PASC XXVIII

1

PASC XXVIII Special session on what PASC can do to contribute to the WSC (World Standards Cooperation) of ISO,

IEC and ITU 22 June, 2005

Presented by

Dr. George W. ArnoldChairman of the Board of Directors

American National Standards Institute

PASC XXVIII22 June, 2005

Slide 2

http://story.news.yahoo.com/news?g=events/wl/080601mideast&a=&tmpl=sl&ns=&l=1&e=1&a=0&printer=


Slide 3

Security: More than Preventing Terrorism

Earthquakes 13,000 fatalities / year

Transportation disasters 7,800 “

Epidemics 6,500 “

Floods 5,000 “

Industrial disasters 2,900 “

Terrorism 2,500 “

Catastrophic storms 1,300 “

Internet attacks 140,000 incidents/yearSources: WHO, CERT


Slide 4

ISO Advisory Group on Security (AGS)

ISO launched AGS in February 2004 to examine area of international security standards

IEC and ITU were consulted and involved, but focus of this effort was on ISO deliverables in this area Examination of existing ISO deliverables related to the field of

security, an assessment of the needs of relevant stakeholders for international security standards, and recommendations regarding any gaps that are identified

Meetings in New York City (June) and Geneva (September), with teleconference and e-mail collaboration in between

Final report submitted to ISO TMB in December 2004


Slide 5

Advisory Group Membership

Members AU – Bala Balakrishnan CA – Alice Sturgeon

Husam Mansour DE – Hans-Peter Grode FR – Jean-Marie Decore IL – Avi Ginzburg JP – Ichiro Nakajima NL – Herman Schipper UK – Ted Humphries US – Kathleen Higgins

Chair George Arnold, US

ISO CS Secretariat Mike Smith Keith Brannon

Liaisons IEC – Tim Rotti ITU – Herb Bertine CEN – Alois Sieber


Slide 6

Questions

What standards are needed? Which already exist? Are they up-to-date? What are the gaps? Where should ISO contribute to address

these gaps?


Slide 7

ISO Technical Committees Related to Security

Ships and marine technology Aircraft and space vehicles Fire protection and fire safety Food products Financial services Nuclear energy Personal safety – protective

clothing and equipment Design of structures Freight containers Air Quality

Intelligent transportation systems

Environmental management Health informatics Drinking water supply and water

quality Cards and personal identification IT security Biometrics Automatic identification and

data capture


Slide 8

Observations

35 of 205 ISO TCs have work related to security Some very key activities – biometrics, detecting illicit

movement of radioactive material, maritime port security, information security, …

No work on some topics – emergency preparedness, security of petroleum facilities (there are reasons for this), chemical plants

Outdated standards in some areas (e.g. buildings) Opportunities for new standards (e.g. detecting contamination

of water, food, air supply) Currently, bottom-up process


Slide 9

Recommendations (1)

ISO Strategic Advisory Group on Security ISO/IEC Guidelines for Technical Committees Web Portal Security Management Framework Standard Emergency Preparedness Standard Reactivate TC 223 on Civil Defense


Slide 10

Recommendations (2)

Updated and/or New Standards Needs Built Infrastructure Protection for First Responders Equipment for First Responders Healthcare – Infection Control Resources – Security Aspects of Air, Food, Water

Supply Cybersecurity Personal Identification


Slide 11

Recommendations (3)

Transportation Ships, marine ports, intermodal supply chain – active

work program underway, coordinated by TC 8, but needs to be extended to include land transport

Air, rail, and road transport Current work addresses identity cards, biometrics,

freight container seals, RFID and IT security Potential to address additional requirements requires

consultation with intergovernmental organizations (e.g. ICAO, UIC, UN/ECE)


Slide 12

Opportunities for PASC

As PASC members are on many ISO technical committees impacted by this report, looking to you for support and also suggestions for successful implementation of the recommendations

PASC could pass resolution encouraging participation on the ISO SAG to be open to all ISO national bodies and IEC national committees

Participate on the joint ISO/IEC group to prepare a Guide on the inclusion of security aspects in International Standards


Slide 13

Opportunities for PASC (cont.)

Upon its publication, review and provide feedback on PAS 28000 (currently being developed by ISO/TC 8) as a security management system framework standard

Provide input to ISO/CS concerning the establishment of web portal on the subject of security

Participate through ISO P-memberships on ISO/TC 223 – Civil defence

Upon its formation, participate in the workshop that will prepare an IWA on the subject of emergency preparedness


Slide 14

Conclusion

Evident that ISO and WSC has a large role to play in international security standardization

All recommendations were accepted by ISO TMB at February 2005 meeting

Initial implementation steps set in motion Permanent Strategic Advisory Group on Security to be formed

following June TMB meeting Number of opportunities for PASC member involvement and input For further information:

George W. Arnold, [email protected], +1.732.949.1029

mailto:[email protected]

Documents

PASC XXVIII