Committed to connecting the world



Executive Summary

Meeting of ITU-T SG17 'Security', Geneva, 27 August - 5 September 2019

Hot topics:

  • 9th edition of X.500-series Recommendations on 'Directory' and PKI
  • Security Architecture
  • Cybersecurity
  • Quantum-based security
  • Preparation for WTSA2020
  • Distributed identity management

ITU Workshop on Fintech Security 

The event was announced by TSB Circular 158 and was attended by 71 participants (including remote participation) from 22 countries.  Outcome of this workshop identified next step advices for SG17 is found here.

Meeting Output:

  • Agreed 3 texts: Amendment, Supplement, Implementers' Guide. Details are in Annex A c).
  • Determined (TAP): 8 new Recommendation, Details are in Annex A d).
  • Consented (AAP): 8 new, 26 25 revised Recommendation and 2 new Corrigenda for Last Call. Details are in Annex A e).
  • New work items: 25 26 NWIs were agreed to be added to the SG17 Work Programme. One work item to be removed. Details are in Annex B.

Next SG17 meeting:

  • 1st SG17 meeting in 2020: Tuesday 17 – Thursday 26 March 2020 in Geneva (8 Working days)
    • 24 texts are candidate for action in next SG17 meeting, see in Annex A f).
  • Interim RGMs: 9 Questions plan to hold 11 RGMs.
  • 2nd SG17 meeting in 2020: Tuesday 25 August – Thursday 3 September 2020, venue to be confirmed (8 Working days)


  1.  ​
1.                 3/17
Dec 2019Japan
  • To address all work items of Q3/17
2.                 4/17 (colocated with Q16/13Dec 2019Japan
  • Quantum
3.                 6/1713-14 Jan 2020Kuala Lumpur, Malaysia
  • To address all work items and identify future topics for Q6/17
4.                 7/1722 - 23 Oct 2019Haikou, China
  • To address all items of Q7/17
5.                 8/177-8 Jan 2020Beijing, China
  • To address all items of Q8/17



5-6 Dec 2019Japan
  • To progress all the work of Q10/17



3-7 Feb 2020London, UK
  • Collaborative meeting ITU-T Q11/17 and ISO/IEC/JTC 1/SC 6/WG 10



11 Dec 2019e-meeting
  • TR.ors
9.                 Joint meeting of Q11/17 and Q14/175-6 Dec 2019Fribourg, Switzerland
  • Decentralized identity
10.              13/17 7-8 Jan 2020Fukuoka, Japan
  • To address all work items of Q13/17
11.              14/17

Jan 2020e-meeting
  • Focus on work items toward consent (X.sra-dlt, X.str-dlt, and
  • work on coordination matters

Bridging the Standardization Gap (BSG):

  • Welcome and guided tour for newcomers;
  • SG17 orientation session with SG17 overview presentation given by SG17 Chairman;
  • ITU-T leadership training to Rapporteurs and Editors
  • Informal gatherings of SG17RG-AFR and SG17RG-ARB
  • Trial on use of a daily 'check-in' sheet to track and evaluate participation of delegates attending this SG17 meeting on an ITU fellowship

Tutorial presentations: TD2147


  • 206 participants (263 announced): 41 countries, 27 Sector Members, 5 Associates, and 1 Academia. 7 invited experts.
  • 6 partial fellowships granted: Congo DRC, Guinea, Liberia, Mali, Senegal, Sudan
  • 2 New Member States participation: Eswatini and Mozambique
  • SG17 vice chairmen absent (6/9): Gökhan EVREN (Turkey), Juan GONZALEZ (USA), Muataz Elsadig ISHAG (Sudan), Patrick-Kennedy KETTIN ZANGA (Central Africa), Hugo Darío MIGUEL (Argentina) and Wala TURKI LATROUS (Tunisia)

Correspondence Groups (both to continue):

  • CG-xss (correspondence group on transformation of security study)
  • CG-wtsa20-prep (Correspondence Group on SG17 preparation for WTSA-20)

Meeting input and organization:

  • 151 – double of last Study Period (past meetings: 118, 144, 113, 106, 78, 81, 66, 74, 80)
  • Contribution# from: APT (120 (79%) (= China 57 (38%), Korea 50, Japan 10, India 2, Malaysia 1)), Americas (16), EUR (5), AFR (6), ARAB (2), LAM (2), Russia (1). 
  • TDs: 508 (previous meeting: 380, 420, 395, 426, 368, 391, 418, 371, 386), including 64 incoming liaison statements and 42 outgoing liaison statements; 100+ prepared by SG17 secretary.
  • 240 sessions (previous meeting: 240, 252, 249, 204) were organized, up to 12 parallel meetings per quarter.
  • 30 sessions (previous meeting: 29, 27, 25, 11) used remote participation

Annex A
Actions taken on Recommendations, and other texts at the 5 Sept 2019 plenary

a) TAP Recommendations approved (WTSA-16 Resolution 1):


b) TAP Recommendations not approved (WTSA-16 Resolution 1):


c) Amendment approved, Corrigendum approved, Supplements agreed:

The SG17 plenary meeting agreed the following 3 texts:

QAcronymTitleNew / RevisedEditor(s)Location of textEquivalent
e.g., ISO/IEC
Start of workTiming
6/17X.1197 Amd.1Amendment 1 of ITU-T Recommendation X.1197, Guidelines on criteria for selecting cryptographic algorithms for IPTV service and content protectionNewStiepan Kovac
TD2442 2019-012019-09
10/17X.Sup35 (X.sup-1254)ITU-T X.1254 - Supplement on use cases and high level abstract implementationsNewJunjie Xia,
Bo Yu,
Feng Zhang
TD2471 2017-032019-09
12/17Z.Imp100-revZ.Imp100 Specification and Description Language Implementer's guide – Version 4.0RevRick ReedTD2182 2018-092019-09

d) Recommendations determined (TAP – WTSA-16 Resolution 1):

The SG17 plenary meeting determined the following 8 texts:

 QAcronymTitleNew / RevisedEditor(s)Location of textEquivalent
e.g., ISO/IEC
Start of workTiming
1.   6/17X.1332 (X.sgsec-3)Security guidelines for smart metering service in smart gridsNewGunhee LeeTD2352 2016-092019-09
2.   6/17X.1363 (X.iotsec-3)Technical framework of personally identifiable information (PII ) handling system in IoT environmentNew

Yutaka Miyake,

Bo Yu

TD2396 2017-032019-09
3.   6/17X.1364 (X.nb-iot)Security requirements and framework for narrow band internet of thingsNewFeng Gao,
Junjie Xia,
Heung Youl Youm,
Bo Yu
TD2398 2017-092019-09
4.   6/17X.1365 (X.ibc-iot)Security framework for use of identity-based cryptography in support of IoT services over telecom networksNewZhaohui Cheng, 
Haiguang Wang,
Jiang Yu
TD2365 2017-092019-09
5.   13/17X.1371
Security threats in connected vehiclesNew
ChangOh Kim,
Sang-Woo Lee,
Koji Nakao,
Seungwook Park
TD2424 2018-032019-09
6.   13/17X.1372
Security guidelines for V2X communication systemsNewChangOh Kim, 
Sang-Woo Lee,
Jae-Hoon Nah,
Seungwook Park
TD2431 2014-092019-09
7.   8/17X.1604
Security requirements of network as a service (NaaS) in cloud computingNewZhiyuan Hu,
Ye Tao,
Chen Zhang,
Ni Zhang
TD2411 2016-082019-09
8.   8/17X.1605 (X.SRIaaS)Security requirements of public infrastructure as a service (IaaS) in cloud computingNewHuamin Jin, 
Laifu Wang, 
Mengxi Wang,
Shuai Wang 
TD2443 2016-03 2019-09

e) AAP Recommendations consented for Last Call (Recommendation ITU-T A.8):

The SG17 plenary meeting gave consent (AAP) to the following 35 new/rev ITU-T Recommendations and Technical Corrigendum for Last Call according to Recommendation ITU-T A.8:


AcronymTitleNew / RevisedEditor(s)Location of textEquivalent
e.g., ISO/IEC
Start of workTiming
1.       2/17X.1044 (X.srnv)Security requirements of network virtualization
NewDi Liu,
Min Shu,
Ye Tao,
Min Zuo
2.       2/17X.1045 (X.ssc)Security service chain architecture and its applicationNewZhiyuan Hu,
Min Shu, 
Ye Tao,
Xiaojun Zhuang,
Min Zuo
TD2383 2017-092019-09
3.       3/17X.1059 (X.grm)Risk management implementation guidance on the assets of telecommunication organizations accessible by global IP-based networksNewYunbo Feng,
Bo Yu,
Chen Zhang
TD2409 2014-092019-09
4.       4/17X.1702 (X.qrng-a)Quantum noise random number generator architecture  NewMatthieu Legré, 
Zhangchao Ma, 
Hao Qin, 
Dong-Hi Sim 
TD2391 2018-092019-09
5.       5/17X.1232 (X.tfcas)Technical framework for countering advertising spam in user generated information NewKepeng Li,
Zhaoji Lin, Keundug Park, Feng Zhang
TD2390 2017-032019-09
6.       11/17X.500revInformation technology – The Directory –  Overview of concepts, models and servicesRevErik AndersenTD2329ISO/IEC 9594-1 2017-092019-09
7.       11/17X.501revInformation technology – The Directory –  ModelsRevErik AndersenTD2330ISO/IEC 9594-22017-09 2019-09
8.       11/17X.509revInformation technology – The Directory – Public-key and attribute certificate frameworksRevErik AndersenTD2328ISO/IEC 9594-8 2017-092019-09
9.       11/17X.511revInformation technology – The Directory – Abstract service definitionRevErik AndersenTD2331ISO/IEC 9594-32017-09 2019-09
10.    11/17X.518revInformation technology – The Directory – Procedures for distributed operationRevErik AndersenTD2332ISO/IEC 9594-4 2017-092019-09
11.    11/17X.519revInformation technology – The Directory – Protocol specificationsRevErik AndersenTD2333ISO/IEC 9594-52017-09 2019-09
12.    11/17X.520revInformation technology – The Directory – Selected attribute typesRevErik AndersenTD2334ISO/IEC 9594-6 2017-092019-09
13.    11/17X.521revInformation technology – The Directory – Selected object classesRevErik AndersenTD2335ISO/IEC 9594-72017-09 2019-09
14.    11/17X.525revInformation technology – The Directory – The Directory: ReplicationRevErik AndersenTD2336ISO/IEC 9594-9 2017-092019-09
15.    11/17X.677 (X.uav-oid)Identification mechanism for unmanned aerial vehicles using object identifiersNewWenjing MaTD2389 2018-032019-09
16.    11/17X.694 Cor.1Information technology - ASN.1 encoding rules: Mapping W3C XML schema definitions into ASN.1 Corrigendum 1NewJean-Paul LemaireTD2326ISO/IEC 8825-52019-092019-09
17.    11/17X.893 Cor.1Information technology - Generic applications of ASN.1: Fast infoset security Technical Corrigendum 1NewJean-Paul LemaireTD2325ISO/IEC 24824-32019-092019-09
18.    12/17Z.100 Annex F1-revSpecification and Description Language - Overview of SDL-2010 - SDL formal definition: General overviewRevRick Reed, Edel SherrattTD2179 2018-092019-09
19.    12/17Z.100 Annex F2-revSpecification and Description Language - Overview of SDL-2010 - SDL formal definition: Static semanticsRevRick Reed, Edel SherrattTD2180 2018-092019-09
20.    12/17Z.100 Annex F3-revSpecification and Description Language - Overview of SDL-2010 - SDL formal definition: Dynamic semanticsRevRick Reed, Edel SherrattTD2181 2018-092019-09
21.    12/17Z.100revSpecification and Description Language - Overview of SDL-2010RevRick ReedTD2171 2017-092019-09
22.    12/17Z.101revSpecification and Description Language - Basic SDL-2010RevRick ReedTD2172 2017-092019-09
23.    12/17Z.102revSpecification and Description Language - Comprehensive SDL-2010RevRick ReedTD2173 2017-092019-09
24.    12/17Z.103revSpecification and Description Language - Shorthand notation and annotation in SDL-2010RevRick ReedTD2174 2017-092019-09
25.    12/17Z.104revSpecification and Description Language - Data and action language in SDL-2010RevRick ReedTD2175 2017-092019-09
26.    12/17Z.105revSpecification and Description Language - SDL-2010 combined with ASN.1 modulesRevRick ReedTD2176 2017-092019-09
27.    12/17Z.106revSpecification and Description Language - Common interchange format for SDL-2010RevRick ReedTD2177 2017-092019-09
28.    12/17Z.107revSpecification and Description Language - Object-oriented data in SDL-2010RevRick ReedTD2178 2017-092019-09
29.    12/17Z.161revTesting and Test Control Notation version 3: TTCN-3 core languageRevDieter HogrefeTD2251ETSI ES 201 873-12018-092019-09
30.    12/17Z.161.2revTesting and Test Control Notation version 3: TTCN-3 language extensions: Configuration and deployment supportRevDieter HogrefeTD2252ETSI ES 202 7812018-092019-09
31.    12/17Z.161.6revTesting and Test Control Notation version 3: TTCN-3 language extensions: Advanced MatchingRevDieter HogrefeTD2253ETSI ES 203 0222018-092019-09
32.    12/17Z.161.7Testing and Test Control Notation version 3: TTCN-3 language extensions: Object-Oriented Features NewDieter HogrefeTD2254ETSI ES 203 7902019-092019-09
33.    12/17Z.166revTesting and Test Control Notation version 3: TTCN-3 control interface (TCI)RevDieter HogrefeTD2255ETSI ES 201 873-62018-092019-09
34.    12/17Z.169revTesting and Test Control Notation version 3: Using XML schema with TTCN-3RevDieter HogrefeTD2256ETSI ES 201 873-92018-092019-09
35.    14/17X.1401 (X.sct-dlt)Security threats to Distributed Ledger TechnologyNewZhaoji Lin, 
Ke Wang, 
Kai Wei, 
Junjie Xia, Heung Youl Youm,
Min Zuo 
TD2441 2017-092019-09

These Recommendations will enter AAP Last call from Sept 2019. 

f) Work items planned for action in next SG17 meeting:


 ​​QAcronymTitleNew / RevisedEditor(s)Location of textEquivalent
e.g., ISO/IEC
Start of workTiming
1.       4TR.sec-qkdTechnical Report: Security framework for quantum key distribution in telecom networkNewMatthieu Legré, Dong-Hi SimTD2502 2018-092020-03
2. use of cryptographic functions on a key generated by a Quantum Key Distribution networks"NewMatthieu Legré, Dong-Hi Sim,TD2415 2019-01
3.       4X.gcpie*
Guidelines for Collection and Preservation of Cyber Security Incident EvidenceNewJooyoung Lee, Daesung Moon, Jonghyun Kim, Ikkyun KimTD2375 
4.       4X.sec-QKDN_ovSecurity Requirements for QKD Networks - OverviewNewDong-Hi SIM Matthieu Legré
Hao Qin
Zhangchao Ma
TD2460 2019-012020-03
5.       5X.tecwes*
Technologies in countering website spoofing for telecommunication organizationsNewChen Zhang,
Ruzhen Hu, 
Nan Meng
TD2394 2018-032020-03
6.       6X.5Gsec-q*Security guidelines for applying quantum-safe algorithms in 5G systemsNewFuwen Liu,
Yanfei Guo,
Zhiyuan Hu,
Zhaoji Lin,
Min Zuo
TD2388 2018-032020-03
7.       6X.amas-iot*Aggregate Message Authentication Scheme with Group Authentication Capability for IoT environmentNewKoji Nakao,
Junji Shikata
TD2422 2018-092020-03
8.       6X.elf-iot *Standard format of IoT error logs for security incident operationsNew

Koji Nakao,

Kiyotaka Atsumi

TD2399 2018-092020-03
9.       6X.secup-iot *Secure Software Update Procedure for IoT DevicesNew

Takeshi Takahashi,

Koji Nakao,

Yunchul Choi

TD1959 2017-092020-03
10.    7 (10)X.fdip*Framework of de-identification processing service for telecommunication service providersNewYe Won Lee,
Hyungjin, Lim,
Lijun Liu,
Jongyoul Park,
Heung Youl Youm
TD2380 2016-082020-03
11.    7X.sfopSecurity framework of open platform for FinTech servicesNewJae Hoon Nah,
Feng Gao,
Xin Wang,
HyungJin Lim
TD2461 2017-092020-03
12.    7X.tfrcaTechnical framework of risk control to support authenticationNewMin Zuo,
Xin Wang
TD2458 2018-092020-03
13.    8X.GSBDaaS*
Guidelines on security of Big Data as a ServiceNewNan Meng
Chen Zhang
Mark McFadden
TD2407 2016-092020-03
14.    8X.sgtBD*
Security guidelines of lifecycle management for telecom Big DataNewLanfang Ren
Jin Peng
Feng Gao
TD2386 2017-092020-03
15.    8X.SRCaaS*
Security requirements for communication as a service application environmentsNewChen Zhang
Nan Meng,
Xuetao Du,
Ye Tao
TD2403 2016-092020-03
16.    10X.1254rev*Entity authentication assurance frameworkRevAbbie Barbir,
David Tuner
TD2372 2016-092020-03
17.    10X.eaasd*Framework of enhanced authentication in telebiometric environments using anti-spoofing detection mechanismsNew

Kepeng Li

Hongwei Luo

TD2478 2016-092020-03
18.    10X.upu*
UPU S68 Postal identity management frameworkNew

Abbie Barbir

Gustavo Damy

TD2507UPU S682019-092020-03
19.    11TR.orsTechnical Report: Problems, requirements and potential solutions for OID resolutionNewMark McFadden
Ruifen Mu
Linjian Song
TD2417 2019-092020-03
20.    11X.509protProtocol specifications for public-key infrastructure and privilege management infrastructureNewErik AndersenTD2494ISO/IEC 9594-112017-092020-03
21.    13X.itssec-3Security requirements for external device with vehicle access capabilityNew

Aram Cho,

Seungwook Park,

Sang-Woo Lee,

Whapyeong Lim

TD2437 2017-092020-03
22.    14X.dlt-sec*Security considerations for using DLT data in Identity ManagementNewAbbie BarbirTD2497 2017-092020-03
23.    14X.sra-dltSecurity framework for Distributed Ledger TechnologyNew

Hongru Zhu,

Xiaoyuan Bai,
Petr Kalambet,
Qiwi Kirill Ivkushkin,
Bilyk Tatiana,
Min Shu

TD2348 2017-092020-03
24.    14X.str-dltThe security threats and requirements for digital payment services based on distributed ledger technologyNewKyeong Hee Oh, ChangOh Kim, Preetika SinghTD2360 2017-092020-03


Annex B
New work items

The following 25 26 new work items were agreed to be added to the SG17 Work Programme:

#QuestionNWITitleA.1 justification
Design Principles and Best Practices for Security Architectures
2.      2/17TP.sec-arch**Technical Paper - Implications and further considerations of security architecture patternsTD2421
3.      2/17X.rf-csapReference framework for continuous protection of service access processTD2382
4.      2/17X.nsom-secSecurity requirements and architecture for network slice orchestration and managementTD2428
5.      4/17TP.usm**Technical Paper: Unified Security Model (USM) - An integrated system approach to CybersecurityTD2462
6.      4/17X.ics-schemaSecurity data schemas for integrated cyber defence solutionsTD2452
7.      4/17X.arc-evSecurity architecture for evaluation of technical vulnerabilities TD2419
8.      4/17X.sec_QKDN_tn  Security requirements for quantum key distribution networks - trusted nodeTD2455
9.      4/17X.tfmpcTechnical framework and application for secure multi-party computationTD2426
10.   5/17TR.cs-ml**Technical Report - Countering spam based on AITD2363
11.   5/17X.1246rev* Revision to X.1246TD2486
12.   X.1247rev*Revision to X.1247
13.   6/*Security guidelines for the use of remote access tools in Internet-connected control systemTD2453
14.   6/17X.5Gsec-netec*Security capabilities of network layer for 5G edge computingTD2420
15.   7/17X.scpaSecurity measures for countering password related online attacksTD2354
16.   7/17X.sles*Security measures for location enabled smart office servicesTD2385
17.   8, 14/17TR.BaaS-sec**Technical Report - Guideline on blockchain as a service (BaaS) securityTD2408
18.   8/17X.nssa-cc*Requirements of network security situational awareness platform for cloud computingTD2429
19.   8/17X.sgmc*Security guidelines for multi-cloudTD2433
20.   10/17X.upu*UPU S68 Postal identity management frameworkTD2507
21.   11/17TR.ors**Technical Report - Problems, Requirements and Potential solutions for OID Resolution
​Testing and Test Control Notation version 3: TTCN-​3 Language Extensions: Object-Oriented Features
23.   13/17X.rsu-secSecurity requirements for road side unit in intelligent transport systemsTD2374
24.   13/17X.ipscvMethodologies for intrusion prevention systems for connected vehiclesTD2425
25.   14/17TR.dlt-td**Technical Report - Terms and definitions for distributed ledger technologyTD2357
26.   14/
Security controls for distributed ledger technologyTD2358



(1)     Target date for consent or determination of Recommendations or for agreement of Supplements or non-normative text.
*: for determination, **: for agreement


Annex C
Work items Removed

11/17X.Imp500-rev Directory implementer's guide​
11/17X.500-series.amdAmendments to 8th edition (2016) of X.500-series​