crisp - overview and results
TRANSCRIPT
CRISP final conference 6th CoU Meeting, 16 March 2017
CRISP Final Conference: 16 March 2017
Plenary session09.00 – 12.30 Agenda Speakers
09.00 Opening of plenary session and welcome Philippe Quevaulviller, DG HOME (organiser CoU meeting)
09.15 The CRISP project and resultsRonald Boon, coordinator CRISPYing Ying Lau, project manager CRISPNetherlands Standardisation Institute
10.15 Data protection and privacy perspective Paul de Hert, CRISP partnerVrije Universiteit Brussel, Law and Criminology Department
10.35 Coffee
11.00 Industry perspective Glen Dale, CRISP Advisory Board MemberEuralarm
11.20 Policy & Standardization perspective Aikaterini Poustourli, CRISP Advisory Board Member**EC DG HOME.B4, since February 2017
11.40 Panel discussion about the CRISP approach
Moderator: Ronald BoonPanel: Aikaterini Poustourli, Glen Dale and CRISP partners Jelena Burnik (IPRS), Roger von Laufenberg (VICESSE), Leon Hempel (TUB), Ying Ying Lau (NEN)
12.15 Concluding Remarks and closing of plenary session Ronald Boon
12.30 Lunch
CRISP final conference 6th CoU Meeting, Brussels, 16 March 2017
The CRISP project and resultsRonald Boon, CRISP coordinator
Ying Ying Lau, CRISP project managerNetherlands Standardisation Institute (NEN)
CRISP final conference 6th CoU Meeting, Brussels, 16 March 2017
Introduction to the CRISP projectRonald Boon
CRISP coordinatorNetherlands Standardisation Institute (NEN)
CRISP final conference 6th CoU Meeting, 16 March 2017
Introduction CRISP
Content of the presentation1. Starting point2. Development project context3. Project outline4. Lessons learned5. Main results
Security certification needs more more then tecnical requirementsNext step: testing the CRISP criteria
CRISP final conference 6th CoU Meeting, 16 March 2017
Starting point Certification of security systems in EU
The EU security market:• Highly fragmented• Absence of common certification
systems• Limited mechanism for mutual
recognition of national certification• Slow introduction to new marked
needs and solutions
CRISP final conference 6th CoU Meeting, 16 March 2017
Starting point Certification of security systems in EU
Security systems often involve intensive data processing• potential breach of citizens freedoms.
Absence of holistic approach to certification• socio-legal requirements that show respect
for fundamental rights.
CRISP final conference 6th CoU Meeting, 16 March 2017
European Agenda on Security http://europa.eu/!cW86Yv
CRISP final conference 6th CoU Meeting, 16 March 2017
ECORYS European Security Market – June 2015
Source: Ecorys SSS and BIGS SSS
CRISP final conference 6th CoU Meeting, 16 March 2017
Netherlands: criminality decreasing
Victims traditional criminality (2005 = 100)
CRISP final conference 6th CoU Meeting, 16 March 2017
CRISP Mission
The CRISP project mission is to develop an innovative evaluation and certification methodology for security systems: increase citizen trust in security technologies
• through evaluating social impacts of security systems • certification of systems that comply with the protection of
fundamental rights. more harmonized playing field for the European
security industry, • acceptance of security certification across Europe
– no need for re-certification in each country.
CRISP final conference 6th CoU Meeting, 16 March 2017
The CRISP project – quick facts
CRISP = Evaluation and Certification Schemes for Security Products
3 year project: April 2014 - March 2017Seven partners from seven European countries
CRISP final conference 6th CoU Meeting, 16 March 2017
Embedding socio – legal requirements
Approach Innovative Holistic
STEFi dimensions Security Trust Efficiency Freedom infringement
CRISP final conference 6th CoU Meeting, 16 March 2017
Process
Building blocks for certification
scheme
Developing STEFi methodology
Understanding stakeholders
needs
Researching current landscape
Glossary and taxonomy
Stakeholder consultations
CRISP Advisory Board
Confidence enhancement
DPA workshop
Roundtable certification bodies
Validation and Scenario-based
workshops
CRISP final conference 6th CoU Meeting, 16 March 2017
Lessons learned
Ambitious project; need to narrow the scope Security systems First focus on video-surveillance systems
Certification in the field of security will need broad support and incentive(s) Challenge to involve European security market
Small consortium, intens collaboration Stakeholder consultations essential
The proof of the pudding is in the eating
Project resultsYing Ying Lau
CRISP project managerNetherlands Standardisation Institute (NEN)
CRISP final conference 6th CoU Meeting, Brussels, 16 March 2017
CRISP final conference 6th CoU Meeting, 16 March 2017
All public project results D1.1 Glossary of security products and
systems D1.2 Taxonomy of security products,
systems and services D2.1 Report on security standards and
certification in Europe – A historical/evolutionary perspective
D2.2 Consolidated Report on security standards, certification and accreditation – best practices and lessons learnt
D3.1 Stakeholder Analysis Report D4.1 Legal Analysis of existing schemes D4.2 Ethical expert report on freedom
infringement evaluation D4.3 S-T-E-F-I based SWOT analysis of
existing schemes D5.1 Validated CRISP Methodology
D5.2 Report on the scenario based workshop and the refinement of the CRISP methodology
D6.1 Final roadmap and implementation plan
D6.2 Final certification manual D7.1 Consolidated report on enhancing
confidence and acceptability of new certification measures
D7.2 CEN Workshop Agreement D7.3 Interim exploitation plan D7.4 Final, consolidated exploitation plan D8.1 Project website D8.2 Dissemination plan D8.3 Briefing paper on the proposed
certification scheme and roadmap D9.3 Ethical approval documents D9.4 Report on the ethical aspects of the
project
CRISP final conference 6th CoU Meeting, 16 March 2017
Key project results
From research…
Glossary and taxonomy of security products and systems
Reports on security standards and certification in Europe and third countries
Legal and SWOT analyses of existing certification schemes
Security certification stakeholder analysis
CRISP final conference 6th CoU Meeting, 16 March 2017
Key project results
… to development
Methodology Standards document: CEN Workshop Agreement Certification manual Roadmap and implementation plan Confidence enhancement
Building blocks for certification scheme
CRISP final conference 6th CoU Meeting, 16 March 2017
The methodology
STEFi dimensions as basis
Evaluation using STEFi criteria Multi-dimensional
approach Multi-stakeholder
approach
CRISP final conference 6th CoU Meeting, 16 March 2017
The methodology
Two main phases: evaluation and certification
CRISP final conference 6th CoU Meeting, 16 March 2017
Standards document: CWA
What is a CEN Workshop Agreement? Official standards document Agreement developed and approved in a CEN
Workshop Open to the direct participation of all interested parties Fast and flexible development (average 1 year)
CRISP final conference 6th CoU Meeting, 16 March 2017
Standards document: CWA
Scope of CWAExample in Annex: video surveillance systems
CRISP final conference 6th CoU Meeting, 16 March 2017
Standards document: CWA
Challenge: to come to unambiguous procedures for a multi-
dimensional evaluation that acknowledges the complexity of the societal context in which security systems operate.
CWA allowed for: ‘Extension’ of consortium by direct participation of
stakeholders Further development evaluation and consensus building Further development of annex with example of evaluation
questions and requirementsExpected publication: end of March 2017
CRISP final conference 6th CoU Meeting, 16 March 2017
Certification manual
Provides basic information for the future owner of the CRISP certification scheme pictures the overall evaluation and certification
methodology clarifications on roles and responsibilities of all parties
involved information on (basic) requirements for evaluation and
certification, including existing standards and legislation
CRISP final conference 6th CoU Meeting, 16 March 2017
Certification manual
Scope of the scheme The scheme will provide rules and requirements for
the evaluation and certification of installed video-surveillance security systems based on the STEFi dimensions
For systems in development, evaluation according to the scheme can be applied
Certification of these systems will only be possible after installation
CRISP final conference 6th CoU Meeting, 16 March 2017
Certification manual
Parties involved in the methodology Client: any organisation applying for certification Certification body: offers certification according to
the methodology; in charge of overall process Evaluation body: contracted by certification body to
conduct an evaluation of the security system• Project leader: managing the overall evaluation process• Experts: independent; knowlegde of system and at least one
of the STEFi dimensions
CRISP final conference 6th CoU Meeting, 16 March 2017
Certification manual
Crucial factors for future CRISP scheme Quality of the scheme – simplicity, openess,
transparancy and accreditation EU wide acceptance, backed by regulatory demands Support, acceptance and promotion from key
stakeholder groups Appropriate management Impartiality
CRISP final conference 6th CoU Meeting, 16 March 2017
Roadmap and implementation plan
Key steps of the CRISP timeline Completion of pilot scheme for video surveillance
systems (2018) Pilot phase (2019 – 2026) Development of other standards (2019 – 2023) Development of extended scheme (2019 – 2024) Accreditation of scheme (2024 – 2028) Certification based on extended scheme (2026 – 2028)
CRISP final conference 6th CoU Meeting, 16 March 2017
Future certification scheme
Fills the gap of certification including socio-legal requirements (STEFi).
CRISP methodology, CWA and other building blocks provides a good basis for further development of the certification scheme.
Pilot phase: security systems narrowed down to video-surveillance
Once piloted and fully implemented, it can be extended to cover a broader range of security systems.
CRISP final conference 6th CoU Meeting, 16 March 2017
The CRISP results
3 years of research: (almost) 21 public deliverables
Expected publication of CWA: end of March 2017
Project results available: www.crispproject.eu