ITU-T Study Group 17 (Study Period 2005-2008)
Lead Study Group Activities - Telecommunication Security
Study Group 17 has been designated the Lead Study Group for Telecommunication
Security in accordance with World Telecommunication Standardization Assembly
(WTSA-04) Resolution 2.
Activities of the LSG for Telecommunication Security include: developing and
maintaining security outreach material; coordination of security-related
work; and identification of needs and assignment and prioritization of work
to encourage timely development of telecommunication security
Within SG 17 for the period 2005-2008 the Question 4/17 has been identified
as the coordinator for LSG for Telecommunication Security activities. This
effort will be carried out closely with other Study Groups to identify and
develop security solutions. However, specific expertise to integrate these
solutions with the technology under development can come only from the
Question carrying out the development.
All Study Groups are requested to keep Study Group 17 informed of their work
plans regarding security so that they can be integrated into the overall
security work programme.
In August 2006, the TSB published a third edition of the security manual entitled
"Security in telecommunications and information technology - An overview of issues
and the deployment of existing ITU-T Recommendations for secure telecommunications."
This manual includes highlights the major security work of the ITU-T Study Groups.
The security compendium provides information on ITU security activities and consists of five parts
Security Standards Roadmap
This Roadmap is an on-line resource that provides information about existing Information
and Communication Technology (ICT) security standards and work in progress in key standards
development organizations. In addition to information on the ITU-T security Recommendations
and related work, the Roadmap currently includes information on standards work of ISO/IEC,
ATIS, ENISA, ETSI, IEEE, IETF, OASIS, 3GPP, and 3GPP2.
The Roadmap is in five parts:
ITU-T Study Group 17 organized a workshop on Security that was held 13-14 May 2002 in Seoul, Korea. The workshop focused on the following subjects: Security Requirements and telecommunications reliability, Hot topics on IP-based network security, Security management, Biometric authentication and Mobile security.
The presentations and related information are available (including a link to the ITU workshops on "Creating trust in critical network infrastructures").
A second ITU-T workshop on security entitled “New Horizons for Security Standardization” took place on 3-4 October 2005. This workshop, actively supported by Study Group 17, helped to further address the information and communications security issues and promote increased cooperation between organizations engaged in security standardization work.
Presentations and related information (including the final report that was provided as input to relevant organizations) are available.
The ITU-T organized a Cybersecurity Symposium on 4 October 2004, the day before the opening of the WTSA-04 in Florianópolis, Brazil. The symposium brought together senior experts from governments, computer emergency response teams (CERTs), network operators and equipment manufacturers to address the current state of cybersecurity and future approaches to ensuring security in cyberspace.
Details and material.
A Cybersecurity Symposium II took place in Moscow (Russian Federation) on 29 March 2005. The main objective of the symposium was to highlight the importance of Cybersecurity as an essential part of information and communication technologies (ICT). There was a discussion on international cooperation, which is increasingly becoming the decisive issue in coordinating the efforts of state institutions and business for the harmonized development of normative, legal, technological and organizational aspects of an effective Cybersecurity infrastructure.
Details and material.
Tutorial on writing safe and secure programs
A list of suggestions has been prepared on how to avoid the most common pitfalls that make software less secure or less safe than it should be. It is addressed to software developers and covers the phases of software design, implementation, and testing. It focuses on network application programs, but many of the suggestions are equally valid for other kinds of software.
Security Guidance for ITU-T Recommendations
ITU-T Study Group 17 has created a document "Security Guidance for ITU-T Recommendations" to provide guidance to authors and reviewers of ITU-T Recommendations to consistently address security considerations within their Recommendations. This document responds to WTSA-04 Resolution 50 which recognizes that converged legacy networks and IP networks are potentially more vulnerable to intrusion if adequate care is not taken in the security design and management and requires the ITU-T to evaluate existing and evolving new Recommendations, especially signalling and communications protocol Recommendations, with respect to their security considerations.
Other outreach activities and presentations
ITU-T Study Group 17 participates in, and contributes to ICT security-related activities in other organizations. Presentations on the ITU-T work on telecommunication security were made to the
Global Standards Collaboration meetings (GSC 11 and GSC 12) in 2006 and 2007 and to the 2007
European Telecommunications Standards Institute (ETSI) Security Workshop in 2007 and 2008.
Contributions and presentations on the SG 17 work were also made to the
Internet Governance Forum in 2006 and 2007.
In 2006 and 2007, on behalf of the ITU-T, SG 17 representatives participated in the ISO, IEC and ITU-T Strategic Advisory Group on Security (SAG-S). Related information may be found at
Copies of the above presentation decks are available at
Presentations on Security