The European Commission is presenting its new, long-awaited regulation on Artificial Intelligence (AI). This focus on AI on the part of the European Commission brings forward not only valuable questions for the continued evolution and safe deployment of this technology, but opportunities for ensuring the digital sovereignty of Europe for the future. To help address these questions and provide support to the deployment of AI in Europe, European standards play a key role. To organise and develop standardization work on this issue, CEN and CENELEC have established the CEN-CENELEC Joint Technical Committee 21 ‘Artificial Intelligence’.

This group brings together experts that will implement and lead the recommendations available in CEN and CENELEC’s response to the EC White Paper on AI and CEN and CENELEC’s Road Map on AI. 

The Joint Technical Committee, whose Secretariat is held by DS, the Danish Standardization Body, will be responsible for the development and adoption of standards for AI and related data, as well as provide guidance to other Technical Committees concerned with AI. Standards are relevant for the evolution of AI for a variety of reasons:

• they provide expertise to an emerging technology, ensuring safety and security for products and services;
• they are intrinsically designed to be an inclusive and market-driven instrument of support for European regulation through the New Legislative Framework, benefitting the Single Market and reducing barriers to trade.  

The ETSI committee on Methods for Testing and Specifications (TC MTS) has recently completed a first set of seven standards addressing the testing of the IoT MQTT and CoAP protocols, and the foundational security IoT-Profile.

The ETSI TS 103 596 series provides an overall test suite structure and catalogue of test purposes for the Constrained Application Protocol (CoAP). It can serve as a reference for both client-side test campaigns and server-side test campaigns. Part 1 specifies the conformance issues, part 2 the security issues and part 3 the performance issues. 

The ETSI TS 103 597 series provides an overall test suite structure and catalogue of test purposes for the MQ Telemetry Transport (MQTT). It is also divided into three different parts for conformance, security and  performance  testing.

ETSI has recently released ETSI GR SAI 005, a report which summarizes and analyses existing and potential mitigation against threats for AI-based systems. Setting a baseline for a common understanding of relevant AI cyber security threats and mitigations will be key for widespread deployment and acceptance of AI systems and applications. This report sheds light on the available methods for securing AI-based systems by mitigating known or potential security threats identified in the recent ENISA threat landscape publication and ETSI GR SAI 004 Problem Statement Report. It also addresses security capabilities, challenges, and limitations when adopting mitigation for AI-based systems in certain potential use cases.

Artificial intelligence has been driven by the rapid progress of deep learning and its wide applications, such as image classification, object detection, speech recognition and language translation.

The Commission is laying out a vision to build a new Joint Cyber Unit to tackle the rising number of serious cyber incidents impacting public services, as well as the life of businesses and citizens across the European Union. Advanced and coordinated responses in the field of cybersecurity have become increasingly necessary, as cyberattacks grow in number, scale and consequences, impacting heavily our security. All relevant actors in the EU need to be prepared to respond collectively and exchange relevant information on a ‘need to share', rather than only ‘need to know', basis.

The Recommendation on the creation of the Joint Cyber Unit is an important step towards completing the European cybersecurity crisis management framework. It is a concrete deliverable of the EU Cybersecurity Strategy and the EU Security Union Strategy, contributing to a safe digital economy and society.

ETSI published a White Paper titled MEC security: Status of standards support and future evolutions written by several authors participating in MEC and other related ETSI groups. This White Paper, the very first initiative in this domain, aims to identify aspects of security where the nature of edge computing leaves typical industry approaches to cloud security insufficient. 

Edge computing environments are by nature characterized by a complex multi-vendor, multi-supplier, multi-stakeholder ecosystem of equipment and both HW and SW devices. Given this overall level of system heterogeneity, security, trust and privacy are key topics for the edge environments.

Download the MEC security: status of standards support and future evolutions White Paper HERE