methods and tools for gdpr compliance through privacy and ... · 20547-4 big data security and...
TRANSCRIPT
Methods and Tools for GDPR Compliance through
Privacy and Data
Protection 4 Engineering
Assurance for complex ecosystems Antonio Kung (Trialog)
Data, ICT services, AI, …: Standardisation and Certification as the new law of everything?
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 787034
17/09/2019 Slide 1 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything?
Speaker
ICT research projects KUL COSIC: Teaha, GST, Sevecom, Preciosa KUL Citip: Paris, Pripare, PDP4E (coordinator)
Other projects Create-IoT (large scale pilots support action) Interconnect (Large Scale Pilot on smart grids,
building, homes) CTI (System X framework on ITS cybersecurity)
Standardisation and certification ISO/IEC JTC1 AG8 Meta reference architecture ISO/IEC SC41 IoT
21823-3 Semantic interoperability 30141 IoT reference architecture
ISO TC22/SC32/WG11 21434 Road vehicles cybersecurity
enginering ISO/IEC JTC1/SC27 (as leader)
27550 privacy engineering 27570 privacy guidelines for smart cities 27030 security and privacy guidelines for IoT 27556 privacy preference management Study period: privacy engineering models Study period: impact of AI on privacy
ISO/IEC JTC1/SC27 (as contributor) 20547-4 big data security and privacy 20745 big data security and privacy
processes NWIP IoT domotics security and privacy Study period evaluation of connected
vehicles based on 15408
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? Slide 2
IPEN member (ipen.trialog.com)
Data, ICT services, AI, …: Standardisation and Certification as the new law of everything?
17/09/2019 3
Model driven design
Requirements engineering
Assurance and
certification
Risk management
Smart grid use case
Connected vehicle use
case
Knowledge base
Meta models
PDP4E in a Nutshell
17/09/2019 Slide 4 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything?
Landscape: System and software assurance (ISO/IEC 15026)
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? 5
Objective • System meets specifications
Integrity level
• Representation of degree of confidence : agreement
among stakeholders of a system about risks related to that
system.
• Emphasis on evidence and quality of arguments
Landscape: Conformity assessment (ISO 17000)
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? 6
Selection
Planning and preparing activities to collect or produce input for determination
Determination
information on fulfilment of specified requirements: sampling, testing, inspection, audit, peer assessment.
Review and attestation
declaration, certification, accreditation. Legend
Selection
Determination
Review and attestation
Information on selected items
Information on fulfillment of specified requirements
Fulfillment of specified requirements demonstrated
Surveillance needed?
Need to demonstrate fulfilment of specified requirements
Yes
No function
output of function Express demands Link function
and output
Landscape: Common Criteria (ISO/IEC 15408)
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? Slide 7
Security assurance
Sufficiency
if controls do what they claim to do, then threats to assets are countered
Risk analysis leading to organisational and technical measures
Correctness Controls do what they claim to do
Evaluation assurance level on technical measures
Security Functional
Requirements
Security Assurance
Requirements
15408 Evaluation
criteria
Describes
Evaluation Assurance Level (EAL)
Target of Evaluation
on to reach
Composed product
certification
Landscape: Common Criteria (ISO/IEC 15408)
Current extension: composition of « small » systems Example: OS + Driver
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? Slide 8
Product 1 certification
Product 2 certification
Conformity assessment vs Common criteria evaluation
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? Slide 9
Selection
Determination
sampling
testing
inspection
audit
peer assessment. Evaluation
Review and attestation
Review
Attestation
declaration,
certification,
accreditation.
Landscape: Complex systems and Systems of Systems (ISO/IEC/IEEE 21839, 21840, 21841)
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? 10
Structure of
SoS
• System of interest (SoI)
• Independent operation
and management
Characteristics
of SoS
• Geographical
distribution
• Emergent behaviour
• Evolutionary
development
processes.
Landscape: Complex systems and Systems of Systems (ISO/IEC/IEEE 21839, 21840, 21841)
Emergent behaviour
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? 11
Landscape: Complex systems and Systems of Systems (ISO/IEC/IEEE 21839, 21840, 21841)
Emergent risks
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? 12
system V Risks
system W Risk
SoS V+W Risks!!!
Landscape: Complex systems and Systems of Systems (ISO/IEC/IEEE 21839, 21840, 21841)
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? 13
Governance
Directed SoS Strongest governance. One SoS has authority over the
others. Strong managerial and operational alignment
Acknowledged SoS Agreement to collaborate under an agreed
management structure
Collaborative SoS Agreement on purpose with no agreed management
Virtual SoS No centralized management, no purpose agreement
Assurance issues for SoS
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? 14
Assurance challenges Impact on assurance
Properties of SoS
Managerial and operation independence SoS emerging capability SoS evolutionary context
Assurance of ecosystem collaborative
capability agreement processes multiple views organisational measures
correctness (not covered in 15408)
Framework for protection profile
Diversity of SoS assurance viewpoints
Perimeter (ecosystem, system of interest, subsystem) representations (Capability, Functionality, Behaviour,
Structure, Service,…) tatic and/or dynamic aspects of SoS
Domain specific needs (e.g. OEM-centric architecture in
automotive domain)
Automotive cybersecurity engineering (ISO/SAE 21434)
Context Vehicle type approval on cybersecurity
based on UN regulation Cybersecurity engineering practice
(ISO/SAE 21434) integrated into automotive engineering practice
ISO/SAE 21434 Copes with the cybersecurity
engineering of an item system or combination of systems to
implement a function at the vehicle level to which cybersecurity activities are applied
Consists of cybersecurity activities
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? 15
ISO/SAE 21434 focus on risk assessment
ISO/SAE 21434 has a focus on risk assessment for complex automotive systems Takes a architecture driven approach
Attack feasibility attribute
Concept of attack path
Concept of attack feasibility rating
17/09/2019
ISO/SAE 21434 Risk assessment cybersecurity activity
Asset identification
Threat scenario identification
Impact rating
Vulnerability analysis Attack path analysis Attack feasibility rating
RIsk determination
RIsk treatment decision
16 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything?
ISO/SAE 21434 viewpoint on assurance: Sufficiency of risk analysis and rigor of cybercurity engineering
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? 17
Sufficiency of
risk analysis
Risk analysis undertaken with a
commonly agreed degree of
sufficiency in the supply chain
Rigor of
cybersecurity
engineering
if cybersecurity engineering
activities do what they claim to do,
then the item has been
engineered with the appropriate
level of rigor
to reach
Assurance
requirements
Commonly agreed
risk analysis
sufficiency (TAF)
Cybersecurity
Engineering
Assurance
Level (CAL)
ISO/SAE 21434
Road vehicles
Cybersecurity
engineering
Requirements
Describes
Item
Cybersecurity
activities
on
Architecture driven
risk analysis
includes
Bridging 21434 with 15408
An ISO/SAE 21434 item can include ToEs evaluated according to ISO 15408
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? 18
Examples of ToEs: digital tachograph, mobile C-ITS station,
an HSM in an ECU…
Example: Cooperative Awareness Message (CAM) for safety
17/09/2019 19
Road side unit
Sending vehicle
Receiving vehicle
Broadcast message (CAM – Cooperative Awareness Message)
Position of vehicle
Movement of vehicle (speed, acceleration, steering angle, …) Static information about the vehicle: type and size
Recent Path (limited to the last 30 seconds at maximum)
Data, ICT services, AI, …: Standardisation and Certification as the new law of everything?
Privacy-by-design: Pseudonyms (see https://www.sevecom.eu/ 2006-2008)
17/09/2019 20
Pseudonymization authority
Road side unit
Sending vehicle
Receiving vehicle
Data, ICT services, AI, …: Standardisation and Certification as the new law of everything?
Ecosystem
17/09/2019 21
Application operator Road side unit (Safety, Traffic)
Pseudonym operator (PKI)
CAM operator Vehicle
CAM operator Road side unit
Application operator On board safety
Data, ICT services, AI, …: Standardisation and Certification as the new law of everything?
Application operator Road side unit (Safety, Traffic)
Pseudonym operator (PKI)
CAM operator Vehicle
CAM operator Road side unit
Application operator On board safety
Ecosystem Risks
17/09/2019 22
Linking data
(using AI) Linking pseudonyms
(using AI)
Identify driving behaviour Identify driving offence
Data, ICT services, AI, …: Standardisation and Certification as the new law of everything?
Resulting maze of DPIAs
17/09/2019 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything? Slide 23
Application operator C
Application operator
PKI operator
CAM operator
Application operator B
Application operator A
PKI operator Y
PKI operator X
C-ITS Ecosystem specification phase C-ITS Ecosystem deployment phase
One DPIA
CAM operator 1
CAM operator 2
CAM operator 3
CAM operator 4
Methods and Tools for GDPR Compliance through
Privacy and Data
Protection 4 Engineering
Thank you for your attention
Questions?
For more information, visit: www.pdp4e-project.org
Contact points Antonio Kung (Trialog)
[email protected] Yod Samuel Martín (UPM)
17/09/2019 Slide 24 Data, ICT services, AI, …: Standardisation and Certification as
the new law of everything?