The FCC’s Communications Security, Reliability, and Interoperability Council today got updates from its eight working groups on progress being made toward a range of deliverables they’re due to produce starting in March, including reports on security of wireless emergency alerts and best practices for  cybersecurity in hardware and software design. Jeffery Goldthorp, the FCC’s designated federal officer to the CSRIC, noted that starting at every council meeting beginning in March there will be votes on work products.  “The missions and milestones might be aggressive, and we recognize the tasks are complex,” he said.  “We want to make sure we have a regular back and forth to ensure the complex tasks are not keeping us from getting to the important goals.”

Jeff Cohen of ACPO and co-chair of working group 1 on evolving 911 services, said the group is reviewing for a report due in March “public safety best practices and standard operating procedures on legacy, IP-based, and next-generation 911 calls for rerouting 911 calls” and identifying gaps and making recommendations toward “optimizing reroutes.”

Working group 2, on emerging alerting platforms, is examining the security aspects of wireless emergency alerts to ensure the service is secure, according to co-chair Farrokh Khatibi of Qualcomm, Inc.  In addition, the group is looking at ways to encourage local and state use of the system, he said.  A report on the security issue is due in March, while action on the local and state issue will come later, Mr. Khatibi said.

Co-chair Francisco Sanchez of Harris County, Texas, said the group also is looking at social media, which is “increasingly more active in not only alerts but in notifications and warning people on some of those social media pages” in the event of emergencies.  Some issues to be examined include how to send out alerts over multiple social media platforms and whether such alerts can somehow be integrated, he said.

Working group 3 on emergency alert systems is looking at improving security, providing multilingual alerts, and developing a new handbook for EAS participants, which provides the procedures to be followed during a specific alert, said Kelly Williams of the National Association of Broadcasters.  The group plans to have recommendations ready for consideration at CSRIC’s March meeting on the first two issues, with recommendations on the handbook likely to come in June, she said.

Speaking for working group 4B on network timing, Jennifer Manner of Echostar Corp. said the group has been focused on “looking at alternatives for a backup solution to GPS,” which is “critical for network timing and other functions.”  The group has made progress on a draft report and is “nearing the end of defining the solutions we are evaluating,” she said.  The group plans to present options in June for implementing backup precision timing solutions independent of GPS and by December 2016 plans to have a report on recommendations.

Working group 4A on submarine cable resiliency is working on two reports on physical risk for cable infrastructure and recommended distances from other marine activities, said Kent Bressie of NASCA.  “It is focused on issues with a lack of coordination, all of which play a role in not only licensing infrastructure but a host of other marine activities that can cause risk of damage to submarine cables and harm U.S. network resilience,” he said.

The group also is focused on “examining gaps in agency activities in the state and local levels,” Mr. Bressie said.  He suggested a clearinghouse for information about installed and planned submarine cable to provide industry with a single point of contact on the issue.

Chris Boyer of AT&T, Inc., said working group 5 on cybersecurity information sharing is examining barriers to information sharing, including “optimal sharing trust pools” and “conduits.”  The group plans to have a draft of different use cases showing the flow of how information is currently shared by January 31, he said.

Working group 6 on hardware and software security by design is working on a set of recommendations, due in March, on best practices to enhance the security of hardware and software in the design stage.

Working group 7 on cybersecurity workforce is developing recommendations the FCC should take to encourage development of that workforce.  The group said it is using the National Institute of Standards and Technology’s cybersecurity framework and comparing that to telecom industry needs to see if there are any gaps that need to be filled.

Working group 8 on priority services has just begun work and had less to present to the council.  The group is “just sorting out what we are going to do,” said co-chair Tom Anderson of Cisco Systems, Inc.  The group plans to “assess how priority service programs can take advantage and recommend protocols that can be used to ensure priority indications,” he said. – Brian Hammond, brian.hammond@wolterskluwer.com

Courtesy TRDaily