|2019-05-24||Work Programme||Version 2.3.3|
|Work Item Reference||Type||STF||Technical Body
(Click to View Full Schedule)
|Cover Date||Standstill||Creation Date|
||0.0.2 Draft||View Standstill Information||2016-09-13|
|Rapporteur||Technical Officer||Harmonized Standard|
|Scott Cadzow||Sonia Compans||No|
CYBER Critical Infrastrucure Metrics for Identification of CI
Metrics for Identification of CI
Scope and Field
To prepare an ETSI TS that defines the metrics against the ICT elements to establish a system as critical infrastructure (CI). To address the following points from TR 103 303:
-- Are the impacts of a successful attack on the CI understood?
-- Have those impacts been used to properly categorize the CI?
-- Have any dependencies relating to the CI been captured and analysed?
-- Have any interdependencies relating to the CI been captured and subjected to further analysis?
-- Can the owner of the CI and its location be quickly ascertained?
-- How frequently will the categorization of this CI need to be reviewed?
The TS will specify the metrics to address the above points in close co-operation with the CI authorities of both EU Member States and other jurisdictions (also needs to take account of trans-national CI facilities).
The TS will be part 1 of a multi-part TS to be defined in due course but with the following structure:
Part 1 – CI identification
Part 2 – CI reporting and registration
Part 3 – measures for CI integrity base point calculation
Part 4 – measures for access control to protect CI
|VODAFONE Group Plc, Cadzow Communications, CESG, P3 communications GmbH, Attorney-General's Department, Yaana Limited|
Security by default
|Work Item Aspects|
Addresses CIP with focus on ICT equipment and services
|Any comments or problems with this application? Please let us know...|