The German IT Security Certification Scheme. Joachim Weber
|
|
- Merry Tucker
- 5 years ago
- Views:
Transcription
1 The German IT Security Certification Scheme Joachim Weber
2 The German IT Security Certification Scheme 1. The role of the BSI 2. The German IT Certificate Scheme 3. Certification procedures in detail 4. International recognition 5. Status in Germany Joachim Weber The German IT-Security Certification Scheme Page 2
3 1. The role of the BSI The organisation BSI The mission of the BSI A brief history of the BSI Role of the BSI The branch D2
4 BSI - Organisation Director Arne Schönbohm Division B: Consulting for Government, the Private Sector and Society Division CK: Cyber Security and Critical Infrastructures Division D: Cyber Security for Digitisation, Certification and Standardisation Branch D2: Certification and Standardisation Division KT: Cryptotechnology and IT Management for Increased Security Requirements Joachim Weber The German IT-Security Certification Scheme Page 4
5 The mission of the BSI Information security in digitisation through prevention, detection and reaction for government, business and society. Prevention Cyber Security Abteilung K Cryptographic Krypto-Technologie innovations Dr. Gerhard Schabüser Security of classified information Fachbereich Secure identities K1 VS-IT-Sicherheit Certification Detection Awareness Fachbereich campaigns K2 Kryptographische Anwendungen IT Security consultations & Support of the Government Reaction Joachim Weber The German IT-Security Certification Scheme Page 5
6 A brief history of the BSI IT Security Law (IT-SiG) Founding of the CAZ Amendment of the BSIG Law passed to set up the BSI (BSIG) Founding of the BSI New general framework Alliance for Cyber Security Cyber Defence Center (CAZ) National Cyber Defence Authority (NCDA) Cyber Security Strategy for Germany Central Cyber Security Agency UP Bund and UP KRITIS National plan for protection of the information infrastructure (NPSI) Central IT Security service provider of the German administration National Communication Security and Certification Agency (NCSA) Joachim Weber The German IT-Security Certification Scheme Page 6
7 Role of the BSI - The branch D2 Public and Legal framework Standardisation security by design IT security requirements for IT security products, infrastructure and services Certification Joachim Weber The German IT-Security Certification Scheme Page 7
8 2. The German IT Certificate Scheme Certified products Partner in the certification scheme Reasons for a German certificate The certification scheme The brand-name BSI: High level of trust The German certificate worldwide The Common Criteria The CCRA since 2014
9 Certified products Joachim Weber The German IT-Security Certification Scheme Page 9
10 Partner in the certification scheme IT Security made in Germany International standardisation Manufacturer National certification centre Economy National IT Security Testing centre Joachim Weber The German IT-Security Certification Scheme Page 10
11 Reasons for a German certificate Economy Politics Society Strengthening Germany as place of IT Security and Privacy Support of German manufacturers in the international environment Impartial Review of private testing centres for maximal benefits of the manufacturers Participation in developing international standards Expertise in designing appropriate security guidelines Trust through mandate and reputation of the BSI Stands for international recognised Testing Quality (SOGIS, CCRA, DAkkS) Joachim Weber The German IT-Security Certification Scheme Page 11
12 The certification scheme Application of interested party Testing method (e.g. ISO 27001, Common Criteria/ISO 15408) Technical guidelines Conformity Test private qualified testing centre Certificate BSI Legal requirements (EnWG, SigG,...) The certification proves that a product fulfils the testing and law requirements Joachim Weber The German IT-Security Certification Scheme Page 12
13 The brand-name BSI: High level of trust Product certificate System & service certificate Common Criteria/PP Security Technical Guidelines (TR) Function / interoperability ISO 27001/IT-Baseline Protection Certification IT Security Person & service certificate Recognition and qualification of testing centres / persons Certifying of security services e.g. ISO/IEC Joachim Weber The German IT-Security Certification Scheme Page 13
14 Example: Huawei è Certified by BSI: Huawei AR Series Service Router AR1220 Pictures by Huawei è Currently under evaluation: Huawei OptiX OSN 1800 V V100R13C00 è More certifications are in preparation Law (BSIG): The certificate will be awarded if it satisfies the necessary criteria (completes successfully the evaluation) and there is no public interest against the issuing of such a certificate. Joachim Weber The German IT-Security Certification Scheme Page 14
15 The German certificate worldwide International recognition up to EAL 2 or according to cpp. European recognition up to EAL 4 and in selected technical domains up to EAL 7. Joachim Weber The German IT-Security Certification Scheme Page 15
16 The Common Criteria The CCRA since 2014 Low Assurance Policy : No mutual recognition above EAL level 2 collaborative Protection Profiles (cpp): Collaborative development of Protection Profiles for COTS products (EAL level 1-4) Motivation: Comparable evaluation results in a growing community Joachim Weber The German IT-Security Certification Scheme Page 16
17 3. Certification procedures in detail The Common Criteria - Role allocation Principle Responsibilities in the Certification Process
18 The Common Criteria Role allocation Applicant (Developer) Guidance Application Certificate Evaluation of product and documentation Site visits Security requirements BSI Certification Body Evaluation reports and documentation Comments on evaluation reports Approval of evaluation results ITSEF Joachim Weber The German IT-Security Certification Scheme Page 18
19 Principle Responsibilities in the Certification Process r Developer: r provides ToE and documentation r ITSEF (IT Security Evaluation Facility): r evaluates ToE and delivers report r Certification Body r central institution r ensures uniform approach r ensures comparable evaluation results Joachim Weber The German IT-Security Certification Scheme Page 19
20 4. Status in Germany BSI: Status in Germany European Perspective German Regulation for Digitisation of the national energy network
21 BSI: Status in Germany Germany: BSI more than 20 years independent national certification body for IT Security Technical standards and certification are instruments of governmental regulation in the area of critical infrastructure protection, examples: ehealth, energy grids, eid documents, telematics in transportation, payment transactions BSI supports governmental law initiatives by tailored technical standards and certification processes on both European and national level More than 100 certificates are issued per year (about 75% on high assurance level) 9 national evaluation labs Joachim Weber The German IT-Security Certification Scheme Page 21
22 European Perspective European Digital Single Market propagates concept of common regulation structures to foster common European values IT industry has strong and market driven interest in European IT security certificates seeking competitive advantages on the world markets European and international IT security standardisation and cooperation (SOG-IS MRA and CCRA) Joachim Weber The German IT-Security Certification Scheme Page 22
23 Example: Digitisation and energy transition electricity measured data and status information / control signals Digitisation and integration of 1.5 million decentralized and renewable energies creates high complexity Intelligent network is needed to link energy generation, storage and consumption Challenge: threats increases, infrastructures become more complex, amount of data is multiplied We need trustworthy products and systems in the energy network and a secure communication infrastructure Joachim Weber The German IT-Security Certification Scheme Page 23
24 German Regulation for Digitisation of the national energy network Digitisation of the Energy Transition Act (September 2 nd, 2016) based on EU Directives Electricity, Gas and Energy Efficiency sets the legal and technical basis for an intelligent energy network in Germany Article 1: Metering Point Operating Act deals with installation and operation of smart metering systems ensures a high level of data protection, IT security and interoperability uses Protection Profiles and Technical Guidelines to achieve security and conformity/compatibility of IT components enables development of further fields of application (e.g. smart grid, e-mobility) Current status of roll out in Germany 900 DSOs (distribution system operators), 42 million metering points 8 Smart-Meter-Gateways from manufacturers in evaluation/certification by the BSI; field tests and pilots are running Size of market (minimum) > 6,000 kwh and plants > 7 kw 5.6 million gateways (800 million per year) Privacy Fast rollout IT security Future proof Smart-Meter-Gateway Joachim Weber The German IT-Security Certification Scheme Page 24
25 Thank you for your attention! Contact Joachim Weber Head of Branch D2: Certification and Standardisation Tel. +49 (0) Fax +49 (0) Bundesamt für Sicherheit in der Informationstechnik Postfach Bonn Joachim Weber The German IT-Security Certification Scheme Page 25
BSI-CC-PP for. FIDO Universal Second Factor (U2F) Authenticator, Version 1.0. developed by. Federal Office for Information Security
for FIDO Universal Second Factor (U2F) Authenticator, Version 1.0 developed by Federal Office for Information Security Federal Office for Information Security (BSI), Postfach 20 03 63, 53133 Bonn, Germany
More informationLegal Regulations and Vulnerability Analysis
Legal Regulations and Vulnerability Analysis Bundesamt für Sicherheit in der Informationstechnik (BSI) (Federal Office for Information Security) Germany Introduction of the BSI National Authority for Information
More informationBSI-CC-PP for
for Protection Profile for the Security Module of a Smart Meter Mini-HSM (Mini-HSM Security Module PP) - Schutzprofil für das Sicherheitsmodul des Smart Meter Mini-HSM, V1.0 developed by Federal Office
More informationBSI-CC-PP for
for Common Criteria PP Configuration Machine Readable Electronic Documents - Optionales Nachladen (Optional Post-Emission Updates) [MR.ED-ON-PP] developed by Federal Office for Information Security Federal
More informationBSI-CC-PP for. Java Card Protection Profile - Open Configuration, Version December developed by. Oracle Corporation
BSI-CC-PP-0099-2017 for Java Card Protection Profile - Open Configuration, Version 3.0.5 December 2017 developed by Oracle Corporation Federal Office for Information Security (BSI), Postfach 20 03 63,
More informationBSI-CC-PP-0088-V for
BSI-CC-PP-0088-V2-2017 for Base Protection Profile for Database Management Systems (DBMS PP) Version 2.12 and DBMS PP Extended Package - Access History (DBMS PP_EP_AH) Version 1.02 developed by DBMS Working
More informationAssurance Continuity Maintenance Report
IFX_CCI_000003h, IFX_CCI_000005h, IFX_CCI_000008h, IFX_CCI_00000Ch, IFX_CCI_000013h, IFX_CCI_000014h, IFX_CCI_000015h, IFX_CCI_00001Ch and IFX_CCI_00001Dh design step H13 including optional software libraries
More informationProtection Profile for the Gateway of a Smart Metering System Combining privacy protection with security for the grid
Protection Profile for the Gateway of a Smart Metering System Combining privacy protection with security for the grid Dr. Helge (BSI) 12th ICC, 29.9.2011 A Possible Smart Grid 2 Introduction Smart Meter
More informationNIS Standardisation ENISA view
NIS Standardisation ENISA view Dr. Steve Purser Brussels, 19 th September 2017 European Union Agency for Network and Information Security Instruments For Improving Cybersecurity Policy makers have a number
More informationPlatform Economy and Trustworthiness Standardization
Security for Industrie 4.0 Platform Economy and Trustworthiness Standardization Siemens Corporate Technology and Member of the German Platform Industrie 4.0 Industrie 4.0 Connecting business processes
More informationThe emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18
The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18 European Union Agency for Network and Information Security
More informationNew cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017
in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017 European Union Agency for Network and Information Security Positioning ENISA activities CAPACITY Hands on activities POLICY Support MS & COM
More informationSECURITY CERTIFICATION
ÉDITION 2018 SECURITY CERTIFICATION OF PRODUCTS BY THE FRENCH NATIONAL CYBERSECURITY AGENCY (ANSSI) PAR L AGENCE NATIONALE DE LA SÉCURITÉ DES SYSTÈMES D INFORMATION Security Visas provide a competitive
More informationHow the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015
How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015 Claudia Prettner, Unit for Health and Well-Being, DG CONNECT Table of
More informationDAkkS Who we are. Attesting competence, Assuring quality, Creating confidence.
DAkkS Who we are Attesting competence, Assuring quality, Creating confidence. What is accreditation? Reliability through conformity assessment The demands on the quality of goods and services are growing
More informationCall for Expressions of Interest
Call for Expressions of Interest ENISA M/CEI/17/T01 Experts for assisting in the implementation of the annual ENISA Work Programme TECHNICAL DESCRIPTION CONTENTS TECHNICAL DESCRIPTION... 3 1. INTRODUCTION...
More informationPrivacy and Security in Smart Grids
Faculty of Computer Science, Institute of Systems Architecture, Chair for Privacy and Data Security Privacy and Security in Smart Grids The German Approach Sebastian Clauß, Stefan Köpsell Dresden, 19.10.2012
More informationERCI cybersecurity seminar Guildford ERCI cybersecurity seminar Guildford
Cybersecurity is a EU strategic priority DG CONNECT* > The Digital Single Market strategy aims to open up digital opportunities for people and business and enhance Europe's position as a world leader in
More informationISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006
ISO / IEC 27001:2005 A brief introduction Dimitris Petropoulos Managing Director ENCODE Middle East September 2006 Information Information is an asset which, like other important business assets, has value
More informationNational Cyber Security Strategy 2016
National Cyber Security Strategy 2016 26th of April 2017, Athens Samuel Rothenpieler, International Relations Advisor, Federal Office for Information Security (BSI) Mission Statement of the German Federal
More informationBuilding an Assurance Foundation for 21 st Century Information Systems and Networks
Building an Assurance Foundation for 21 st Century Information Systems and Networks The Role of IT Security Standards, Metrics, and Assessment Programs Dr. Ron Ross National Information Assurance Partnership
More informationSmart Metering industry approach for aligning standardization requirements and national security demands
Smart Metering industry approach for aligning standardization requirements and national security demands Thomas Weisshaupt Chair Privacy & Security group 24 October, Mandelieu About ESMIG the members The
More informationCEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''
CEN Identification number in the EC register: 63623305522-13 CENELEC Identification number in the EC register: 58258552517-56 CEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''
More informationVdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe
Author Date VdTÜV-WG Cybersecurity October, 3 rd 2015 VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe VdTÜV e.v. welcomes the Communication on a
More informationEnd-to-end Safety, Security and Reliability Keys for a successful I4.0 Migration
End-to-end Safety, Security and Reliability Keys for a successful I4.0 Migration Dr. Andreas Hauser Director Digital Service, TÜV SÜD Tokyo, 21 February 2017 Corporate Profile Slide 2 Our heritage: 150
More informationCybersecurity. Quality. security LED-Modul. basis. Comments by the electrical industry on the EU Cybersecurity Act. manufacturer s declaration
Statement Comments by the electrical industry on the EU Cybersecurity Act manufacturer s declaration industrial security Cybersecurity Quality basis security LED-Modul Statement P January 2018 German Electrical
More informationWorking with the EU Directive High common level of network and information security. Martin Apel, SANS ICS Summit, Munich und
Working with the EU Directive High common level of network and information security Martin Apel, SANS ICS Summit, Munich und 18.06.2018 Outline 1. Overview over NIS-Directive 2. Who is an operator of essential
More informationBetween 1981 and 1983, I worked as a research assistant and for the following two years, I ran a Software Development Department.
Application for the post of the Executive Director of the European Network and Information Security Agency (ENISA) Udo Helmbrecht Presentation to the ENISA Management Board in Brussels on April 3 rd 2009
More informationMarkus Bartsch. German Smart Metering and European Privacy Needs
Markus Bartsch German Smart Metering and European Privacy Needs Smart Grid (and Metering) Customer Satisfaction 3 Years 3 10 Years Identity Management Asset Management Feeder Automation Smart Meters Privacy
More informationCyber Security in Europe
Cyber Security in Europe ENISA supporting the National Cyber Security Strategies An evaluation framework Liveri Dimitra Security and Resilience of Communication Networks Officer www.enisa.europa.eu Securing
More informationBSI-PP for. Protection Profile Secure Signature-Creation Device Type 3, Version developed by
BSI-PP-0006-2002 for Protection Profile Secure Signature-Creation Device Type 3, Version 1.05 developed by CEN/ISSS Information Society Standardization System, Workshop on Electronic Signatures - Bundesamt
More informationEU Cloud Computing Policy. Luis C. Busquets Pérez 26 September 2017
EU Cloud Computing Policy Luis C. Busquets Pérez 26 September 2017 The digital revolution is built on data Most economic activity will depend on data within a decade Potential of the data-driven economy
More informationResilience, Deterrence and Defence: Building strong cybersecurity for the EU
Resilience, Deterrence and Defence: Building strong cybersecurity for the EU 1 Building strong cybersecurity for the EU: Resilience, Deterrence and Defence From reactive to pro-active and cross-policy
More informationPolicy drivers and regulatory framework to roll out the Smart Grid deployment. Dr. Manuel Sánchez European Commission, DG ENERGY
Policy drivers and regulatory framework to roll out the Smart Grid deployment Dr. Manuel Sánchez European Commission, DG ENERGY The electricity grid Generation Transmission Distribution Customers Net Generation
More informationAssessments Audits CERTIFICATION
IT SECURITY Cyber Security Training Consulting Analyses Assessments Audits CERTIFICATION Increasing connectivity of equipment, systems and applications in cyberspace networks harbours additional risks.
More informationEUROPEAN ORGANISATION FOR SECURITY SUPPLY CHAIN SECURITY WHITE PAPER
EUROPEAN ORGANISATION FOR SECURITY SUPPLY CHAIN SECURITY WHITE PAPER Mark R. Miller Regional Vice President, COTECNA Inspection S.A. Vice Chairman, European Organisation for Security Coordinator, EOS Supply
More informationACCREDITATION: A BRIEFING FOR GOVERNMENTS AND REGULATORS
ACCREDITATION: A BRIEFING FOR GOVERNMENTS AND REGULATORS Accreditation is continuously gaining recognition as an important technical tool in the delivery of objectives across an increasing range of policy
More informationConformity and Interoperability Key Prerequisites for Security of eid documents. Holger Funke, 27 th April 2017, ID4Africa Windhoek
Conformity and Interoperability Key Prerequisites for Security of eid documents Holger Funke, 27 th April 2017, ID4Africa Windhoek Agenda 1. About secunet Security Networks AG 2. Timeline of interoperability
More informationSTANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL?
ETSI SUMMIT Releasing the Flow Data Protection and Privacy in a Data-Driven Economy 19 April 2018 STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL? Presented by
More informationGermany and The Netherlands Certification of cryptographic modules
Germany and The Netherlands Certification of cryptographic modules Leo Kool (Msc), Brightsight 18 May 2016, kool@brightsight.com Outline CC and Schemes Evaluation Process and Reporting forms (NSCIB, BSI)
More informationNational Information Assurance Partnership (NIAP) 2017 Report. PPs Completed in CY2017
National Information Assurance Partnership (NIAP) 2017 Report NIAP continued to grow and make a difference in 2017 from increasing the number of evaluated products available for U.S. National Security
More informationTowards a European Cloud Computing Strategy
Towards a European Cloud Computing Strategy Jorge Gasós European Commission Information Society and Media Directorate General Trust and Security Unit Security, privacy, and trust in the information society
More information2nd ENISA Workshop German CERT-Activities. 5 th October, 2006 Brussels
2nd ENISA Workshop German CERT-Activities 5 th October, 2006 Brussels Overview Hosting Organisation CERT-Bund Background Projects CERT Services German CERT Activities International Cooperation Lessons
More informationCyber Security. CyberSecurity. For more information: Airbus CyberSecurity
For more information: Airbus CyberSecurity CyberSecurity France Metapole 1, boulevard Jean Moulin / CS 40001 / 78996 Elancourt Cedex/ France Germany Willy-Messerschmitt-Str. 1 / 82024 Taufkirchen / Germany
More informationOverview of ICT certification laboratories FINAL V1.1 JANUARY European Union Agency For Network and Information Security
Overview of ICT certification laboratories FINAL V1.1 JANUARY 2018 www.enisa.europa.eu European Union Agency For Network and Information Security About ENISA The European Union Agency for Network and Information
More informationeidas Regulation (EU) 910/2014 eidas implementation State of Play
eidas Regulation (EU) 910/2014 eidas implementation State of Play CA-Day 19 September 2016 Elena Alampi DG CONNECT, European Commission elena.alampi@ec.europa.eu eidas The Regulation in a nutshell 2 MAIN
More informationSwedish Scheme Update Dag Ströman, Head of CSEC
Swedish Scheme Update Dag Ströman, Head of CSEC 1 CSEC - The Legal Base Swedish Parliament approval of the Government bill in May 2002, which stated: The Swedish Defence Materiel Administration, FMV, is
More informationProcedure for Network and Network-related devices
Lloyd s Register Type Approval System Type Approval Requirements for components within Cyber Enabled Systems on board Ships Procedure for Network and Network-related devices September 2017 1 Reference:
More informationKhoen LIEM. Industrial Policy. A systematic approach for Civil Security: From EU Security- Research Policy
A systematic approach for Civil Security: From EU Security- Research Policy to Industrial Policy When the budgets get smaller, we need a more systematic approach Khoen LIEM DG Enterprise and Industry Bonn,
More informationGovernment Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security
Government Resolution No. 2443 of February 15, 2015 33 rd Government of Israel Benjamin Netanyahu Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security It is hereby resolved:
More informationJoint FIEEC-ZVEI Position on Cybersecurity
Position Paper Joint FIEEC-ZVEI Position on Cybersecurity Digital Market Cyber Security Multilevel toolbox Guidelines Industries Certification Framework self-declaration October 2017 Preface The digital
More informationSecuring Europe's Information Society
Securing Europe's Information Society Dr. Udo Helmbrecht Executive Director European Network and Information Security Agency 16 June 2010 FIRST AGM Miami 16/6/2010 1 Agenda ENISA overview Challenges EU
More informationPackage of initiatives on Cybersecurity
Package of initiatives on Cybersecurity Presentation to Members of the IMCO Committee Claire Bury Deputy Director-General, DG CONNECT Brussels, 12 October 2017 Building EU Resilience to cyber attacks Creating
More informationFuture-Proof Security & Privacy in IoT
All rights reserved, Arthur s Legal B.V. Future-Proof Security & Privacy in IoT From State of Play, To State of The Art Arthur van der Wees, LLM Managing Director Arthur s Legal, the global tech-by-design
More informationCybersecurity Package
Cybersecurity Package Highlights of key initiatives Domenico Ferrara Policy officer @ DG CONNECT Brussels, 12 December 2017 1 2013-2017: Evolving threat landscape Proliferation of (poorly secured) IoT
More informationThe cybersecurity platform for industrial small and medium-sized enterprises (SME) Andreas Harner, Head of
CERT@VDE The cybersecurity platform for industrial small and medium-sized enterprises (SME) Andreas Harner, Head of CERT@VDE What is a Computer Emergency Response Team (CERT)? A CERT (sometimes called
More informationSmart Meter Security. Martin Klimke, Principle of Technical Marketing Infineon Chip Card and Security
Smart Meter Security Martin Klimke, Principle of Technical Marketing Infineon Chip Card and Security Smart Grids: Advanced power control, intelligence and communications New Business models and Services
More informationThe Future of Solid State Lighting in Europe
PLUS Conference "LED Lighting Strategies for Urban Spaces", 20/6/2012 The Future of Solid State Lighting in Europe Michael Ziegler European Commission DG Information Society and Media [-> DG CONNECT -
More informationH2020 & THE FRENCH SECURITY RESEARCH
H2020 & THE FRENCH SECURITY RESEARCH JANUARY 22, 2013 WISG 2013 / TROYES LUIGI REBUFFI CEO EUROPEAN ORGANISATION FOR SECURITY WWW.EOS EU.COM PRESIDENT CSOSG STEERING COMMITTEE European Organisation for
More informationMobile Felica on CX Virgo platform Version 5.0
122 MAINTENANCE REPORT MR1 (supplementing Certification Report No. CRP298) Mobile Felica on Sm@rtSIM CX Virgo platform Version 5.0 Issue 1.0 September 2017 Crown Copyright 2017 All Rights Reserved Reproduction
More informationETSI Electronic Signatures and Infrastructures (ESI) TC
ETSI Electronic Signatures and Infrastructures (ESI) TC Presented by Andrea Caccia, ETSI/ESI liaison to ISO SC27 ( a.caccia @ kworks.it ) ETSI 2011. All rights reserved ETSI TC ESI - Electronic Signatures
More informationEuropean digital repository certification: the way forward
Data Archiving and Networked Services European digital repository certification: the way forward Ingrid Dillo (DANS) EUDAT 3 rd User Forum Prague, 24 April 2014 DANS is an institute of KNAW en NWO Content
More informationSUCCESS STORY INFORMATION SECURITY
SUCCESS STORY Landis+Gyr cares for security in Smart Metering Safety modules for Smart-Meter Gateways according to Common Criteria The fabrication of intelligent power meters, the so called Smart Meters,
More informationSAT for eid [EIRA extension]
SAT for eid [EIRA extension] eid Solution Architecture Template (SAT) v1.0.0 ISA² Action 2.1 - European Interoperability Architecture Page 1 of 1 Change control Modification Details Version 1.0.0 Migration
More informationBSI-PP for. Protection Profile Waste Bin Identification Systems (WBIS-PP) Version developed by. Deutscher Städte- und Gemeindenbund
Bundesamt für Sicherheit in der Informationstechnik BSI-PP-0010-2004 for Protection Profile Waste Bin Identification Systems (WBIS-PP) Version 1.04 developed by Deutscher Städte- und Gemeindenbund - Bundesamt
More informationThe energy sector reloaded
1 The energy sector reloaded Association of Energy Market Innovators 2 Discourse at bne is very much in line with our approach as a network company. That s because the combination of expertise across sectors,
More informationINTERMEDIATE EVALUATION
EHEALTH ACTION PLAN 2012-2020 INTERMEDIATE EVALUATION ehealth Network meeting 7 June 2016, Amsterdam Paul Timmers Director - Digital Society, Trust and Security DG CONNECT EHEALTH ACTION PLAN 2012 2020
More informationWhite Paper Implementing mobile electronic identity
Implementing mobile electronic identity A DXC Enterprise approach based on hardware token microsd card Table of contents Secure Element form factors in mobile devices 2 Other alternatives for implementing
More informationSmart Gas Metering in Germany.
Smart Gas Metering in Germany. New OMS Standard for Germany. New security standard. 10 th October 2012, Metering Billing/CRM Europe 2012, Amsterdam Andreas Bolder, Deutsche Telekom Technischer Service
More informationE-Energy! Information and Communications Technologies for the Energy Sector
E-Energy! Information and Communications Technologies for the Energy Sector Conference of the European Commission Brussels, 31 January 2008 Dr. Andreas Goerdeler Head of the Division Development of Convergent
More informationInternational Atomic Energy Agency Meeting the Challenge of the Safety- Security Interface
Meeting the Challenge of the Safety- Security Interface Rhonda Evans Senior Nuclear Security Officer, Division of Nuclear Security Department of Nuclear Safety and Security Outline Introduction Understanding
More informationInternational Legal Regulation of Cybersecurity U.S.-German Standards Panel 2018
International Legal Regulation of Cybersecurity U.S.-German Standards Panel 2018 Dr. Dennis-Kenji Kipker University of Bremen Washington DC, 10.04.2018 Gefördert vom FKZ: 16KIS0213 bis 16KIS0216 Slide
More informationEU policy and the way forward for smart meters and smart grids
Transmission & Distribution SMART GRIDS Europe 2012 Amsterdam 9-11 October 2012 EU policy and the way forward for smart meters and smart grids Manuel Sánchez, PhD Smart Grid Team Leader European Commission,
More informationPredictive Assurance
Predictive Assurance Bundesamt für Sicherheit in der Informationstechnik (BSI) (Federal Office for Information Security) 9 ICCC Jeju, Korea September 2008 Irmela Ruhrmann Head of Division Certification,
More informationENISA EU Threat Landscape
ENISA EU Threat Landscape 24 th February 2015 Dr Steve Purser ENISA Head of Department European Union Agency for Network and Information Security www.enisa.europa.eu Agenda ENISA Areas of Activity Key
More informationETSI TR V1.1.1 ( )
TR 119 400 V1.1.1 (2016-03) TECHNICAL REPORT Electronic Signatures and Infrastructures (ESI); Guidance on the use of standards for trust service providers supporting digital signatures and related services
More informationIT Security Evaluation : Common Criteria
AfriNIC-9 MEETING Mauritius 22-28 November 2008 IT Security Evaluation : Common Criteria Ministry of Communication Technologies National Digital Certification Agency Mounir Ferjani November 2008 afrinic
More informationDigitalization in the Energy Market Test Technology for the Electricity Market 2.0
ANALYZING LOGGING testing MEASURING Digitalization in the Energy Market Test Technology for the Electricity Market 2.0 Do you have any questions or wishes? Feel free to contact us. ZERA GmbH Hauptstraße
More informationPOSITION DESCRIPTION
UNCLASSIFIED IT Security Certification Assessor POSITION DESCRIPTION Unit, Directorate: Location: IT & Physical Security, Protective Security Wellington Salary range: H $77,711 - $116,567 Purpose of position:
More informationRevised November EFESC Handbook
Revised November 2015 EFESC Handbook 1 Table of Contents EFESC Handbook... 1 Table of Contents... 2 Handbook EFESC... 4 1 Background and objectives... 4 1.1 Sectoral developments... 4 1.1 Objectives...
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationTÜV SÜD Industrie Service GmbH. Maximising efficiency of power stations and plants.
TÜV SÜD Industrie Service GmbH Maximising efficiency of power stations and plants. Maximising efficiency, increasing safety and availability at TÜV SÜD, we know what is important for power stations and
More informationENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010
ENISA & Cybersecurity Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010 Agenda Some Definitions Some Statistics ENISA & Cybersecurity Conclusions
More informationThe Smart Home: A New Business Model. September 2014
The Smart Home: A New Business Model September 2014 What is a Smart Home? A smart home is described as a home equipped with lighting, heating, and electronic devices that can be controlled remotely by
More informationCOMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING
More informationCybersecurity & Digital Privacy in the Energy sector
ENERGY INFO DAYS Brussels, 25 October 2017 Cybersecurity & Digital Privacy in the Energy sector CNECT.H1 Cybersecurity & Digital Privacy, DG CNECT ENER.B3 - Retail markets; coal & oil, DG ENER European
More informationThird public workshop of the Amsterdam Group and CODECS European Framework for C-ITS Deployment
Third public workshop of the Amsterdam Group and CODECS European Framework for C-ITS Deployment 14 February 2017 Amsterdam Gerhard Menzel European Commission - DG MOVE EU Policy Tools Large-scale deployment
More informationDeutsche Telekom s Smart Energy Activities. Metering Billing/CRM Europe 2012 I October 2012
Deutsche Telekom s Smart Energy Activities. Metering Billing/CRM Europe 2012 I October 2012 The Energy Sector is facing dramatic change. Climate change Energy awareness The energy e change sector is facing
More informationPerspectives and actions for the implementation of Smart Grids into the internal energy market
Perspectives and actions for the implementation of Smart Grids into the internal energy market EUTC Annual meeting Budapest, 3-6 November 2009 EUROPEAN COMMISSION Dr. Manuel Sánchez Jiménez Policy Officer
More informationSECURING MOBILITY. Through the Canadian Medium Assurance Solutions Program. ICMC May Greg Hills Director, Architecture and Technology Assurance
SECURING MOBILITY Through the Canadian Medium Assurance Solutions Program ICMC May 2016 Greg Hills Director, Architecture and Technology Assurance PAGE 1 INTRODUCTION Basic, Medium, and High Assurance
More informationSmart Meter Rollout Germany Schedule and Regulatory framework. Joachim Gruber EnBW AG 3. November 2015
Smart Meter Rollout Germany Schedule and Regulatory framework Joachim Gruber EnBW AG 3. November 2015 Digitization of the Energiewende 1 Background and Objectives 2 Schedule Rollout 3 Content of the draft
More informationEuropean Code of Conduct on Data Centre Energy Efficiency
EUROPEAN COMMISSION DIRECTORATE-GENERAL JOINT RESEARCH CENTRE Institute for Energy and Transport Renewable Energy Unit European Code of Conduct on Data Centre Energy Efficiency Introductory guide for applicants
More informationNIST Smart Grid Activities
NIST Smart Grid Activities George W. Arnold, Eng.Sc.D. National Coordinator for Smart Grid Interoperability National Institute of Standards and Technology ANSI/ESO Public Conference October 12, 2011 Example:
More informationISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Methodology for IT security evaluation
INTERNATIONAL STANDARD ISO/IEC 18045 First edition 2005-10-01 Information technology Security techniques Methodology for IT security evaluation Technologies de l'information Techniques de sécurité Méthodologie
More informationNIS Platform Working Group 3 Individuals Digital Rights and Capabilities. Dr. Gisela Meister April
NIS Platform Working Group 3 Individuals Digital Rights and Capabilities Dr. Gisela Meister April 08-2014 AoI 1: Individuals Digital Rights and Capabilities AoI 1 s vision is that individuals needs and
More informationENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens
ENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens 30.01.2018 European Union Agency for Network and Information Security What are these symbols anyway?
More informationWho is doing your calibration work?
The United Kingdom Accreditation Service Who is doing your calibration work? Are you confident that your goods and services and their component parts are based on measurements taken with correctly calibrated
More informationENCS The European Network for Cyber Security
ENCS The European Network for Cyber Security A not-for-profit European Public Private Partnership on cyber security for critical infrastructures Initial focus: smart grids and process control, to be extended
More informationCybersecurity eit. Software. Certification. Industrial Security Embedded System
Statement Benefits and limitations of certifications and labels in the context of cyber security Arguments for a balance between customer information and industrial suitability Industrial Security Embedded
More informationSTANDARD INFORMATION SHARING FORMATS. Will Semple Head of Threat and Vulnerability Management New York Stock Exchange
STANDARD INFORMATION SHARING FORMATS Will Semple Head of Threat and Vulnerability Management New York Stock Exchange AGENDA Information Sharing from the Practitioner s view Changing the focus from Risk
More information