security of cyber-physical systems and cross-sdo collaboration 2 addressing security challenges on a...
TRANSCRIPT
Security of Cyber-Physical Systems and Cross-SDO Collaboration
2Addressing security challenges on a global scale Geneva, 6-7 December 2010
ISO/IEC/ITU-T Strategic Advisory Group on Security
• Outgrowth of ISO Advisory Group on Security (2004)
• Expanded to ISO+IEC+ITU-T in 2005• First meeting: April 2005• Initiative of the World Standards
Collaboration
Terms of Reference• To oversee standardization activities
in ISO, IEC and ITU-T relevant to the field of security
• To provide advice and guidance to the ISO Technical Management Board, the IEC Standardization Management Board and the ITU-T Telecommunication Standardization Advisory Group (TSAG) relative to the co-ordination of work relevant to security, and in particular to identify areas where new standardization initiatives may be warranted.
• To monitor the implementation of the recommendations of the Advisory Group on Security
3Addressing security challenges on a global scale Geneva, 6-7 December 2010
Standardization Areas with Security Aspects
• Electric grid• Buildings and structures• Ships and marine technology• Aircraft and space vehicles• Fire protection and fire safety• Alarm systems• Food products• Financial services• Nuclear energy• Personal safety – protective
clothing and equipment• Design of structures• Societal security
• Freight Containers• Air Quality• Intelligent transportation
systems• Environmental management• Health informatics• Drinking water supply and
water quality• Cards and personal
identification• ICT security• Biometrics• Automatic identification and
data capture
5Addressing security challenges on a global scale Geneva, 6-7 December 2010
Not a complete list - and ICT Underpins Everything!
Security Must be “Baked In”
6Addressing security challenges on a global scale Geneva, 6-7 December 2010
Cyber-Physical Systems
7Addressing security challenges on a global scale Geneva, 6-7 December 2010
ICT SystemsICT SystemsPhysical SystemsPhysical Systems
ICT is an embedded infrastructure within a larger system. Security requires sound overall system architecture and an integrated
approach encompassing both ICT and physical system security
New Types of Cyber-Physical Threats
9Addressing security challenges on a global scale Geneva, 6-7 December 2010
Observations
• Overall system security requires sound overall architecture
• Interactions between ICT and physical systems must be considered
• Security requires co-development of standards for both the physical application and embedded ICT infrastructures
• Standards are typically done by different communities
• New forms of collaboration within and among SDOs is needed
10Addressing security challenges on a global scale Geneva, 6-7 December 2010