140 likes | 315 Views
PASC XXVIII. Special session on what PASC can do to contribute to the WSC (World Standards Cooperation) of ISO, IEC and ITU 22 June, 2005. Presented by Dr. George W. Arnold Chairman of the Board of Directors American National Standards Institute. Security: More than Preventing Terrorism.
E N D
PASC XXVIII Special session on what PASC can do tocontribute to the WSC (World Standards Cooperation) of ISO, IEC and ITU 22 June, 2005 Presented by Dr. George W. Arnold Chairman of the Board of Directors American National Standards Institute
Security: More than Preventing Terrorism Earthquakes 13,000 fatalities / year Transportation disasters 7,800 “ Epidemics 6,500 “ Floods 5,000 “ Industrial disasters 2,900 “ Terrorism 2,500 “ Catastrophic storms 1,300 “ Internet attacks 140,000 incidents/year Sources: WHO, CERT
ISO Advisory Group on Security (AGS) • ISO launched AGS in February 2004 to examine area of international security standards • IEC and ITU were consulted and involved, but focus of this effort was on ISO deliverables in this area • Examination of existing ISO deliverables related to the field of security, an assessment of the needs of relevant stakeholders for international security standards, and recommendations regarding any gaps that are identified • Meetings in New York City (June) and Geneva (September), with teleconference and e-mail collaboration in between • Final report submitted to ISO TMB in December 2004
Members AU – Bala Balakrishnan CA – Alice Sturgeon Husam Mansour DE – Hans-Peter Grode FR – Jean-Marie Decore IL – Avi Ginzburg JP – Ichiro Nakajima NL – Herman Schipper UK – Ted Humphries US – Kathleen Higgins Chair George Arnold, US ISO CS Secretariat Mike Smith Keith Brannon Liaisons IEC – Tim Rotti ITU – Herb Bertine CEN – Alois Sieber Advisory Group Membership
Questions • What standards are needed? • Which already exist? • Are they up-to-date? • What are the gaps? • Where should ISO contribute to address these gaps?
Ships and marine technology Aircraft and space vehicles Fire protection and fire safety Food products Financial services Nuclear energy Personal safety – protective clothing and equipment Design of structures Freight containers Air Quality Intelligent transportation systems Environmental management Health informatics Drinking water supply and water quality Cards and personal identification IT security Biometrics Automatic identification and data capture ISO Technical Committees Related to Security
Observations • 35 of 205 ISO TCs have work related to security • Some very key activities – biometrics, detecting illicit movement of radioactive material, maritime port security, information security, … • No work on some topics – emergency preparedness, security of petroleum facilities (there are reasons for this), chemical plants • Outdated standards in some areas (e.g. buildings) • Opportunities for new standards (e.g. detecting contamination of water, food, air supply) • Currently, bottom-up process
Recommendations (1) • ISO Strategic Advisory Group on Security • ISO/IEC Guidelines for Technical Committees • Web Portal • Security Management Framework Standard • Emergency Preparedness Standard • Reactivate TC 223 on Civil Defense
Recommendations (2) • Updated and/or New Standards Needs • Built Infrastructure • Protection for First Responders • Equipment for First Responders • Healthcare – Infection Control • Resources – Security Aspects of Air, Food, Water Supply • Cybersecurity • Personal Identification
Recommendations (3) • Transportation • Ships, marine ports, intermodal supply chain – active work program underway, coordinated by TC 8, but needs to be extended to include land transport • Air, rail, and road transport • Current work addresses identity cards, biometrics, freight container seals, RFID and IT security • Potential to address additional requirements requires consultation with intergovernmental organizations (e.g. ICAO, UIC, UN/ECE)
Opportunities for PASC • As PASC members are on many ISO technical committees impacted by this report, looking to you for support and also suggestions for successful implementation of the recommendations • PASC could pass resolution encouraging participation on the ISO SAG to be open to all ISO national bodies and IEC national committees • Participate on the joint ISO/IEC group to prepare a Guide on the inclusion of security aspects in International Standards
Opportunities for PASC (cont.) • Upon its publication, review and provide feedback on PAS 28000 (currently being developed by ISO/TC 8) as a security management system framework standard • Provide input to ISO/CS concerning the establishment of web portal on the subject of security • Participate through ISO P-memberships on ISO/TC 223 – Civil defence • Upon its formation, participate in the workshop that will prepare an IWA on the subject of emergency preparedness
Conclusion • Evident that ISO and WSC has a large role to play in international security standardization • All recommendations were accepted by ISO TMB at February 2005 meeting • Initial implementation steps set in motion • Permanent Strategic Advisory Group on Security to be formed following June TMB meeting • Number of opportunities for PASC member involvement and input • For further information: • George W. Arnold, garnold@lucent.com, +1.732.949.1029