ari/Jürgen):  Plan: early draft with two case studies (Diamonds) 2-3 more case studies expected September (from Diamonds and Spacios)

6 WI status and schedules
Design guide V&V (Scott/Ian): -> new draft available with new input from Ian and Scott (still early draft) Plan: stable draft and review in September. Security Testing Methodology (Scott): Plan: results to be integrated in V&V

7 „Terminology“ (3rd draft)
3 Definitions, symbols and abbreviations 4 Introduction to security testing 4.1 Types of security testing 4.2 Penetration testing tools 4.3 Test verdicts in security testing 5 Security test requirements 6 Functional security testing 7 Performance testing for security 8 Fuzz testing 9 Security Testing activities mapped to SDLC

8 „Case studies“ (1st draft)
Project case studies from: DIAMONDS project G&D Banking (available) Accurate (available) Radio Automotive More? SPACIOS project tbd

9 „Case studies“ (1st draft)
For each of the case studies a similar structure of the description is planned. It will consist of the following parts: Characteriazation Background (challenges) System under Test Risk Analysis Security Testing Approaches Applied approaches Comparison with SoA tools/techniques Results so far Expectations Test Results Exploitation (value of techniques)

10 Next steps Jürgen/Peter: complete Diamonds case study input
Ari/Peter: Invite E2NA and CTI to review Terminology & Concepts (after stable draft) ??? Ian/Scott: provide stable draft for September MTS: request formal liaison with ISO SC27/WG3&4 Next SIG meetings Discussion of current drafts in MTS#59 No SIG meeting planned (only if new drafts available)

Download ppt "Security in MTS 14th May2013 SIG Report"

Similar presentations

International Standards for Software & Systems Documentation Ralph E. Robinson R 2 Innovations.

International Standards for Software & Systems Documentation Ralph E. Robinson R 2 Innovations.
SECURITY SIG IN MTS 28 TH JANUARY 2015 PROGRESS REPORT Fraunhofer FOKUS.

SECURITY SIG IN MTS 28 TH JANUARY 2015 PROGRESS REPORT Fraunhofer FOKUS.
Symmetric Key Management Books Development Plan Daniel Fischer (ESA) Ignacio Aguilar Sanchez (ESA) CCSDS Spring Meeting 2010 | Portsmouth, VA.

Symmetric Key Management Books Development Plan Daniel Fischer (ESA) Ignacio Aguilar Sanchez (ESA) CCSDS Spring Meeting 2010 | Portsmouth, VA.
SQA System Overview Chapter 4. Where we have been so far, Where we are going Where do software errors come from? What is quality? How can quality be measured?

SQA System Overview Chapter 4. Where we have been so far, Where we are going Where do software errors come from? What is quality? How can quality be measured?
Standards to be Revised During 2008 - 2010 S2ESC Management Board July 29, 2008 Revised July 18, 2008 Dave Schultz Malia Zaman.

Standards to be Revised During S2ESC Management Board July 29, 2008 Revised July 18, 2008 Dave Schultz Malia Zaman.
COM606 Software Process Engineering and on the Portal Introduction.

COM606 Software Process Engineering and on the Portal Introduction.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ICT Accessibility Standardization Dr. Jim Carter, ISACC Document No: GSC16-PLEN-57r2 Source: ISACC.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ICT Accessibility Standardization Dr. Jim Carter, ISACC Document No: GSC16-PLEN-57r2 Source: ISACC.
Project Scope Management Information Technology Project Management, Fifth Edition Note: some slides have been removed from the author’s original presentation.

Project Scope Management Information Technology Project Management, Fifth Edition Note: some slides have been removed from the author’s original presentation.
1 HARMONIZATION OF ISO/IEC 14764 AND IEEE STD 1219 Thomas M. Pigoski Paul R. Croll IEEE Computer Society Montreal, May 2003.

1 HARMONIZATION OF ISO/IEC AND IEEE STD 1219 Thomas M. Pigoski Paul R. Croll IEEE Computer Society Montreal, May 2003.
Progress report for ISO/IEC DTR 20943-5 Metadata Mapping Procedure(MMP) October, 2012 Tae-Sul Seo and Sung-Joon Lim 1.

Progress report for ISO/IEC DTR Metadata Mapping Procedure(MMP) October, 2012 Tae-Sul Seo and Sung-Joon Lim 1.
SC7 - IEEE CS Activity Status Report – T. Doran 6 November 2007 To: J. Walz IEEE CS SAB

SC7 - IEEE CS Activity Status Report – T. Doran 6 November 2007 To: J. Walz IEEE CS SAB
Doc.: IEEE 802. 18-07-0030-r2-0000 Submission April 2007 Michael Lynch, Nortel 22 March Agenda Opening comments and attendance Schedule of meetings/deadlines.

Doc.: IEEE r Submission April 2007 Michael Lynch, Nortel 22 March Agenda Opening comments and attendance Schedule of meetings/deadlines.
Statistical Data and Metadata Exchange SDMX Metadata Common Vocabulary Status of project and issues (2004-2005) Marco Pellegrino Eurostat

Statistical Data and Metadata Exchange SDMX Metadata Common Vocabulary Status of project and issues ( ) Marco Pellegrino Eurostat
19th January 2012 Don Wells (Hess)

19th January 2012 Don Wells (Hess)
Middle Fork Project Relicensing Process Plan April 25, 2006.

Middle Fork Project Relicensing Process Plan April 25, 2006.
SAB Sponsor Progress Report Paul R. Croll Software and Systems Engineering Standards Committee (S2ESC) February 3, 2016.

SAB Sponsor Progress Report Paul R. Croll Software and Systems Engineering Standards Committee (S2ESC) February 3, 2016.
ITIL Project Change Management Workshop 7 February 2007

ITIL Project Change Management Workshop 7 February 2007
Work Item “Patterns in Test Development (PTD)” Re-start Meeting 17 March, Berlin Helmut Neukirchen Institute for.

Work Item “Patterns in Test Development (PTD)” Re-start Meeting 17 March, Berlin Helmut Neukirchen Institute for.
Automated Test Design ™ © 2011 Conformiq, Inc. CONFORMIQ DESIGNER MBT Working Meeting Report Stephan Schulz MTS#56, Göttingen.

Automated Test Design ™ © 2011 Conformiq, Inc. CONFORMIQ DESIGNER MBT Working Meeting Report Stephan Schulz MTS#56, Göttingen.
SECURITY SIG IN MTS Fraunhofer FOKUS Tallinn, 4-5 October 2011 Berlin, 15 December 2011 update.

SECURITY SIG IN MTS Fraunhofer FOKUS Tallinn, 4-5 October 2011 Berlin, 15 December 2011 update.

Similar presentations

Ads by Google