Executive Summary
ITU-T SG17 'Security' Content Week (Geneva, 30 March - 2 April 2026)
1. Participants
| | Participants | Remote |
| Workshop on 30-31 March | 277 | 177 |
| Co-located RGMs on 30 March – 1 April | 198 | 154 |
| WP plenaries on 2 April | 147 | 104 |
2. Workshop on “Trustable and Interoperable Digital Identities for Human and Agentic AI" is very successful (see SG17 Chair's debriefing slides in TD201/P)
3. RGM Meeting statistics
| | Q1 | Q2 | Q4 | Q6 | Q7 | Q8 | Q10 | Q11 | Q13 | Q14 | Q15 | Total |
| Input | 9 | 11 | 6 | 8 | 30 | 11 | 15 | 0 | 13 | 5 | 7 | 115 |
| Incoming LS considered | 21 | - | - | 20 | 21 | 9 | - | 8 | 0 | 2 | 1 | 82 |
| Work items progressed | 4 | 6 | 2 | 6 | 28 | 2 | 5 | 0 | 9 | 3 | 3 | 68 |
| Preliminary agreed text for action in SG17 June meeting | 0 | 0 | 0 | 0 | 2 TAP | 1 TAP 1 AAP 1 Agreement | 0 | 0 | 3 TAP
1 AAP | 1 AAP | 0 | 6 |
| New work items agreed | 0 | 2 | 3 | 1 | 11 | 2 | 0 | 0 | 0 | 1 | 0 | 20 |
| Output in TDs | 5 | 4 | 6 | 8 | 20 | 9 | 5 | 1 | 10 | 5 | 3 | 76 |
4. Candidates work items for action in next SG17 meeting (6, see Annex A):
- TAP determined (3): 3 new Recommendations. Details are in Annex A a).
- AAP consented (2): 2 new Recommendations for AAP Last Call. Details are in Annex A b).
- Agreed (1): 1 new Technical Report. Details are in Annex A c).
5. New work items (20, see Annex B)
6. Outgoing liaison statements (14, see Annex C)
7. Future SG17 meetings
| date | Venue | event | Scope |
| 9 April 2026, 13:00-16:00 | MyWorkspace | SG17 virtual plenary | TAP approval of common text
X.1901 (ex X.aas) | ISO/IEC 27566-1. See Col 6/17 |
| 12 May 2026 09:00-18:00 | Geneva | 5th ITU X.509 Day event | Organize with GSMA, physical + remote |
| 2 June 2026 (during SG17 meeting) | Geneva | Workshop on globally interoperable digital identity | |
| Mon 1–Wed 10 June 2026 | Geneva | SG17 meeting | SG17 plenary meeting in 2025-2028 Study Period |
| 10 July 2026 (date TBC, during AI4Good 2026) | Geneva | Workshop “Designing Trust Management for Agentic AI" | |
7-11 Sept 2026 | Chongqing, China (TBC) | SG17 2nd content week | Workshop, RGMs, and WP meetings. (Planning) |
No additional RGM than the following already planned in the interregnum period before next SG17 June 2026 meeting:
| # | Q | Date | Place/Host | Subject/objective |
| 1. | 7/17 | May 2026 | MyWorkspace | Progress on AI security strategy |
| 2. | 10/17 | May 2026 | MyWorkspace | all Q10 work items |
| 3. | 11/17 | 13-17 April 2026 | Seoul (Republic of Korea) | Joint ISO/IEC/JTC 1/SC 6/WG 10 and ITU-T Q11/17 meeting, see TD 131/1 |
| 4. | 13/17 | 8 - 9 July 2026 | Seoul+remote | - Progress on on-going items - Initial discussion on new work items |
| 5. | 15/17 | 27-30 April 2026 | Japan/TTC | - Finalize for agreement on TR.kdc_qkdn, TR.QKDN-SP - Progress on going Wis - Other input contributions |
Annex A
Agreement Reached at SG17 WP plenary on 2 April 2026
a) TAP Recommendations for determination (WTSA-24 Resolution 1) in SG17 June 2026 meeting (3)
| | Q/17 | Acronym | Title | New / Revised | Base text | Equivalent e.g., ISO/IEC |
| 1. | Q7/17 | X.AI-App_policy | Reference architecture for artificial intelligence (AI)-assisted analysis of the consistency between an application usage data and its privacy policy | New | TD215/4 | |
| 2. | Q7/17 | X.sgGenAI | Security Guidelines for Generative Artificial Intelligence Application Service | New | TD218/4 | |
| 3. | Q8/17 | X.sgcnp | Security guidelines of Platform as a Service for cloud native applications | New | TD213/4 | |
| 4. | Q13/17 | X.evpnc-sec | Security guidelines for electric vehicle plug and charge (PnC) services using vehicle identity (VID) | New | TD169/2 | |
| 5. | Q13/17 | X.fod-sec | Security requirements and guidelines for a feature on demand (FoD) service in a connected vehicle environment | New | TD171/2 | |
| 6. | Q13/17 | X.af-sec | Evaluation methodologies for anonymization techniques using face images in autonomous vehicles | New | TD172/2 | |
b) AAP Recommendations for consent (Recommendation ITU-T A.8) in SG17 June 2026 meeting (2)
| # | Q/17 | Acronym | Title | New / Revised | Base text | Equivalent e.g., ISO/IEC |
| 1. | Q8/17 | X.ckrp | Framework of cryptographic key resource pools for cloud computing | New | TD211/4 | |
| 2. | Q13/17 | X.idse | Evaluation methodology for in-vehicle intrusion detection systems | New | TD170/2 | |
| 3. | Q14/17 | X.dlt-share | Terms and definitions for distributed ledger technology | New | TD223/4 | |
c) Non-normative texts (Technical Report, Supplement, Implementers' Guide, etc) for agreement in SG17 June 2026 meeting (1)
#
| Q/17 | Acronym | Title | New / Revised | Base text |
1. | Q8/17 | XSTR.fcnsc | Technical Report: Framework for cloud native based security collaboration mechanism among cloud service providers | New | TD221/4 |
Annex B
New work items
The following new work items were agreed to be added to the SG17 Work Programme, pending confirmation in SG17 June 2026 meeting:
Q#
(total# of NWIs) | # | WI abbreviation | Title | TD# |
| 2/17 (2) | 1. | X.5Gsec-SEIA* | Capabilities and framework of Security Event Intelligent Analysis system for IMT-2020 Network | TD183/2 |
| | 2. | XSTR.AIS-IMT2030** | Benefits and challenges of AI-enabled security for IMT-2030 networks | TD182/2 |
| 4/17 (3) | 3. | X.sg-cmp | Security guidelines for countering malicious use of proxies in IP spoofing | TD152/3 |
| | 4. | X.asap | Technical framework and functional requirements for anti-fraud situational awareness platform in telecommunication networks | TD154/3 |
| | 5. | X.tg-cmc | Technologies and guidelines to counter malicious API crawlers | TD153/3 |
| 6/17 (1) | 6. | X.tc-iotsec * | Technical Control for IoT devices and Gateway | TD173/2 |
| 7/17 (11) | 7. | X.srm-AIphs* | Security requirements and measures for AI agent-enabled public health services | TD243/4 |
| | 8. | X.sgAIoT* | Security Guidelines for Artificial Intelligence of Things on Devices | TD244/4 |
| | 9. | X.sgMMFM* | Security Guidelines for Multimodal Foundation Models | TD245/4 |
| | 10. | X.sg-AIAD* | Security Guidelines for Artificial Intelligence Agent Data | TD246/4 |
| | 11. | X.S-AIAI* | Security Framework and Requirements for Invocation by AI Agent | TD247/4 |
| | 12. | X.sem-addmc* | Security Evaluation Methodology for AI-Based DeepFake Detection Model Component | TD249/4 |
| | 13. | X.sr-AIapi* | Security requirements for AI service APIs | TD250/4 |
| | 14. | XSTR.stv-OC** | Security threats and vulnerabilities in the OpenClaw framework | TD251/4 |
| | 15. | X.scm-llm* | Security control methods for data of large language models | TD252/4 |
| | 16. | X.seg-ai* | Security evaluation guidelines for artificial intelligence technology in ICT | TD248/4 |
| | 17. | X. Max-trust* | A Multi-party, Agentic, and eXtensible Trust Framework for Next Generation Agentic-AI-enabled Telecommunication Networks | TD253/4 |
| 8/17 (2) | 18. | X.sgcdp* | Security guidelines for collaborative data processing in data platforms | TD230/4 |
| | 19. | X.sr-mlaas* | Security requirements for machine learning as a service | TD232/4 |
| 14/17 (1) | 20. | X.dsa-dlt | Secure data storage architecture based on DLT systems | TD225/4 |
Note: * marked items are for approval by TAP; ** marked items are for approval by agreement; Items without any mark are for approval by AAP.
Annex C
Outgoing LS
| | Question | Destination | Subject | TD |
| 1 | Q1/17
| ETSI TC CYBER | LS/o/r on collaboration on X.crta: Framework for Cyber Resilience Testing and Assurance | TD419/GEN |
| 2 | Q4/17 | ETSI | LS/o on XSTR.epoch - Global coordination for 2023 class timestamp rollover risks | TD420/GEN |
| 3-13 | Q7/17 | … | LS/o on 11 new work item established in this Content Week | TD421/GEN -TD431/GEN |
| 14 | Q14/17 | SG13 | LS/o/r updates of DLT security woks in SG 17 | TD418/GEN
|