Committed to connecting the world


Executive summary

Executive Summary

ITU-T Study Group 17, Security, meeting

22 – 30 March 2017, Geneva/Switzerland

Hot topics:

• IoT security
• Intelligent Transport System security
• Cybersecurity
• Event Data Recorder
• Telebiometrics
• Cloud computing security
• Identity management
• Security architecture
• Software-defined networking security
• Information Security Management
• Mobile terminal security
• Smart-grid security
• Application security
• Advertising spam/fraud
• ASN.1, Cryptographic Message Syntax

ITU workshop on security aspects of Blockchain

To follow-up the successful (see good feedbacks on Twitter) workshop on Tue 21 March 2017, SG17 discussed and proposed for TSAG to establish a Focus Group on Blockchain.

SG17 WP Structure and leadership:

  • WP1 (Q2, 3, 6 and 13/17):
                Chairman: Mr. Yutaka MIYAKE (KDDI, Japan)
                Vice-Chairmen: Mr. Vasily DOLMATOV (Russia) and Mr. Gokhan EVREN (Turkey)
  • WP2 (Q4 and 5/17):
                Chairman: Mr. Koji NAKAO (NICT, Japan)
                 Vice-Chairman: Ms. Inette FUREY (DHS, USA)
  • WP3 (Q7, 8 and 12/17):
                Chairman: Mr. Arnaud TADDEI (Symantec, USA)
                Vice-Chairman: Mr. Zhaoji LIN (ZTE, China)
  • WP4 (Q9, 10 and 11/17):
                Chairman: Mr. Kepeng LI (Alibaba, China)
                Vice-Chairman: Mr. Jae Hoon NAH (ETRI, Korea)
  • In addition, Q1/17 reports to SG17 plenary. Q1/17 Rapporteur - Ms. Wala Turki Latrous (CERT, Tunisia)

New Question 13/17:

A new Question 13/17 on Security Aspects for Intelligent Transport System was established.  As a consequence, Q6/17 was modified.

New SG17 Regional Group (SG17RG-ARB):

SG17 closing plenary on 30 March 2017 supported the creation of a new SG17 regional group for Arab region (SG17RG-ARB).

New work items:

Seven new work items were agreed to be added to the SG17 work programme. Details are in Annex B.
Two work items were discontinued. Details are in Annex C.

Next SG17 meeting:

  • Tuesday 29 August – Wednesday 6 September 2017 (7 days), Geneva, Switzerland.
  • Seven Questions (2, 3, 4, 6, 8, 10 and 13) plan to hold nine interim Rapporteur meetings during the period prior to the next meeting of Study Group 17.
  • 35 texts are planned for approval, determination, consent or agreement in September 2017.
  • An ITU workshop on ITS security is planned on Monday 28 August 2017, Geneva, Switzerland.

Meeting Output:

The SG17 plenary meeting:

  • Approved seven draft new ITU-T Recommendations announced for TAP in accordance with WTSA-16 Resolution 1, Section 9. Details are in Annex A a).
  • Approved one new Amendment. Details are in Annex A c).
  • Determined (TAP) four draft new/revised ITU-T Recommendations in accordance with WTSA-16 Resolution 1, Section 9. Details are in Annex A d).
  • Consented (AAP) one draft new ITU-T Recommendation and two draft Technical Corrigenda for Last Call according to Recommendation ITU-T A.8. Details are in Annex A e).

Bridging the Standardization Gap (BSG):

  • Orientation programme for newcomers: Comprehensive programme through welcome and guided tour, orientation session with SG17 new management team.
  • BSG hands-on training session for 15 participants from 12 developing countries.

Tutorial presentations:

Five tutorial presentations received positive feedback on their rich information, including SG17 overview for newcomers; presentation from Kudelski and updates on security standardization work progress in ETSI, ENISA and GSMA.


  • 146 participants (3 more than at the previous SG17 meeting, 174 pre-registered); 34 Member States, 20 Sector Members, 2 Associates, and 3 Academia. 6 invited experts.
  • New participation from: Saudi Arabia, Spain and Kudelski.
  • SG17 vice chairmen absent: Patrick-Kennedy KETTIN ZANGA, Central Africa
  • Mr Gunhee Lee acted as acting Q6/17 Rapporteur during this meeting in the absence of Mr Jongyun Baek.

Other highlights:

  • SG17 plenary organized 10 special sessions to address items of broad interest.
  • On special session on implementation of WTSA Res 94 cloud based event data technologies, SG17 observed potential value of EDR (Event Data Recorder - a core of the event data technologies) to broader industry sectors beyond the aviation industry and agreed that the security aspects of EDR should be led by Q4/17 (Cybersecurity) with support by other Questions of SG 17. SG17 sent an outgoing liaison to invite contributions from automobile industry (SAE) and aviation industry (ICAO) on security aspects of EDR related technologies to avoid increasing complexity by a sector-specific approach.
  • SG17 analysed FG DFS reports, especially on security aspects of digital financial services, and identified potential work area in Q3, 4 and 10/17.
  • SG17 decided to continue JCA-IdM with revised terms of reference until SG17 meeting in 2nd half of 2018, and to put JCA-COP in dormant.
  • The ICT Security Standards Roadmap and the Security Compendia were updated.  A seventh edition of the Security Manual is desired in 2018 with the support of the TSB.

Correspondence Groups:

  • CG-IoTSec (Correspondence Group on Security and Privacy for IoT for ongoing coordination and collaboration, joint with SG20) was continued with updated terms of reference.
  • CG-CYBEX was reestablished with updated terms of reference.

Meeting input and organization:

Contributions: 78 (63 last time, 23% more)
Top contributors (contribution with multiple-authors are counted multiple times): Korea (21), ETRI (11), China Mobile (11), China Unicom (8), China Telecom (5), Alibaba (5)
TDs: 368 (12 less than in the previous meeting). This includes 40 incoming liaison statements, and 38 outgoing liaison statements.
172 sessions were organized, many parallel meetings per quarter each day. 15 sessions were equipped with AdobeConnect to allow participation from remote.

 Annex A

Actions taken on Recommendations, and other texts at the 30 March 2017 SG17 plenary

a)          Recommendations approved (TAP – WTSA-16 Resolution 1):

The SG17 plenary meeting approved (TAP) seven draft new ITU-T Recommendations in accordance with WTSA-16 Resolution 1, Section 9.


Q(1) Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC
Start of work Timing
Information technology – Security techniques – Code of practice for personally identifiable information protectionNewSoonjoung Byun,
Lijun Liu,
Heung Youl Youm
TD0306 Rev.3ISO/IEC 291512011-092017-03
Design considerations for improved end-user perception of trustworthiness indicatorsNewYouki Kadobayashi,
Daisuke Miyamoto
TD198 Rev.1 2014-092017-03
Access control models for incidents exchange networksNewAlexey KoshkaSG17-R72

Guidelines on mitigating the negative effects of infected terminals in mobile networksNewLiu Lijun,
Chen Zhang
SG17-R76 2016-032017-03
Simple encryption procedure for Internet of things (IoT) environmentsNewShugo Mikami

TD282 Rev.2
Note (2)

Secure software update capability for intelligent transportation system communication devicesNewMasashi Eto,
Koji Nakao
TD267 2014-092017-03
9/17, (11/17)X.1080.0 (X.pbact)Access control for telebiometrics data protectionNewEric Andersen,
Michele Peiry


(1)   In case of joint Question activity, the lead Question is given without parentheses and other Questions are shown in parentheses; such entries are only shown in the table against the lead Question.
(2) A.5 justification information for draft new Recommendation ITU-T X.1362 is found in TD283.

Approval of the above Recommendations is reflected in TSB Circular 23 of 1 May 2017.

b)          Recommendations (not approved) (TAP – WTSA-16 Resolution 1):


c)          Amendment approved:

The SG17 plenary meeting approved one new Amendment.

Q Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC
Start of work Timing
Overview of cybersecurity information exchange – Amendment 10 – Revised structured cybersecurity information exchange techniquesNote (1)Youki Kadobayashi TD260 Rev.1 2016-092017-03

(1)   Amendment 11, which updates Appendix I, supersedes Amendment 10.

d)          Recommendations determined (TAP – WTSA-12 Resolution 1):

The SG17 plenary meeting determined (TAP) three new and one revised draft ITU-T Recommendations in accordance with WTSA-16 Resolution 1, Section 9.

Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC
Start of work Timing

X.1213 (X.sbb)

Security Capability Requirements for Countering Smartphone-based BotnetsNewJunjie Xia,
Bo Yu,
Jae Hoon Nah
TD276R2 2014-012017-03
4/17X.1541Incident Object Description Exchange Format version 2RevisedYouki Kadobayashi,
Takeshi Takahashi

Note (1)


X.1248 (X.cspim)

Technical Requirements for Countering Instant Messaging Spam (SPIM)NewHuamin Jin,
Shuai Wang,
Junjie Xia,
Zhaoji Lin
TD261R2 2014-012017-03
6/17X.1127 (X.msec-9)Functional security requirements and architecture for mobile phone anti-theft measuresNewHeung Youl Youm,
Junjie Xia

(1) A.5 justification information for draft revised Recommendation ITU-T X.1541 is found in TD257.

Information on the Member States consultation is available in a TSB Circular planned to be issued in May 2017 after a period of editorial checking. Further updates will be posted at

e)          Recommendations consented for Last Call (AAP – Recommendation ITU-T A.8):

The SG17 plenary meeting gave consent (AAP) to one draft new ITU-T Recommendationand two draft Technical Corrigenda for Last Call according to Recommendation ITU-T A.8:

Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC
Start of work Timing

X.1145 (X.websec-6)

Security framework and requirements for open capabilities telecommunication servicesNewJunjie Xia, Feng Gao,
Jae Hoon Nah
TD298R2 2014-092017-03
11/17X.680 DTC1

Information technology – Abstract Syntax Notation One (ASN.1): Specification of basic notation Technical Corrigendum 1

 Jean-Paul Lemaire TD296ISO/IEC 8824-1 Cor.12016-092017-03
11/17X.696 DTC1

Information technology – Specification of Octet Encoding Rules (OER) Technical Corrigendum 1

 Jean-Paul Lemaire TD297

ISO/IEC 8825-7 Cor.1


These Recommendations have entered into AAP Last call on 16 April 2017 (see AAP-10).

Annex B

New work items

The following 7 new work items were agreed to be added to the SG17 work programme:

Q Acronym Title New/ Revised AAP/TAP/ Agreement

Supporting members


e.g., ISO/IEC

2/17X.sdnsec-3Security guideline of Service Function Chain based on software defined networkNewAAPFeng Zhang,
Min Zuo,
Junjie Xia,
Zhiyuan HU,
JungSoo Park
TD335 2019-03
4/17X.1541revrevised X.1541  -Incident object description exchange format version 2revisedTAPYouki KADOBAYASHI,
Takeshi Takahashi

Note (1)

4/17X.ucstixUse Cases for Structured Threat Information ExpressionNewTAPJong-Hyun Kim, Ik-Kyun Kim TD266R1 2019-09
5/17X.tfcasTechnical framework for countering advertising spam in user generated informationNewAAP

Kepeng Li, Zhaoji Lin,  Keundug Park, Feng Zhang

TD289R2 2019-09
6/17X.iotsec-3*Technical framework of PII (Personally Identifiable Information) handling system in IoT environmentNewTAPYutaka Miyake,
Bo Yu
TD320R1 2018-10



Telebiometric Access Control with smart ID Card
New AAPMyung Geun Chun TD361R1



Supplement to X.1254rev on use cases and high level abstract implementationsNew AgreementJunjie Xia,
Bo Yu,
Feng Zhang
TD316R1 2019-03

*      Target date for consent or determination of Recommendations or for agreement of Supplements or non-normative text.
(1)   Revised X.1541 was determined at 2017-03

Annex C

Work items discontinued

Q Acronym Title Action
Holosphere to biosphere secure data acquisition and telecommunication protocol
Discontinue and delete from the work programme
Information technology – Generic applications of ASN.1 – Cryptographic Message SyntaxDiscontinue and delete from the work programme