ETSI completed its first remote Mission Critical Plugtests event

Sophia Antipolis, 11 February 2019

ETSI has just ended its third MCX Plugtests, which is the first remote Plugtests^TM within the MCX Plugtests programme, from 3 Dec 2018 until 31 Jan 2019.  

Read More...

ETSI new upcoming mission critical Plugtests event

Sophia Antipolis, 18 September 2019

ETSI, in partnership with ERILLISVERKOT (State Security Networks Group Finland) and the support of TCCA and the European Commission, organizes the fourth MCX Plugtests event which will take place from 23 to 27 September 2019 at the Savonia University of Applied Sciences, KUOPIO, FINLAND. 

Read More...

Mission Critical Implementations tested during the fourth ETSI MCX Plugtests

Sophia Antipolis, 30 September 2019

The 4^th ETSI MCX Plugtests^TM have concluded with a success rate of 95% of the executed tests in the validation of 3GPP mission critical services vendor interoperability.

Read More...

ETSI releases a Technical Report on Global Acceptance of EU Trust Services

Sophia Antipolis, 16 January 2020

The ETSI Technical Committee on Electronic Signatures and Infrastructures (TC ESI) is pleased to release the ETSI TR 103684 technical report. This report addresses existing trust service infrastructures that operate in different regions of the world and their possible mutual recognition/global acceptance. The report identifies ways to facilitate cross recognition between EU trust services and trust services from other schemes. The trust services are based on ETSI standards and support the eIDAS Regulation (EU) No 910/2014.

Read More...

ETSI releases a Technical Report on autonomic network management and control applying machine learning and other AI algorithms

Sophia Antipolis, 5 March 2020

The ETSI Technical Committee on Core Network and Interoperability Testing (TC INT) has just released a Technical Report, ETSI TR 103 626, providing a mapping of architectural components for autonomic networking, cognitive networking and self-management. This architecture will serve the self-managing Future Internet.

The ETSI TR 103 626 provides a mapping of architectural components developed in the European Commission (EC) WiSHFUL and ORCA Projects, using the ETSI Generic Autonomic Networking Architecture (GANA) model.

The objective is to illustrate how the ETSI GANA model specified in the ETSI specification TS 103 195-2 can be implemented when using the components developed in these two projects. The Report also shows how the WiSHFUL architecture augmented with virtualization and hardware acceleration techniques can implement the GANA model. This will guide implementers of autonomics components for autonomic networks in their optimization of their GANA implementations.

The TR addresses autonomic decision-making and associated control-loops in wireless network architectures and their associated management and control architectures. The mapping of the architecture also illustrates how to implement self-management functionality in the GANA model for wireless networks, taking into consideration another Report ETSI TR 103 495, where GANA cognitive algorithms for autonomics, such as machine learning and other AI algorithms, can be applied.

ETSI launches remote Plugtests^TM Programme for Mission Critical Services to accelerate adoption and interoperability

Sophia Antipolis, 28 April 2020

To accelerate Mission Critical Services (MCS) adoption and interoperability, a key enabler to MCS deployment, ETSI is running an innovative MCX Plugtests^TM Programme. Testing sessions will also benefit from the latest ETSI specification, ETSI TS 103 564, on Plugtests scenarios for Mission Critical Services.

Read More...

ETSI releases Technical Report on requirements for smart lifts for IoT

Sophia Antipolis, 4 June 2020

To facilitate upcoming standards, the ETSI SmartM2M technical committee has released ETSI TR 103 546, a Technical Report on smart lifts, collecting and developing the type and range of data which should be exchanged between lifts and their relevant management applications. This study paves the way for technical requirements to monitor the activities and the performance of such lifts and describe their interaction with IoT devices and applications.

Read More...

ETSI Mission Critical Plugtests to drive Future Railway Mobile Communication System

Sophia Antipolis, 10 September 2020

ETSI, with the support of the European Commission, EFTA, TCCA and UIC, is organizing its fifth MCX Plugtests^TM event. The remote-only event will take place from 21 September to 2 October 2020. Pre-testing started on 31 August to debug any connectivity issues before the main event.

Read More...

ETSI Mission Critical Plugtests event achieves a 95% interoperability success rate

Sophia Antipolis, 2 November 2020

ETSI is pleased to announce it has now released the Report of its fifth MCX Plugtests^TM remote event that took place from 21 September to 2 October 2020. Results of the testing sessions outline an interoperability rate of 95%, giving industry a reliable set of standards for successful implementations.

Highlights of this event included initial railway-oriented capabilities in 3GPP Release-15, such as functional aliases, multi-talker, helping Future Railway Mobile Communication System (FRMCS) move forward. 173 delegates from all over the world executed around 1350 test cases in 169 test sessions, interoperability results were reported in the ETSI Test reporting tool. Around fifty new test cases were developed for this event and will be added to ETSI TS 103 564.

Read More...

ETSI releases Technical Report on Citizen Requirements for Smart Cities

Sophia Antipolis, 9 November 2020

The ETSI Human Factors Technical Committee has released ETSI TR 103 455, a Technical Report that assesses the different citizen-related issues that smart city-related standardization in the ICT domain needs to address. These include fundamental aspects such as accessibility, usability, interoperability, personal data protection and security, and how services to citizens are to be designed to maximize benefits to the community. The study gives an overview of existing ETSI and other SDOs standards in that field, including ETSI community indicators. It aligns well with the UN Sustainable Development Goal 11 "Make cities inclusive, safe, resilient and sustainable".

Read More...

ETSI releases two Technical Reports to support US NIST standards for post-quantum cryptography

Sophia Antipolis, 6 October 2021

In 2016 the US National Institute of Standards and Technology (NIST) announced their intention to develop new standards for post-quantum cryptography. They subsequently initiated a competition-like standardization process with a call for proposals for quantum-safe digital signatures, public-key encryption schemes, and key encapsulation mechanisms. NIST have stated that they intend to select quantum-safe schemes for standardization at the end of the current, third round of evaluation.

Read More...

New ETSI White Paper and MEC Hackathon: another step to engage with app developers and verticals

Sophia Antipolis, 16 June 2022

The ETSI MEC (Multi-access Edge Computing) group is pleased to announce a new White Paper which aims to describe the deployment options related to MEC federation, especially from an architectural point of view. With a key focus on ETSI MEC implementations, it also aims to provide an open approach taking into account other standards and technologies, including those from 3GPP SA Working Group 6 and GSMA OPG. For this purpose, the White Paper first analyses the recent publications of GSMA OPG and recent updates in ETSI MEC and 3GPP specifications, then introduces the synergized architecture supported by both standards organizations, which indicates the background information for the deployment of MEC federation harmonized standards for edge computing.

Read More...

ETSI Secures Critical Infrastructures against Cyber Quantum Attacks with new TETRA Algorithms

Sophia Antipolis, 8 November 2022

With the world facing growing challenges including the war in Europe and a global energy crisis, it is essential that the mission- and business-critical communications networks used by the public safety, critical infrastructure and utilities sectors (including transportation, electricity, natural gas and water plants) are secured against third-party attacks, to protect communications and sensitive data. With more than 120 countries using dedicated TETRA (Terrestrial Trunked Radio) networks for these critical services, work has been undertaken to ensure the ETSI TETRA technology standard remains robust in the face of evolving threats.

Read More...

ETSI Mission Critical testing event reports a 96% success rate

Sophia Antipolis, 16 December 2022

The capabilities of Mission Critical Push-to-Talk (MCPTT), Mission Critical Data (MCData) and Mission Critical Video (MCVideo) – together abbreviated as MCX services – were tested during the seventh MCX Plugtests™ from 07 November to 11 November 2022 at the University of Malaga (UMA). The MCX ETSI Plugtests series is the first independent testing of public safety and other mission critical services over LTE and 5G networks.

Read More...

Sophia Antipolis, 23 May 2023

On 26 June 2023, ETSI will host the first panel of a series of Multi-access Edge Computing live panels. This panel will explore the drone business from a MEC perspective with a variety of speakers coming from this vertical market.

Read More...

Sophia Antipolis, 16 October 2023

The ETSI’s 8^th MCX (mission-critical) Plugtests event concluded last week at the University of Malaga. The event received support from the European Union (EU), the Critical Communications Association (TCCA), the European Free Trade Association (EFTA), EUTC (European Utilities Telecom Council) and the International Union of Railways (UIC).

Read More...

Sophia Antipolis, 17 October 2023

As the second term of the Industry Specification Group Securing AI (ISG SAI) is scheduled to conclude in Q4 2023, and in line with ETSI's commitment to AI and SAI, the group has suggested the closure of ISG SAI, with its activity transferred to  a new ETSI Technical Committee, TC SAI.

Read More...

Sophia Antipolis, 14 November 2023

ETSI is happy to announce that at a meeting in October of its technical committee in charge of the TETRA standard (TCCE), a full consensus was reached to make the primitives of all TETRA Air Interface cryptographic algorithms available to the public domain.

Read More...

Sophia Antipolis, 22 November 2023

The Report of the eight MCX Plugtests™ event that took place from 9 October to 13 October 2023 at University of Malaga (UMA) is now available. The Report shows a success rate of 95% interoperability of the 3GPP mission critical services executed tests.  

Read More...

Sophia Antipolis, 31 January 2024

The European Telecommunications Standards Institute (ETSI) has published a significant new technical report, "ETSI TR 103 936 V1.1.1 (2024-01): Cyber Security; Implementing Design Practices to Mitigate Consumer IoT-Enabled Coercive Control". This pioneering document addresses the increasingly important issue of safeguarding individuals from coercive control through the misuse of consumer Internet of Things (IoT) devices.

Coercive control encompasses a range of abusive acts such as security breaches, privacy invasions, harassment, physical assault, and other patterns of behaviour that can limit autonomy or cause emotional harm to potential targets.

Read More...

Sophia Antipolis, 15 April 2024

This year’s first ETSI Conference on Non-Terrestrial Networks has stressed the importance of technical standardization in delivering a fully connected planet via NTN, a key element of tomorrow’s global 6G networks.

Held from 3-4 April 2024 at ETSI’s Sophia Antipolis headquarters, the event was co-organized with the European Space Agency (ESA), the 6G Smart Networks and Services Industry Association (6G-IA) and the Smart Networks and Services Joint Undertaking (SNS JU).

Titled ‘Non-Terrestrial Networks, a Native Component of 6G’, the 2-day conference attracted over 200 participants from 25 countries, including experts in standardization and research as well as industrial representation from the mobile, satellite and wider space industries. Delegates shared perspectives on NTN use cases, candidate technology solutions, current research status and standardization roadmaps. Day one sessions focused on the opportunities and challenges of integrating terrestrial and non-terrestrial networks within tomorrow’s global communications landscape. The second day afforded a deep dive into numerous cutting-edge NTN and 6G research & development initiatives in Europe and around the world.

Read More...

Sophia Antipolis, 30 April 2024

The ETSI TeraFlowSDN community is proud to announce the third release of TeraFlowSDN, an innovative and robust SDN orchestrator and controller, delivering a fully featured Network Automation Platform. In this latest release, TeraFlowSDN enhances its capabilities with the integration of an Optical SDN controller, expanding device support to include gNMI and OpenConfig protocols. It also features enriched network integrations for end-to-end orchestration like IP over DWDM, L3VPN, MEC, and network topology exposure. The management of network topologies is improved with the addition of a new BGP-LS speaker able to discover the topologies, and a new Forecaster component is introduced, providing predictive insights for network management. These additions substantially augment the versatility and management capabilities of the TeraFlowSDN platform.

Read More...

Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.

Dive into six things that are top of mind for the week ending Nov. 1.

1 - Securing OT/ICS in critical infrastructure with zero trust

As their operational technology (OT) computing environments become more digitized, converged with IT systems and cloud-based, critical infrastructure organizations should beef up their cybersecurity by adopting zero trust principles.

That’s the key message of the Cloud Security Alliance’s “Zero Trust Guidance for Critical Infrastructure,” which focuses on applying zero trust methods to OT and industrial control system (ICS) systems.

While OT/ICS environments were historically air gapped, that’s rarely the case anymore. “Modern systems are often interconnected via embedded wireless access, cloud and other internet-connected services, and software-as-a-service (SaaS) applications,” reads the 64-page white paper, which was published this week.

The CSA hopes the document will help cybersecurity teams and OT/ICS operators enhance the way they communicate and collaborate.

Among the topics covered are:

• Critical infrastructure’s unique threat vectors
• The convergence of IT/OT with digital transformation
• Architecture and technology differences between OT and IT

The guide also outlines this five-step process for implementing zero trust in OT/ICS environments:

• Define the surface to be protected
• Map operational flows
• Build a zero trust architecture
• Draft a zero trust policy
• Monitor and maintain the environment

A zero trust strategy boosts the security of critical OT/ICS systems by helping teams “keep pace with rapid technological advancements and the evolving threat landscape,” Jennifer Minella, the paper’s lead author, said in a statement.

To get more details, read:

• The report’s announcement “New Paper from Cloud Security Alliance Examines Considerations and Application of Zero Trust Principles for Critical Infrastructure”
• The full report “Zero Trust Guidance for Critical Infrastructure”
• A complementary slide presentation

For more information about OT systems cybersecurity, check out these Tenable resources: 

• “What is operational technology (OT)?” (guide)
• “Discover, Measure, and Minimize the Risk Posed by Your Interconnected IT/OT/IoT Environments” (on-demand webinar)
• “How To Secure All of Your Assets - IT, OT and IoT - With an Exposure Management Platform” (blog)
• “Blackbox to blueprint: The security leader’s guidebook to managing OT and IT risk” (white paper)
• “Tenable Cloud Risk Report 2024” (white paper)

2 - Five Eyes publish cyber guidance for tech startups

Startup tech companies can be attractive targets for hackers, especially if they have weak cybersecurity and valuable intellectual property (IP).

To help startups prevent cyberattacks, the Five Eyes countries this week published cybersecurity guides tailored for these companies and their investors.

“This guidance is designed to help tech startups protect their innovation, reputation, and growth, while also helping tech investors fortify their portfolio companies against security risks," Mike Casey, U.S. National Counterintelligence and Security Center Director, said in a statement.

These are the top five cybersecurity recommendations from Australia, Canada, New Zealand, the U.S. and the U.K. for tech startups:

• Be aware of threat vectors, including malicious insiders, insecure IT and supply chain risk.
• Identify your most critical assets and conduct a risk assessment to pinpoint vulnerabilities.
• Build security into your products by managing intellectual assets and IP; monitoring who has access to sensitive information; and ensuring this information’s protection.
• Conduct due diligence when choosing partners and make sure they’re equipped to protect the data you share with them.
• Before you expand abroad, prepare and become informed about these new markets by, for example, understanding local laws in areas such as IP protection and data protection.

“Sophisticated nation-state adversaries, like China, are working hard to steal the intellectual property held by some of our countries’ most innovative and exciting startups,” Ken McCallum, Director General of the U.K.’s MI5, said in a statement.

To get more details, check out these Five Eyes’ cybersecurity resources for tech startups:

• The announcement “Five Eyes Launch Shared Security Advice Campaign for Tech Startups”
• The main guides: 
  • “Secure Innovation: Security Advice for Emerging Technology Companies”
  • “Secure Innovation: Security Advice for Emerging Technology Investors”
• These complementary documents:
  • “Secure Innovation: Scenarios and Mitigations”
  • “Secure Innovation: Travel Security Guidance”
  • “Secure Innovation: Due Diligence Guidance”
  • “Secure Innovation: Companies Summary”

3 - Survey: Unapproved AI use impacting data governance

Employees’ use of unauthorized AI tools is creating compliance issues in a majority of organizations. Specifically, it makes it harder to control data governance and compliance, according to almost 60% of organizations surveyed by market researcher Vanson Bourne.

“Amid all the investment and adoption enthusiasm, many organisations are struggling for control and visibility over its use,” reads the firm’s “AI Barometer: October 2024” publication. Vanson Bourne polls 100 IT and business executives each month about their AI investment plans.

To what extent do you think the unsanctioned use of AI tools is impacting your organisation's ability to maintain control over data governance and compliance?

^{(Source: Vanson Bourne’s “AI Barometer: October 2024”)}

Close to half of organizations surveyed (44%) believe that at least 10% of their employees are using unapproved AI tools.

On a related front, organizations are also grappling with the issue of software vendors that unilaterally and silently add AI features to their products, especially to their SaaS applications.

While surveyed organizations say they’re reaping advantages from their AI usage, “such benefits are dependent on IT teams having the tools to address the control and visibility challenges they face,” the publication reads.

For more information about the use of unapproved AI tools, an issue also known as “shadow AI,” check out:

• “Do You Think You Have No AI Exposures? Think Again” (Tenable)
• “Shadow AI poses new generation of threats to enterprise IT” (TechTarget)
• “10 ways to prevent shadow AI disaster” (CIO)
• “Never Trust User Inputs -- And AI Isn't an Exception: A Security-First Approach” (Tenable)
• “Shadow AI in the ‘dark corners’ of work is becoming a big problem for companies” (CNBC)

VIDEO

Shadow AI Risks in Your Company

4 - NCSC explains nuances of multi-factor authentication

Multi-factor authentication (MFA) comes in a variety of flavors, and understanding the differences is critical for choosing the right option for each use case in your organization.

To help cybersecurity teams better understand the different MFA types and their pluses and minuses, the U.K. National Cyber Security Centre (NCSC) has updated its MFA guidance.

“The new guidance explains the benefits that come with strong authentication, while also minimising the friction that some users associate with MFA,” reads an NCSC blog.

In other words, what type of MFA method to use depends on people’s roles, how they work, the devices they use, the applications or services they’re accessing and so on.

Topics covered include:

• Recommended types of MFA, such as FIDO2 credentials, app-based and hardware-based code generators and message-based methods
• The importance of using strong MFA to secure users’ access to sensitive data
• The role of trusted devices in boosting and simplifying MFA
• Bad practices that weaken MFA’s effectiveness, such as:
  • Retaining weaker, password-only authentication protocols for legacy services
  • Excluding certain accounts from MFA requirements because their users, usually high-ranking officials, find MFA inconvenient

To get more details, read:

• The NCSC blog “Not all types of MFA are created equal”
• The NCSC guide “Multi-factor authentication for your corporate online services”

For more information about MFA:

• “Multifactor Authentication Cheat Sheet” (OWASP)
• “Deploying Multi Factor Authentication – The What, How, and Why” (SANS Institute)
• “How MFA gets hacked — and strategies to prevent it” (CSO)
• “How Multifactor Authentication Supports Growth for Businesses Focused on Zero Trust” (BizTech)
• “What is multi-factor authentication?” (TechTarget)

5 - U.S. gov’t outlines AI strategy, ties it to national security 

The White House has laid out its expectations for how the federal government ought to promote the development of AI in order to safeguard U.S. national security.

In the country’s first-ever National Security Memorandum (NSM) on AI, the Biden administration said the federal government must accomplish the following:

• Ensure the U.S. is the leader in the development of safe, secure and trustworthy AI
• Leverage advanced AI technologies to boost national security
• Advance global AI consensus and governance

“The NSM’s fundamental premise is that advances at the frontier of AI will have significant implications for national security and foreign policy in the near future,” reads a White House statement.

The NSM’s directives to federal agencies include:

• Help improve the security of chips and support the development of powerful supercomputers to be used by AI systems.
• Help AI developers protect their work against foreign spies by providing them with cybersecurity and counterintelligence information.
• Collaborate with international partners to create a governance framework for using AI in a way that is ethical, responsible and respects human rights. 

The White House also published a complementary document titled “Framework To Advance AI Governance and Risk Management in National Security,” which adds implementation details and guidance for the NSM.

6 - State CISOs on the frontlines of AI security

As the cybersecurity risks and benefits of AI multiply, most U.S. state CISOs find themselves at the center of their governments' efforts to craft AI security strategies and policies.

That’s according to the “2024 Deloitte-NASCIO Cybersecurity Study,” which surveyed CISOs from all 50 states and the District of Columbia.

Specifically, 88% of state CISOs reported being involved in the development of a generative AI strategy, while 96% are involved with creating a generative AI security policy.

However, their involvement in AI cybersecurity matters isn’t necessarily making them optimistic about their states’ ability to fend off AI-boosted attacks.

None said they feel “extremely confident” that their state can prevent AI-boosted attacks, while only 10% reported feeling “very confident.” The majority (43%) said they feel “somewhat confident” while the rest said they are either “not very confident” or “not confident at all.”

Naturally, most state CISOs see AI-enabled cyberthreats as significant, with 71% categorizing them as either “very high threat” (18%) or “somewhat high threat” (53%).

At the same time, state CISOs see the potential for AI to help their cybersecurity efforts, as 41% are already using generative AI for cybersecurity, and another 43% have plans to do so by mid-2025.

Other findings from the "2024 Deloitte-NASCIO Cybersecurity Study" include:

• 4 in 10 state CISOs feel their budget is insufficient.
• Almost half of respondents rank cybersecurity staffing as one of the top challenges.
• In the past two years, 23 states have hired new CISOs, as the median tenure of a state CISO has dropped to 23 months, down from 30 months in 2022.
• More state CISOs are taking on privacy protection duties — 86% are responsible for privacy protection, up from 60% two years ago.

For more information about CISO trends:

• “What’s important to CISOs in 2024” (PwC)
• “The CISO’s Tightrope: Balancing Security, Business, and Legal Risks in 2024” (The National CIO Review)
• “State of CISO Leadership: 2024” (SC World)
• “4 Trends That Will Define the CISO's Role in 2024” (SANS Institute)

To tie in with this month’s SoNYC birthday celebrations, we are hosting a collection of case

قدمة تستعرض هذه المذكرة المشهد السياسي المعاصر في السودان،وكيفية تأثيرهعلى جدوى الاستثماراتفي القطاع الزراعيالتي تشتد الحاجة إليها لتحقيق التحول الزراعي في البلاد. ت ركزالمذكرة بشكل خاص على سلاسل القيمة في قطاعي الثروة الحيوانية والبستنة فيولاية الخرطوم،وإدارة الموارد الطبيعية في ولايتي النيل الأزرق وجنوب كردفان. أهملت الحكومات المتعاقبة إلى حد كبير قطاع الزراعة على الرغم من أنه أكبر قطاع توظيف في السودان ويساهم بنحو 56في المئة من إجمالي الصادرات (بنك السودان المركزي، 2020).