90 likes | 348 Views
Security SIG in MTS 05 th November 2013 Agenda & Status. Fraunhofer FOKUS. Agenda SIG #9. Meeting: November 5 th , 11:00 – 14:00 Participants : Jürgen Großmann , Ari Takanen, Emmanuelle . Chaulot-Talmon , Ian Bryant, Jorge Cuellar, Milan Zoric
E N D
Security SIG in MTS05thNovember 2013Agenda & Status Fraunhofer FOKUS
Agenda SIG#9 • Meeting: November 5th, 11:00 – 14:00 • Participants: Jürgen Großmann, Ari Takanen, Emmanuelle. Chaulot-Talmon, Ian Bryant, Jorge Cuellar, Milan Zoric • Review/discussion APs and WI status • ISO Liaison • Security Testing Terminology and Concepts • Case Study Experiences • Design Guide • Security Testing Methodologies • Schedule
Schedule & APs • Next versionofDTS/MTS-101583 SecTest_Terms to be delivered for January MTS • AP (JGR, IBR, JCU): WI authors should provide major terms from their documents (until mid of October) • Next version of DTS/MTS-101582 SecTest_Cases to be provided for RC in October • AP (JGR): Minor editorial issues -> check with EMM • AP (JGR,JCU) provide list of terms from the case studies (until mid of October) • AP (JGR,EMM) after 1 is finished • Work plan and initial version of • WI: Verification and Validation Life Cycle part (Sections 1-5 and Annexes A, B from original document), • AP (IBR): Work plan and terms • WI: Security Testing Methodologies (Section 6 with methodologies for risk based security testing based on standards like ISO 31000 and IEEE 829/29119), Resp: JGR • AP (JGR): Work plan and terms • Next MTS Security SIG November 5th
ETSI/ISO Liaison • ETSI ISI&MTS liaisons has been (hopefully) confirmed by the SC27 plenary meeting on last month • Participation at 9th ETSI Security Workshop with a session “ISO-ETSI Collaboration” (probably a short one, around 10 minutes given the number of participants to that session) • Juergen will be the speaker for MTS security, within the ETSI/ISO SC27 collaboration session. • ETSI/ISO SC27 coordination meeting, 18:00-19:30 at ETSI premises, in which Juergen is therefore definitely invited to participate (12-15 people at that meeting) Security SIG in MTS, 4-5 October 2011
Security Testing Terminology • DTS/MTS-101583 SecTest_Terms in v0.4 • Comments are available from Milan Zoric • Comments are available from Conformiq • Main remaining issues • MTS has to decide whether document shall be TS/TR (CTI proposes TR) • Alignment with other SIG WI -> AP: WI authors should provide major terms from their documents (until mid of October) • Imbalance between sections need to be resolved • References to ETSI performance testing documents necessary even if they do not tackle with security?
Cases Study Experiences • DTS/MTS-101582 SecTest_casesin v0.3 • Stable draft with 6 cases studies • Main remaining issues • AP (JGR): Minor editorial issues -> check with EMM • AP (JGR,JCU) provide list of terms from the case studies (until mid of October) • AP (JGR,EMM) after 1 is finished Security SIG in MTS, 4-5 October 2011
Verification and Validation Life Cycle • Document status (Resp: IBR) • WI: Verification and Validation Life Cycle part (Sections 1-5 and Annexes A, B from original document), • Work plan for WI has been provided by Ian • Draft with lots of notes, needs to be compiled in a draft document but only sparse progress • Open Issues • AP (IBR) establish work plan and initial contribution until next Security SIG meeting • AP (IBR) provide list of terms from the case studies (until mid of October) Security SIG in MTS, 4-5 October 2011
Risk-based Security Testing Methodologies I • Document status (Resp: JGR) • WI: Security Testing Methodologies (Section 6 with methodologies for risk based security testing based on standards like ISO 31000 and IEEE 829/29119), • Draft work plan for WI • Draft document with input from RASEN/DIAMONDS • Resolution • AP (JGR) establish work plan and initial contribution until next Security SIG meeting • AP (JGR) provide list of terms from the case studies (until mid of October) Security SIG in MTS, 4-5 October 2011
Risk-based Security Testing Methodologies II Security SIG in MTS, 4-5 October 2011