Working groups of the FCC’s Communications Security, Reliability, and Interoperability Council today offered early status reports on their initial research toward developing recommendations and reports due to be presented in 2018 and 2019. Speaking at CSRIC’s meeting at the FCC’s Washington headquarters this afternoon, Farrokh Khatibi, director-engineering at Qualcomm Technology, Inc., chair of Working Group 2, which is focused on Comprehensive Re-imagining of Emergency Alerting, said the group’s objective is to conduct a comprehensive evaluation of emergency alerting and emerging technologies that may result in new alerting capabilities. The group plans to “evaluate existing techniques and propose potential improvements.” It plans to deliver a report on reimagining alerting in June 2018 and another on authentication and validation in December 2018.
Mr. Khatibi said the working group is currently conducting a “landscaping” effort to better understand the various technologies and getting presentations from various groups. The next steps for the group involve additional presentations and then developing a work plan to accomplish the group’s goals.
Budge Currier, branch manager of the California 9-1-1 Emergency Communications Branch of the Governor’s Office of Emergency Services, asked if the working group would be addressing the needs of the hard of hearing, noting that the Northern California wildfires had proven that alerting to the hard of hearing was an issue that needs more attention.
Mr. Khatibi said the group will “definitely consider that. We will make sure that we have that in our agenda going forward and make sure that discussion happens.”
Mary Boyd, vice president-regulatory, policy and government affairs at West Safety Services and chair of Working Group 1 on the Transition Path to NG911, explained that the group has been tasked with recommending measures to improve legacy 911 and next-generation 911 systems, including ways the FCC may further the NG911 transition and enhance reliability.
The group’s first task is to review existing best practices and to develop additional guidance on overall monitoring, reliability, notifications, and accountability in preventing 911 outages in “transitional NG911 environments,” Ms. Boyd said. That will include identifying risks associated with transition 911 systems that could disrupt 911 service and make recommendations to protect them and studying specific actions that originating service providers, 911 system service providers and other entities to detect and deter outage precursors before 911 calls are delivered to the ESInet gateway, she added. The group’s second task will be to study and develop recommendations on small carrier best practices for the transition to NG911, Ms. Boyd said.
The group plans to finalize its report on task 1, 911 system reliability and resiliency in the NG911 transition, by March 2018 and its task 2 report on small carrier NG911 transition considerations by June 2018.
In response to a question, Ms. Boyd said the group planned to get input from small public safety answering points by taking with some trade associations to put together “informal subteams that we can vet language with.” She said it was “very important that the small carriers have an opportunity to review drafts. We will bring them in as subject matter experts as needed.”
Travis Russell, director of telecommunications cybersecurity at Oracle Communications and chair of working group 3 on network reliability and security risk reduction, said its group was would be looking at “current threats not just within the United States but also globally.”
Working group 3 has three planned deliverables. First, due in March 2018, is a report on best practices and recommendations to mitigate security risks to wireless protocols, particularly Diameter, Mr. Russell said. Second, due in due in September, will be a report on best practices and recommendations to mitigate security risks to current Internet protocol-based protocols, he said. Although that may extend to other protocols, the initial expectation is that it will focus on the Border Gateway Protocol, Mr. Russell said. Third will be a report, due in March 2019, on best practices and recommendations to mitigate security risks to emerging 5G wireless networks.
“What we’ve discovered in the last five to six years is that we didn’t have to worry much about security,” Mr. Russell said. “We did business as utility companies, and our partners were also security companies, and we operated with this trust. That trust model has been broken, with unauthorized access into the roaming ecosystem.” —Brian Hammond