The FCC’s Communications Reliability, Security, and Interoperability Council held its first meeting under its new two-year charter today and members were briefed on the tasks that the panel’s three working groups will tackle. Working group 1 will focus on the transition to next-generation 911 (NG-911), working group 2 will explore a comprehensive evaluation of emergency alerting, and working group 3 will tackle network reliability and security risk reduction.
The chairs of the three working groups are Mary Boyd, vice president-regulatory, policy, and government affairs for West Safety Services (WG1); Farrokh Khatibi, director-engineering for Qualcomm Technologies, Inc. (WG2); and Travis Russell, director-telecommunications cybersecurity for Oracle Communications (WG3). The chair of the CSRIC is Brian King, senior vice president-national technology service delivery and operations for T-Mobile US, Inc.
The FCC has asked WG1 to “review existing best practices and develop additional guidance regarding overall monitoring, reliability, notifications, and accountability in preventing 911 outages in transitional NG911 environments.” It also wants the working group to “study and develop recommendations for the CSRIC’s consideration on small carrier best practices for managing the transition to NG911.” WG1 is scheduled to deliver a report on the first task in March 2018 and on the second in June 2018.
WG2 has been tasked with conducting “a comprehensive evaluation of emergency alerting and emerging technologies (such as the ATSC 3.0 broadcast standard and 5G) that may result in new alerting capabilities. As part of this evaluation, this Working Group would develop recommendations for CSRIC’s consideration on ways to streamline, simplify (by reducing burdens on licensees), and modernize existing systems, including the Emergency Alert System (EAS).” As part of its work, the working group is also to “develop recommendations on any technical solutions to support authentication of alerts through digital signatures for both the Internet-based IPAWS and the broadcast-based legacy ‘daisy chain’ to ensure that the alert retransmitted by an EAS Participant was generated by an authorized alert originator and has not been modified since its generation.”
WG2 is scheduled to deliver reports in June and December 2018, with the first report focusing on its evaluation of alerting and the second on authentication and validation issues.
WG3 is “to recommend mechanisms to reduce risks to network reliability and security, including: (i) best practices to mitigate the network reliability and security risks associated with the Diameter protocol, an industry standard for connecting and authenticating subscribers on mobile networks, (ii) mechanisms to best design and deploy 5G networks to mitigate risks to network reliability and security posed by the proliferation of Internet of Things devices and open-source software platforms used in 5G networks, and (iii) best practices and tools to improve reliability and reduce security risks in IP-based networks and protocols.”
A report on the first task is due in March 2018, one on the third is due in September 2018, and one on the second is due in March 2019.
In brief opening remarks at this afternoon’s meeting, FCC Chairman Ajit Pai stressed how “incredibly complex” the issues that the CSRIC tackles are, and he said the advice of the CSRIC is critical in helping ensure the reliability and preparedness of U.S. communications networks.
Jeffery Goldthorp, the CSRIC’s designated federal official who is acting chief of the Cybersecurity and Communications Reliability Division in the FCC’s Public Safety and Homeland Security Bureau, noted that the new CSRIC has fewer members than those in the past. “That will help us make faster progress,” he said. Twenty-two members of this CSRIC have been announced.
One committee member asked how the FCC is deciding which working groups that members will serve on. Mr. Goldthorp replied that the FCC will follow up with each member on that issue. “We’ve given it some thought, and we’ll be reaching out to speak with all of you,” he said.
Today’s meeting lasted for only about 40 minutes. CSRIC meetings typically are scheduled for four hours. “Please don’t get used to meetings this short,” Mr. Goldthorp advised. “I’ve been doing this for 15 years, and this is the shortest meeting I have ever been in.”
The next meeting of the CSRIC is scheduled for Sept. 15.- Paul Kirby, firstname.lastname@example.org