World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M...
-
Upload
aaliyah-maclean -
Category
Documents
-
view
214 -
download
1
Transcript of World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M...
![Page 1: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/1.jpg)
World Class Standards
1
SCP(11)0216
SCP Plenary #50
June 15-17, 2011
Title*: Update on TC M2M activities and related EC Standardization Mandates
Submitted by: Francois Ennesser
from Source*: GemaltoSubmitted To*: SCP 50
Document for*: Decision a decision is formally requested from the addressed (sub-)committee
Only one "" Discussion the contribution is expected to be presented and discussed, but no decision is formally requested
Information X the contribution does not require discussion
![Page 2: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/2.jpg)
World Class Standards
2
Update on TC M2M Activities
Discussions started to transform TC M2M in International Partnership Project (2012?)
Release 1 completion expected end 2011: TR 102 691: Smart Metering Use Cases and TS 102 689: Requirements already published
Stage 2 (TS 102 690, architecture) being completed
Stage 3 (TS 102 921, Interfaces and Protocols)
• M2M Service layer communicates through APIs with Transport layer and Application Layer
• REST (Representational State Transfer) based model for resources and primitives
TR 103 167 on Threat Analysis approved for publication at M2M 15
• Intended to remain a living document
Structured in 5 Working Groups WG1 Requirements, WG2 Architecture, WG3 Protocols, WG4 Security, WG5 Management (Device / Platform)
![Page 3: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/3.jpg)
World Class Standards
3
M2M Architecture Overview (Draft TS 102 690)
M2M devices connect to core network directly or through a Gateway
Service Layer (SL) access requires mutual authentication, independent from Access Network (AN)
SL credentials may be independent or not from AN credentials (depending on trust between Service Provider and Network Operator)
TS 102 690 offers multiple options to bootstrap service layer credentials, including UICC provisioning or derivation
A secured environment, such as UICC, is required to protect SL keys in Devices or Gateways
User interface to applicatione.g. Web portal
PC/dedicated appliance
M2M Area
(e.g. Smart Metering) M2M Application
ETSI M2M Service Capabilities
M2M Devic
e
M2M Gateway
ServiceCapabilities
Local M2M Network
M2M Device
M2M Service Capabilities
M2M Device
mIa
mId
Central Communication
System
WAN (Wide Area Network) Core
network
M2M Device Domain
![Page 4: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/4.jpg)
World Class Standards
4
Update on EC M441 Smart Metering Mandate Comments on the “Technical Report on Communication” endorsed at SMCG Plenary on June 8 (6 months of delay to address EC comments): Document (TR) submitted for consultation to national entities and professional groups, before being sent for vote to ETSI/CEN/CENELEC on the 1st of September (around 3 months for each SDO)
Existing SCP specifications are listed as possibly relevant
Available under http://docbox.etsi.org/M2M/M441/open_space/ETSI_M441_Management/00_Working_Folder_SMCG_Report/
Reference Use Cases for the mandate (high level description) are being finalized by the Smart Metering Coordination Group
SCP member inputs are always welcome
The Work Program of the involved committees (including ETSI SCP) is maintained as a living document
ETSI SCP Part will be updated to include new relevant work items
• Embedded UICC, M2M API…
Available at http://docbox.etsi.org/M2M/M441/open_space/ETSI_M441_Management/10_Working_Folder_Work_Programme/101112_Work%20Programme%2027.09.10%20v3%20final%20-%20ETSI.doc
![Page 5: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/5.jpg)
World Class Standards
5
EC M490: Smart Grid Mandate Mandate published March 1 2011, now accepted by ETSI/CEN/CENELEC
ETSI TC M2M appointed by OCG as ETSI Coordinating TC for this mandate, like for M441
Will be coordinated with outputs of M441 (Smart Metering) and M468 (Electric Vehicle Charging)
• Automatic Metering Infrastructure (scope of M441) is just one part of Smart Grid
Domains include “Data Protection and Integrity, Information Security and Privacy”
• Services include User Authentication, Digital Signature, Encryption…
Referring recommendations from EC Expert Groups on Stakeholders, Functionalities, and Privacy and Data Protection
The report on Privacy and Data Protection recommends to build from past experience in Banking and Telecom, and recommends Common Criteria Protection Profile definition and certification for sensitive smart grid components
An ETSI/CEN/CENELEC JWG on Smart Grids already produced a Strategic Report on Smart Grids also insisting on security and Privacy issues
The JWG has become “Smart Grid Coordination Group” (SG-CG)
Working group structure created in SG-CG includes “Smart Grid Information Security” group
![Page 6: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/6.jpg)
World Class Standards
6
EC M490: Smart Grid Mandate (2) ETSI has missed some steps of the path between JWG and SG-CG : discuss the new SG-CG ToR , the new structure. Now TC M2M has been proposed as the coordinating entity for ETSI, an internal organization has been set up (identical as Smart Grid) (Marylin Arndt, David Boswarthick). Moreover an OCG task Force (Joachim Koss) has been decided during last OCG meeting in April, as to bring support to TCs in the management of the mandates.
Structure of the SG-CG (JWG will stop its activity the 30 th June, SG-CG in December 2012) below
Next Steps :
plenaries :
•1st July : 1st plenary of the SG-CG
• 7th October : 2nd plenary
Steering Group meetings
•(17th May), 30st June, 1sept, 10 November
Subgroups
•SG First Set of Standards Team : delay to
bring contributions extended to 21st June.
•Other SG are to be launched very soon.
•Important : Call for experts are running for
each of the Subgroups.
![Page 7: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/7.jpg)
World Class Standards
7
BSI Protection Profile for Smart Meter Gateway Common Criteria Protection Profile developed by the German federal agency for Security in Information Technology
It addresses the communication capabilities of a smart meter with local and neighborhood networks
Meant as mandatory requirement for Smart meter gateway between LAN and WAN: Certification will be required for German deployment
Critical link between security of Smart Meter, Smart Grid, and home automation networks
“The security functionality of the TOE comprises protection of confidentiality, authenticity, integrity of data and information flow control, mainly to protect the privacy of consumers, to ensure a reliable accounting process and to protect the Smart Metering System and a corresponding large scale infrastructure of the smart grid.”
Mentions the use of 2 Security Modules
“The Gateway and the E-Meter each utilise the services of a Security Module (e.g. a smart card) as a cryptographic service provider and as a secure storage for confidential assets. The Security Module will be evaluated separately according to the requirements in the corresponding Protection Profile.”
Refers to a To be developed “Protection Profile for the Security Module of a Smart Meter”
![Page 8: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/8.jpg)
World Class Standards
8
BSI cryptographic function sharing with Security Module
The following table provides a detailed overview on how the cryptographic functions are distributed between the TOE and its Security Module:
![Page 9: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/9.jpg)
World Class Standards
9
Relevant Assets for BSI Protection Profile
![Page 10: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/10.jpg)
World Class Standards
10
EC M468: Electric Vehicle Charging Launched mid 2010, now renamed “European Electro Mobility”
CEN-CENELEC joint focus group with 6 Project Teams was created PT1- Terminology, 2- Connectors- plug systems, 3- Batteries, 4- Communication, 5- Modes of Charging, 6- Standards & Regulations
ETSI TC M2M interested to participate in PT4 with TC SCP
A technical document has been produced
PT4 focuses on Technologies and Standards for Data Commuinication between Electric Vehicle and Charging Device
Further data communication, as well as advanced communication using Wireless, has been pushed out of M468, to the M490 Smart Grid mandate
CEN/CENELEC – ETSI TC ITS cooperate to converge on system architecture, Communication protocols (layers 3 to 7), security and system management.
Interests have come on use of NFC and Mobile terminals for some transactions like secure payment.
![Page 11: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/11.jpg)
World Class Standards
11
M468 - Functional Role Model Modifications
![Page 12: World Class Standards 1 SCP(11)0216 SCP Plenary #50 June 15-17, 2011 Title*: Update on TC M2M activities and related EC Standardization Mandates Submitted.](https://reader035.fdocuments.us/reader035/viewer/2022062618/5514f2f3550346a80c8b4df1/html5/thumbnails/12.jpg)
World Class Standards
12
Foreseen M2M impact on UICC A first level UICC application owned by the Service Provider will be required to handle M2M SL access credentials
Using the GP based Confidential Content framework adopted in TS 102 226 to maintain independence from other UICC stakeholders
Should benefit from embedded UICC remote management features
Can SCP take a role in defining this application?
Vertical M2M applications may further impact the UICC
e.g. in Smart Grids, privacy sensitive Personal Data belonging to consumers (e.g. detailed consumption log) should be stored locally
This may also include utilities billing subscriptions, allowing user to activate most advantageous subscription depending on usage conditions