Information and Communication Technologies (ICT) are noteworthy in that nowadays they are teeming with new technologies and paradigms, such as blockchains and distributed ledgers or the Internet of Things (IoT), which tend to evolve at a very swift pace. One may wonder what technical standardization has to offer in such dynamic fields. Thus, it is important to dispel the myth that technical standardization is not just for vast transversal topics such as information security; it also helps focus new technologies on their core concepts. As such, participating in the process can be of considerable value to new technology market players, regardless of their size. To this end, we asked a few questions to Mr. Laurent Sliepen from the National Agency for the Security of Information Systems (Agence nationale de la sécurité des systèmes d’information - ANSSI), who is registered as a national delegate in technical standardization in ISO/TC 307 Blockchain and distributed ledger technologies and ISO/IEC JTC 1/SC 42 Artificial intelligence, in order to gain insight on how he perceives the role of standards in all aspects of ICT, from the birth and early development stages of new technologies, to the proper implementation of governance and security. We also touched upon how registering as a delegate in has an impact on his work.
What do you think the value of standardization is for a relatively new field such as blockchains and distributed ledgers? What do you think are the main challenges in standardization of blockchains and distributed ledgers?
Blockchain and distributed ledger innovation has developed quickly since the advent of Bitcoin and other cryptocurrencies. The ability to ensure de facto integrity, nonrepudiation and immutability of information records has a high potential to help solve issues with data and transaction tracking between decentralized and independent actors and we can expect blockchain/distributed ledger technology (DLT) to become a key technology for enabling trust in the fast growing market of the Internet of Things. In this innovation process, early blockchain/DLT standardization helps to create a common understanding and focus on the main issues in governance, regulation and technology that are yet to solve within the different implementations.
Keeping the example of IoT innovation development in comparison, its evolution has shown that a lack of early standardization can lead to numerous different implementations of functional components with a huge lack of confidence in reliability and information security. Additional technologies such as blockchain/DLT then need to kick in to solve IoT issues of interoperability and identity management.
Besides some inherent technical challenges such as high consensus calculation latency and interoperability of heterogeneous blockchain/DLT implementations, trust in smart contract executions and the security of consensus algorithms may be considered major challenges in blockchain/DLT standardization.
How has registering as a national delegate benefitted you and your organization?
One of the missions of ANSSI is to provide information security guidance to State bodies (ministries, State departments and administrations). To help build up a culture of risk-based governance within the Luxembourg State, we further assist these bodies with their risk analysis in the domain of Information Security. Participation in standardization at national and international levels allows ANSSI to stay informed about challenges in governance, regulation and technology of new technological innovations.
What does standardization bring to information security?
Standardization helps to build information security awareness and knowledge development. It allows for interoperability, reusability and security evaluation by promoting harmonization of terminology and consistency between manufacturers. Standardization is the basis for security certification and it is a key element for ensuring supply chain integrity and security.
Interview by Dr. Jean Lancrenon, Head of Standardization Department of ANEC GIE
Within the ongoing digital transformation in Luxembourg, one finds the fast-paced development of new technologies. Yet, it is a little-known fact that technical standards are already under development for these technologies, in order to foster secure and interoperable deployment. This is ongoing through technical standardization committees, such as ISO/TC 307 Blockchain and distributed ledger technologies, ISO/IEC JTC 1/SC 41 Internet of things and related technologies, ISO/IEC JTC 1/SC 42 Artificial intelligence, and ISO/IEC SC 38 Cloud computing and distributed platforms. Now is the best time to influence the content of these standards by registering and participating as a national delegate. Market players that wish to have a say in shaping the future standards that will have an impact on their core business have an opportunity to register as national delegates free-of-charge in Luxembourg.
Indeed, in Luxembourg, ILNAS (Institut luxembourgeois de la normalisation, de l'accréditation, de la sécurité et qualité des produits et services), the national standards body, offers the possibility to all national stakeholders to participate in the elaboration of technical standards published by the international and European standards developing organizations (ISO, IEC, CEN, and CENELEC). The ICT domain is of specific interest to ILNAS, in the context of its new 2020-2030 strategy for technical standardization and 2020-2025 national policy for ICT technical standardization. ILNAS benefits from the support of the EIG ANEC (Agence pour la Normalisation et l’Economie de la Connaissance) to strengthen the participation of this economic sector in technical standardization.
Publié le 18 septembre 2020