About the Standards Blog
ANSI Awarded Contract to Implement Phase V of USTDAâ€™s U.S.-China Standards and Conformity Assessment Cooperation Program
ANSI.org –April 16, 2018 - The American National Standards Institute (ANSI) was recently awarded a contract by the U.S. Trade and Development Agency (USTDA) to implement Phase V of the U.S.-China Standards and Conformity Assessment Cooperation Program (SCCP). USTDA helps companies create U.S. jobs through the export of U.S. goods and services for priority development projects in emerging economies.
ANSI was previously chosen by USTDA to implement Phase III and IV of the SCCP, and the award for Phase V comes as ANSI prepares to conclude the final two workshops under Phase IV, which will cover cold chain logistics and energy performance contracting. As has been the case in past phases, ANSI will organize 20 seminars and workshops mostly in China over the next three years, covering a wide range of sectoral topics related to standards and conformity assessment that impact U.S. and Chinese industry... Full Story
TRANSCOM chief calls on Congress for national cybersecurity standardScott Maucione
–April 13, 2018 - A year ago, U.S. Transportation Command chief Gen. Darren McDew warned Congress that the government needed to bridge the cybersecurity gap with the civilian world.
This year he doubled down on that message, advocating for a national cybersecurity standard to set a â€œlow water markâ€ for what the nation will endure.
A cybersecurity standard would set minimum guidelines, best practices and standards companies must follow to work with the government or to do business in general. The Defense Department follows the National Institute of Standards and Technologyâ€™s cyber framework as its standard... Full Story
Built-In Security For Auto ChipsJeff Dorsch
The email the CEO of General Motors\' fears most, per Jeff Dorsch, writing about automotive chip security –April 12, 2018 - The road to autonomous vehicles depends upon components that are secured against hacking and other outside interference. The cybersecurity precautions necessary for self-driving cars must be embedded in chips and systems from the beginning of the supply chain.
Automotive manufacturers and their Tier 1 suppliers are counting on their electronics vendors to provide products that can withstand the known exploits of cyberattacks. Those elements of the connected car also must have the capability to receive over-the-air software updates to defend against the latest in bots and malware.
But cybersecurity in 2018 has become a cat-and-mouse game between cybercriminals and security professionals, who wage battle with cyberattacks on a daily basis... Full Story
Standards Milestone Could Mark Beginning of End for PasswordsJohn P. Mello Jr.
–April 11, 2018 - A Web standards milestone announced Tuesday could point to the end of the road for pesky passwords.
The new standard, WebAuthn, has won near-final approval from the World Wide Web Consortium, which establishes Web standards.
WebAuthn defines a standard Application Program Interface that can be incorporated into browsers and Web infrastructure. It opens the door for new ways for users to authenticate themselves on the Internet that are more secure and convenient than passwords...The new standard seems to be poised for rapid growth. Google, Microsoft and Mozilla already have committed to supporting WebAuthn in their browsers. Developers have begun to implement the standard for Windows, Mac, Linux, Chrome OS and Android... Full Story
White House Lags Far Behind on Email Security BenchmarkJoseph Marks
–April 10, 2018 - More than 95 percent of White House email domains lack a security feature [ed: the DMARC standard] that prevents them from being used in massive phishing attacks, according to a Wednesday report from a cybersecurity industry group.
The Homeland Security Department mandated those email protections across government in October with a January deadline, but about 40 percent of agency email domains still hadnâ€™t installed the tool as of February 13...In addition to Whitehouse.gov emails, the White House also manages email domains for the Office of Management and Budget, the U.S. Trade Representative and the Office of Science and Technology Policy among others.
DMARC essentially pings a senderâ€™s email domainâ€”irs.gov, for exampleâ€”and asks if the senderâ€”say, firstname.lastname@example.orgâ€”is legitimate. If the domain says the sender is illegitimate, DMARC can send the email to the recipientâ€™s spam folder or decline to deliver it entirely...More than 80 percent of commercial email inboxes are protected by DMARC because itâ€™s standard among major providers including Google, Yahoo and Microsoft... Full Story
CIP4 Announces Availability of XJDF, an Iteration of JDF StandardPress Release
–April 9, 2018 - The CIP4 Organization, a not-for-profit standards association fostering the adoption of process automation in the printing industry, is pleased to announce the availability of XJDF, an iteration of the JDF standard designed to simplify workflow automation by making it both easier to implement and far easier to validate using standard XML tools. CIP4 developed XJDF to build on learnings with the JDF standard over the past nearly two decades. The new standard will coexist with JDF 1.6, which is being released simultaneously. The parallel development of both versions offers options to industry stakeholders wishing to incorporate JDF, XJDF or both into their product offerings and/or production environments... Full Story
Security, Standards, and IoT: Will Connected Devices Flourish Under Prescriptive Regimes?Megan L. Brown, Michael L. Diakiwski
–April 6, 2018 - Security for Internet-connected devices, the "Internet of Things" (IoT), is critically important. Now, more than ever, it is top of mind for device manufacturers, network operators, consumer advocates, lawmakers, and government regulators â€” domestically and internationally. In the face of recent attacks, government authorities and consumer advocates have proposed legislation, frameworks, certifications, and labeling schemes...Domestically and internationally, efforts are underway to establish minimum standards, certifications, or labeling schemes related to IoT security. Privacy and consumer advocates are developing proposals to reshape the certification and labeling of consumer devices.
In March 2017, Consumer Reports announced its \"Digital Standard,\"...It is far from perfect, however. It has prescriptive security requirements and seeks to alter private industry security designs, without first getting industry feedback in the Standard\'s development...
And the rest of the world is not sitting idly by... Full Story
Edge computing will be key to IoT, say experts But open standards and interoperability are vital to make it workStuart Corner
–April 6, 2018 - ...itâ€™s clear that any organisation considering an IoT initiative should consider the role of edge computing in their implementation.
One thing that could stand in the way of this rapid growth in edge computing, and hence IoT, would be a lack of standards: the last thing needed is a proliferation of proprietary solutions for edge computing in the IoT world. Fortunately, there are at least two significant initiatives that aim to address this: one initiated by Dell and one by Cisco.
EdgeX Foundry is a vendor-neutral open source project hosted by The Linux Foundation that aims to build a common open framework for IoT edge computing. Its original code base was donated by Dell to the Linux Foundation in May 2017...Ciscoâ€™s contribution to edge computing goes by the name â€˜fog computingâ€™. It had its origins in an academic paper from 2012.
The Open Fog Consortium launched in November 2015 with Cisco, Dell, ARM, Intel, Microsoft and the Princeton University Edge Laboratory. It now boasts 65 members. Similar to EdgeX Foundry, it aims to foster an open, interoperable architecture â€“ this time for fog computing... Full Story
At the Linux Foundation, a Marketplace for Artificial IntelligenceJames Morra
–April 5, 2018 - ...[There is a] relatively small pool of software engineers that understand artificial intelligence and the shortlist of corporations that can afford their skyrocketing salaries. But the complexity of the technology has lit fires underneath more companies to create standard tools for artificial intelligence techniques like machine learning and deep learning.
That is the reason behind Acumos, a new project launched by the Linux Foundation to create an out-of-the-box environment for building and sharing artificial intelligence software. The foundation, which oversees the open source Linux operating system, is trying to reduce the quirks and complexities of artificial intelligence software, ultimately making it more widespread...That would be the ideal outcome for the Deep Learning Foundation, an organization that the Linux Foundation launched to oversee artificial intelligence projects like Acumos... Full Story
Alliance for Open Media Releases Royalty-Free AV1 1.0 Codec SpecAnton Shilov
–April 4, 2018 - ...this week the Alliance for Open Media (AOMedia) has published the first complete version of the bitstream and decoding process specification for their royalty-free AV1 video codec. The release of the AV1 1.0 spec will enable backers of AOMedia to add support for the technology to their products or services, including taking the all-important step of finalizing the designs for the low-power hardware decoders critical for driving the codec\'s adoption...The AV1 open-source video codec was developed with 4K+ ultra-high-def resolutions, HDR, and wide color gamut in mind. Among the key features the new codec, AOMedia mentions a 30% more efficient compression algorithm compared to existing methods, predictable requirements for computational capabilities of hardware, and maximum flexibility and scalability... Full Story