SECURITY SIG IN MTS 01 ST OCTOBER 2013 DRAFT AGENDA Fraunhofer FOKUS
Feb 22, 2016
SECURITY SIG IN MTS01STOCTOBER 2013
DRAFT AGENDA
Fraunhofer FOKUS
Agenda SIG#7
Currently registered participants: J. Großmann, G. Rethy, A. Takanen, D. Hogrefe, A,. Wiles
1) Review/discussion APs and WI status2) Security Testing Terminology and Concepts3) Case Study Experiences4) Security Testing Methodologies5) Next steps
2
APs (from SIG#7)
Jürgen/Peter: complete Diamonds case study inputAri/Peter: Invite E2NA and CTI to review Terminology & Concepts (after stable draft) Ian/Scott: provide stable draft for September MTS: request formal liaison with ISO SC27/WG3&4
3
Review of „Terminology“
MTS members have been requested and encouraged again to provide to Ari comments on the draft.• Comments are available from Milan Zoric• Alignment between MTS-101582 SecTestCasev003 and
MTS-101583_final_draft
4
Cases Studies
Stable draft with 6 cases studies• 4 case studies from DIAMONDS (banknote, processing,
banking, automotive, radio protocols)• 2 case studies from SPACIOS (eHealth, document server)
Common structure • Case study characterization• Security testing approaches• Results• Summary
Security SIG in MTS, 4-5 October 20115
Security Testing Methodology
Draft with lots of notes, needs to be compiled in a draft document.Support offer from Ari and Jürgen (RASEN project)Open issues from last meeting:• Progress has been made, changes integrated, but still an early draft.• A work plan has been established, and Ian will contribute, discussion
took place with regard to the little progress done in the past year.• Request from Dieter: Harmonization is needed in the deliverable. A
work plan has been established.
Security SIG in MTS, 4-5 October 20116
Discussion
Status of Wis• Terminology (Ari)• Case studies (Jürgen)• Design guide (V&V) in progress (Scott)
• Contribution from Ian, Jan and others welcome
• „Security testing methodology“ (Scott)• Will be integrated e.g. as an annex to V&V document
Time schedules?
7