Presentation is loading. Please wait.

Presentation is loading. Please wait.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart,

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart,"— Presentation transcript:

1 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart, Division Chief Georgia Tech Research Institute Document No: GSC16-GTSC9-03 Source: TIA Contact: Eric Barnhart (Eric.Barnhart@gtri.gatech.edu) GSC Session: GTSC-9 Agenda Item: 4.2: Cybersecurity

2 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 2 TIA Cybersecurity Background TIA focus on Critical Infrastructure Protection and Homeland Security includes efforts in Network Security TIA TR-51 (Smart Utility Networks) views TR-50 (Smart Device Communications) as logical group to address security in parallel with deference to ITU-T SG17 (cybersecurity) from ITU Focus Group SMART TIA urges caution in establishing any USA government mandated security certification programs (TIA comments in US FCC PS Docket No. 10-93) –more data is needed with rapidly evolving needs –certification programs may not be most effective protection –Government mandated certification program could stifle needed flexibility

3 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 3 Highlight of Current Activities TIA TR-50 (Smart Device Communications) established Security Ad Hoc Group in February, 2011 –Supports TR-50 and its other subcommittees to contribute requirements, architecture, protocols, etc. related to the topic of security in Smart Device Communications. –Reviews/approves all ballots by TR-50 and its subcommittees to ensure that any architectures, protocols, or specifications meet the requirements set by the SDC Security Ad Hoc Group for secure solutions. –Architecture, protocols, or specifications should support options that can be exported without restriction from countries for which TIA serves as a regional Standards Development Organization (SDO).

4 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 4 Highlight of Current Activities TIA TR-50 Smart Device Communications Security Ad Hoc Group Activity includes development of: –Data-in-Transit Use Cases to support progress toward Machine-to-Machine (M2M) Multilayer Distributed Security Architecture (MMDSA)

5 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 5 Highlight of Current Activities TIA TR-50 Smart Device Communications Security Ad Hoc Group Activity: –Developing M2M Threat Analysis Overview to drive architecture development in tandem with Use Cases –Includes Operating System and Applications layer considerations; User Data considerations; and Network considerations. –Methodology includes measures of threat Likelihood and Impact. Product of these factors produces Risk Assessment Level:

6 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 6 TIA Strategic Direction TIA supports cyber security objectives and study items of ITU-T Study Group 17 as captured in Question 4/17- Cybersecurity TIA 2011 Goals and Positions include: –Government and industry must partner to increase the number of dialogues between domestic and foreign experts to discuss international best practices –Support cybersecurity policies that keep markets open and minimize barriers to trade

7 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 7 Challenges With M2M Cybersecurity in TR-50 (Smart Device Communications) as current TIA cybersecurity focal point, extend focus as appropriate to address needs: –TR-30 Multimedia Access, Protocols and Interfaces –TR-41 User Premises Telecommunications Systems –TR-45 Mobile and Personal Communications Systems Standards –TR-47 Terrestrial Mobile Multimedia Multicast –TR-48 Vehicular Telematics –TR-49 Healthcare ICT

8 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 8 Challenges Embracing user community (including verticals) is vital User needs are particularly important to understand with regard to risks and security demands – examples include energy management and healthcare ICT Export control and harmonization issues demand attention

9 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 9 Next Steps / Actions In TIA TR-50 Smart Device Communications Security Ad Hoc Group: –Continue focus on Data In Transit Multilayer Security Security Zone Definitions –Continue focus on Data At Rest Trusted Environments –Continue focus on Threat Analysis Risk Analysis Financial Impact Attack Trees –Examine Test Bed needs to investigate cybersecurity issues

10 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 10 Supplementary Slides

11 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 11 Supplementary Comments on M2M SDC Threat Assessment In order to quantify vulnerability, we assign numeric values to multiple factors. Vulnerability is calculated as the product of likelihood and impact (after NIST, OWASP,SANS Institute, and other similar approaches for IT risk management). Likelihood factor ranges from 1 through 4 with the following levels defned: –1 = “Low Likelihood” being the least likely due to little or no motivation, opportunity and/or capability –2 = “Moderate Likelihood” being of moderate likelihood, with average motivation, opportunity and/or capability –3 = “Substantial Likelihood” being substantial likelihood, with high motivation, opportunity and/or capability –4 = “Severe Likelihood” being the most likely as an agent with high motivation, opportunity and capability.

12 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 12 Supplementary Comments on M2M SDC Threat Assessment Criteria assigning likelihood levels include assessing the attacker, motivation, opportunity, and capability: Attacker Characteristic: Threat sources which can be detailed as: “0” No agent present “1” Individual criminal, hacker, disgruntled employee “2” Competitor “3” Extremist, Organized Crime “4” Terrorist or Nation State Motivation: including financial, political, emotional, revenge as well as constraints such as detection, and risk involved: “0” No motivation “1” Low “2” Moderate “3” Substantial “4” High Opportunity: including proximity, security, standards: “0” No Opportunity “1” Little “2” Limited “3” Substantial “4” High Capability: including education, knowledge, access, specialized equipment and reverse engineering: “0” None “1” Little “2” Limited “3” Substantial “4” High

13 Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GSC16-GTSC9-03 13 Supplementary Comments on M2M SDC Threat Assessment Impact characterizes the implications/seriousness of a successful attack, with the following levels: 1 = minor impact or no effect to the stakeholder 2 = serious impact, including impacting revenue streams, processes, support systems 3 = wide spread impact, causing irreparable damage to key systems and processes 4 = severe impact causing damage to systems and processes that support infrastructure requirements.

Download ppt "Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart,"

Similar presentations

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Gale Lightfoot, Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Machine-to-Machine.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Gale Lightfoot, Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Machine-to-Machine.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All TIA M2M Standards Update TR-50 Smart Device Communications Jeffrey O. Smith, Ph.D. Chief Technical.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All TIA M2M Standards Update TR-50 Smart Device Communications Jeffrey O. Smith, Ph.D. Chief Technical.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GTSC-9 Summary Glenn Parsons, GTSC-9 Chair, ISACC Document No: GSC16-CL-04 Source: GTSC-9 Contact:

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GTSC-9 Summary Glenn Parsons, GTSC-9 Chair, ISACC Document No: GSC16-CL-04 Source: GTSC-9 Contact:
Jeju, 13 – 16 May 2013Standards for Shared ICT GTSC-10 Summary Kishik Park, Ph.D. GTSC-10 Chair, TTA Document No: GSC17-CL-04r1 Source: GTSC-10 Contact:

Jeju, 13 – 16 May 2013Standards for Shared ICT GTSC-10 Summary Kishik Park, Ph.D. GTSC-10 Chair, TTA Document No: GSC17-CL-04r1 Source: GTSC-10 Contact:
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Recent Standardization Activities on Cloud Computing Kishik Park, Kangchan Lee, Seungyun Lee TTA.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Recent Standardization Activities on Cloud Computing Kishik Park, Kangchan Lee, Seungyun Lee TTA.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All The Internet of Things (IoT) aka Machine 2 Machine (M2M) Bilel Jamoussi Chief, Study Groups Department.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All The Internet of Things (IoT) aka Machine 2 Machine (M2M) Bilel Jamoussi Chief, Study Groups Department.
ICT Accessibility For AllHalifax, 31 Oct – 3 Nov 2011 IPTV in TTC Makoto Yamamoto Suguru Higashino IPTV Working Group of TTC Document No:GSC16-PLEN-21r1.

ICT Accessibility For AllHalifax, 31 Oct – 3 Nov 2011 IPTV in TTC Makoto Yamamoto Suguru Higashino IPTV Working Group of TTC Document No:GSC16-PLEN-21r1.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ETSI Standardization Activities on M2M communications Joachim Koss, ETSI Board Member Document No:

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ETSI Standardization Activities on M2M communications Joachim Koss, ETSI Board Member Document No:
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Security and Lawful Intercept Jane Brownley Chair, TIA TR-45 Document No: GSC16-PLEN-39r1 Source:

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Security and Lawful Intercept Jane Brownley Chair, TIA TR-45 Document No: GSC16-PLEN-39r1 Source:
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Continuing Cooperation on IMT Standardization Mark Epstein Senior Vice President Qualcomm Document.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Continuing Cooperation on IMT Standardization Mark Epstein Senior Vice President Qualcomm Document.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Recent Progress of CCSA’s Standardization Activities Hequan WU, Chairman of the Council CCSA Document.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Recent Progress of CCSA’s Standardization Activities Hequan WU, Chairman of the Council CCSA Document.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ITU-T Identity Management Update Bilel Jamoussi, Chief, SGD/TSB ITU Abbie Barbir, Q10/17 Rapporteur.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ITU-T Identity Management Update Bilel Jamoussi, Chief, SGD/TSB ITU Abbie Barbir, Q10/17 Rapporteur.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Gale Lightfoot, Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS and the Smart Grid.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Gale Lightfoot, Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS and the Smart Grid.
Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.

Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Consolidated M2M standards boost the industry Li Li (Thomas) CCSA(Huawei) Document No: GSC16-PLEN-73.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Consolidated M2M standards boost the industry Li Li (Thomas) CCSA(Huawei) Document No: GSC16-PLEN-73.
Jeju, 13 – 16 May 2013Standards for Shared ICT HIS – Smart Grid Karen Bartleson, President, IEEE Standards Association Document No: GSC17-PLEN-72 Source:

Jeju, 13 – 16 May 2013Standards for Shared ICT HIS – Smart Grid Karen Bartleson, President, IEEE Standards Association Document No: GSC17-PLEN-72 Source:
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All IEEE-SA Smart Grid Steve Mills, President, IEEE Standards Association Document No: GSC16-PLEN-47.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All IEEE-SA Smart Grid Steve Mills, President, IEEE Standards Association Document No: GSC16-PLEN-47.
Overview of ITU-T Study Group 5 “Environment and Climate Change” Cristina Bueti, Adviser, ITU.

Overview of ITU-T Study Group 5 “Environment and Climate Change” Cristina Bueti, Adviser, ITU.
Fostering worldwide interoperabilityGeneva, 13-16 July 2009 TIA PSO Report to GSC-14 TIA: “Advancing Global Communications” Telecommunications Industry.

Fostering worldwide interoperabilityGeneva, July 2009 TIA PSO Report to GSC-14 TIA: “Advancing Global Communications” Telecommunications Industry.

Similar presentations

Ads by Google