Presentation is loading. Please wait.

Presentation is loading. Please wait.

ETSI Contribution to 3rd Meeting of EC Expert Group on RRS

Published byGerardo Espejo Modified over 5 years ago

Similar presentations

Presentation on theme: "ETSI Contribution to 3rd Meeting of EC Expert Group on RRS"— Presentation transcript:

1 ETSI Contribution to 3rd Meeting of EC Expert Group on RRS
Dr. Markus Mueck, Chairman ETSI TC RRS 8 February 2018

2 Overview ETSI effort to collect Use Cases, Classes and Categories
Following the provision of a first set of proposed Use Cases to the 2nd meeting of EG RRS, an updated set of proposed Use Cases is propoved in the present document

3 ETSI effort to collect Use Cases, Classes and Categories
Related to the activity of the EC Expert Group on RRS, ETSI has invited all of its Technical Bodies to provide Use Cases Categories or Classes ETSI is currently collecting further inputs. Additional contributions are expected. Following the provision of an initial set of Use Cases for the 2nd EG RRS meeting, an updated set is provided in this document.

4 Commercial Equipment The following initial set of commercial Use Cases is proposed: Use Case C1 – Smartphone Reconfiguration … Beyond the provisioning of additional modules, it is also possible to replace entire RATs in case those sufficient computational resources are available. ETSI builds test specifications on 3GPP specifications, and therefore 3GPP use cases and equipment classes and categories should be considered. Reconfiguration can also be a remote software update of a device after it is already deployed e.g. to perform an update to a new 3GPP feature Example: Secure environment such as the UICC or the new Smart Secure Platform (SSP) This requires: i) Verifying the Integrity and Authenticity of the new software; ii) Mutual Authentication between the device and the software provider or the service provider who performs the software update. The next generation technology SSP (Smart Secure Platform), successor of SIM/UICC currently developed in ETSI, will allow to implement security services not only on a removable or embedded Secure Element, but also on an integrated Secure Environment of a System on Chip (SoC) and could be extended to any kind of device/equipment where updates of e.g. the firmware, need to be protected.

5 Commercial Equipment Use Case C2 – Internet-of-Things product design
… a limited number of generic and reconfigurable components will be made available which are suitably tailored to the target market through software components. Use Case C3 – Automotive Applications … Software Reconfiguration will enable Manufacturers to replace specific Software and thus maintain related feature-sets up-to-date without requiring changes to the hardware. NOTE: The upper Use Cases are in accordance with the ETSI White Paper on SW Reconfiguration and Annex 2 of the TCAM SDR Final Report (EG RRS (01)05; TCAM WG (11)25).

6 Commercial Equipment Additional Details on Automotive Applications
Context: In order to understand the need for SW Reconfiguration affecting the compliance of equipment to the RED, it is proposed to consider the requirement of vehicular communication modules to remain relevant over the life-time of a vehicle, which can be 10 years or more for a mass-market car , 25 years or more for commercial vehicles or even more than 25 years for traffic infrastructure. Update of Feature Sets: Mobile communication specifications are expected to evolve substantially over time. To give an example, 3GPP provides new Releases every 2-3 years including a substantial extension of feature sets. In this Use Case, a wireless communication platform which is already deployed in the market is able to receive feature updates through SW Updates affecting the compliance of the wireless equipment to the essential requirements of the RED. In a typical example, critical new safety related features are provided to vehicles which are already in the field. Mitigation of Vulnerabilities and Implementation Issues: Vehicular communication equipment may be the object of malicious attacks. Typically, vulnerabilities or implementation issues may be exploited for this purpose. Once such vulnerabilities or implementation issues are detected, concerned components are replaced through SW Updates affecting the compliance of the wireless equipment to the essential requirements of the RED. Note that the original concerned components may be provided as hardwired and/or SW based solutions.

7 Commercial Equipment Use Case C4 – Cable Systems
A variant that is widely relevant to integrated broadband cable and television networks employs a device with non-radio and radio interfaces, where only the cable network interface is used for loading new software onto the device. The software is monolithic in a sense that all device functions are included in a single software load, such that in order to alter an individual function of the device a complete software load has to be delivered to the device. The mechanism to provide such a software load involves a secured delivery protocol as well as an authorization of the software load from a trusted entity. In this case, is the secured software delivery mechanism sufficient to protect the radio device?

8 Commercial Equipment Use Case C4 – Cable Systems, Cont’d
 The unique attributes of the device class that we are suggesting above are: Radio and non-radio interfaces Software loading over the cable network interface only Secured delivery protocol and signed software For illustration purposes, the following example may be considered. The device is a DOCSIS-compliant cable modem with integrated Wi-Fi. The software can only be delivered via the HFC network using the DOCSIS-specified secure software download mechanism.

9 Professional Users applying direct link
Use Case P1 – link-by-link licensed system Assume a "link-by-link licensed" case, where all parameters subject of the individual license (also other that mere frequency and eirp, such as channel size and reference modulation in "adaptive modulation case") need to be open to the operator/administration according the individual license condition. (HS EN is EN V3.1.1 (OJ published 6/2017), which comprises all Point-to-point FS equipment operating in FS allocated bands from 1.4 to 86 GHz bands) Equipment needs to remain sufficiently “open” to allow for this usage.

10 General recommendation
General Impact of Device Protection Implementation of device protection should not adversely affect secure devices, having a minimum of capabilities for cryptographic protection and secret storage. Available resources may not be sufficient any more in case that additional capabilities are needed. Right balance for protection is needed. This may have an impact on sensor networks, smart cities, etc. (Firmware) Updates (e.g., for bugfixing) of existing equipment should remain possible.

11 General comment ETSI is in the process of collecting relevant Use Cases, Categories and Classes from its Technical Bodies NOTE: The final list will rely on input by ETSI members and cannot be guaranteed to be exhaustive.

Download ppt "ETSI Contribution to 3rd Meeting of EC Expert Group on RRS"

Similar presentations

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
TTA Views on Technical Scope of M2M Consolidation 17 August 2011 TTA M2MCons02_16 (Agenda 4.3)

TTA Views on Technical Scope of M2M Consolidation 17 August 2011 TTA M2MCons02_16 (Agenda 4.3)
ZIGBEE PROTOCOL FOR WIRLEESS SENSOR NETWORK ZIGBEE PROTOCOL FOR WIRLEESS SENSOR NETWORK Research paper Lina kazem 43580340.

ZIGBEE PROTOCOL FOR WIRLEESS SENSOR NETWORK ZIGBEE PROTOCOL FOR WIRLEESS SENSOR NETWORK Research paper Lina kazem
Overview & Definitions for Downloadable Credentials 1 S10-20110926-013 3GPP2 TSG-S WG1 Source: Sprint, US Cellular, Motorola Mobility, Qualcomm Contact(s):

Overview & Definitions for Downloadable Credentials 1 S GPP2 TSG-S WG1 Source: Sprint, US Cellular, Motorola Mobility, Qualcomm Contact(s):
ETSI Home Networking activities Rainer Münch ETSI TISPAN Chairman Presenter: Ian Spiers DOCUMENT #:GSC13-GTSC6-20r1 FOR:Presentation SOURCE:Rainer Münch,

ETSI Home Networking activities Rainer Münch ETSI TISPAN Chairman Presenter: Ian Spiers DOCUMENT #:GSC13-GTSC6-20r1 FOR:Presentation SOURCE:Rainer Münch,
Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,

Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,
Tufts Wireless Laboratory School Of Engineering Tufts University “Network QoS Management in Cyber-Physical Systems” Nicole Ng 9/16/20151 by Feng Xia, Longhua.

Tufts Wireless Laboratory School Of Engineering Tufts University “Network QoS Management in Cyber-Physical Systems” Nicole Ng 9/16/20151 by Feng Xia, Longhua.
Proposal for device identification PAR. Scope Unique per-device identifiers (DevID) Method or methods for authenticating that device is bound to that.

Proposal for device identification PAR. Scope Unique per-device identifiers (DevID) Method or methods for authenticating that device is bound to that.
IEEE SCC41 PARs Dr. Rashid A. Saeed. 2 SCC41 Standards Project Acceptance Criteria 1. Broad market application  Each SCC41 (P1900 series) standard shall.

IEEE SCC41 PARs Dr. Rashid A. Saeed. 2 SCC41 Standards Project Acceptance Criteria 1. Broad market application  Each SCC41 (P1900 series) standard shall.
Distribution and components. 2 What is the problem? Enterprise computing is Large scale & complex: It supports large scale and complex organisations Spanning.

Distribution and components. 2 What is the problem? Enterprise computing is Large scale & complex: It supports large scale and complex organisations Spanning.
Engineering Secure Software. Agenda  What is IoT?  Security implications of IoT  IoT Attack Surface Areas  IoT Testing Guidelines  Top IoT Vulnerabilities.

Engineering Secure Software. Agenda  What is IoT?  Security implications of IoT  IoT Attack Surface Areas  IoT Testing Guidelines  Top IoT Vulnerabilities.
Update on ETSI Security work Charles Brookson OCG Security Chairman DOCUMENT #:GSC13-PLEN-57 FOR:Information SOURCE:Charles Brookson AGENDA ITEM:6.3

Update on ETSI Security work Charles Brookson OCG Security Chairman DOCUMENT #:GSC13-PLEN-57 FOR:Information SOURCE:Charles Brookson AGENDA ITEM:6.3
Dr. Ir. Yeffry Handoko Putra

Dr. Ir. Yeffry Handoko Putra
Principles Identified - UK DfT -

Principles Identified - UK DfT -
Thomas Weilacher WG FM Chairman

Thomas Weilacher WG FM Chairman
Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources.

Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources.
Fundamentals of Information Systems, Sixth Edition

Fundamentals of Information Systems, Sixth Edition
Suggestion for Summarizing Process of the Principles

Suggestion for Summarizing Process of the Principles
Device Security in Cognitive Radio

Device Security in Cognitive Radio

Similar presentations

Ads by Google