Latest NewsIntroducing TODO: Working together to make open source easierFacebook Engineering Blog
September 19, 2014 - Today at @Scale 2014 we joined a number of other companies in launching a new open source collaboration called TODO. The group — whose name is a backronym for “talk openly, develop openly” — was formed to address the challenges that companies like ours have encountered in consuming open source software and running open source programs.
We'll have more to share about our plans in the coming weeks, but our overall goal in this collaboration is to make open source easier for everyone. We want to run better, more impactful open source programs in our own companies; we want to make it easier for people to consume the technologies we open source; and we want to help create a roadmap for companies that want to create their own open source programs but aren't sure how to proceed.
Initial members of TODO include Box, Dropbox, GitHub, Google, Khan Academy, Stripe, Square, Twitter, and Walmart Labs.... ...Full Story
Cybersecurity and the electric grid
Marvin T. Griff
Intelligent Utility September 19, 2014 - A computer storing operating cost data for the Midcontinent Independent System Operator Inc., power network extending from the Midwest to the Gulf Coast was compromised this summer. Within the past two years, sophisticated cyber-attacks...gained access to U.S. and European power networks. These and other recent cyber intrusions highlight the persistent risk confronting the U.S. electricity grid....Elected officials and regulators have stepped up efforts to address cyber intrusionthreats. In February of this year, the National Institute of Standards and Technology (NIST) unveiled the Cybersecurity Framework for reducing cyber risks to critical infrastructure. The voluntary Framework, with its origins in President Obama’s February 2013 Executive Order, is intended to reduce cybersecurity vulnerabilities through a risk-based approach to improve cybersecurity practices....cybersecurity for the electric sector has historically been a concern that was the responsibility of the Federal Energy Regulatory Commission (FERC), which assesses the Critical Infrastructure Protection (CIP) reliability standards developed by the North American Electric Reliability Corporation (NERC). Those standards focus on the bulk, or interstate transmission, portion of the electric system. Since 2007, FERC has shared responsibilities under the Energy Independence and Security Act with NIST to coordinate the development and adoption of smart grid guidelines and standards, including those directed at cybersecurity for the remainder of the grid.
The electric power industry is the only critical infrastructure industry in the U.S. with mandatory and enforceable cyber standards. The Energy Policy Act of 2005 gives FERC the authority to oversee the reliability of the bulk power system. FERC must approve all reliability standards or modifications proposed by NERC. But FERC cannot modify proposed standards; it can only direct NERC to submit a proposed standard or modification or to change one it find unacceptable.... ...Full Story
New DisplayPort 1.3 standard supports 5K monitors
PCWorld September 19, 2014 - Monitors and TVs supporting 4K resolution are just arriving, but the new DisplayPort 1.3 is already looking forward to 5K resolution.
The new DisplayPort standard, announced by Video Electronics Standards Association, will replace the existing 1.2a standard. The new standard will connect computers to 5K monitors that display images at a resolution of 5120 x 2880 pixels.
DisplayPort is widely used in businesses to connect PCs to external monitors, and competes with HDMI (high-definition multimedia interface connector)....DisplayPort 1.3 is 50 percent faster than its predecessor, and has the speed to support higher-resolution displays beyond 4K. It will also support multiple 4K monitors at 60 frames per second, VESA said in a statement.... ...Full Story
Efficient XML Interchange (EXI) Profile for limiting usage of dynamic memory is a W3C Recommendation
W#C.org September 18, 2014 - The EXI Working Group published the Efficient XML Interchange (EXI) Profile for limiting usage of dynamic memory as W3C Recommendation. EXI 1.0 is a very efficient format to represent an XML Information Set. It is highly customizable to fit the need of diverse use cases, ranging from B2B applications down to embedded-systems use. It satisfies compactness and processing efficiency requirements, while preserving all the information contained in the XML InfoSet. As a representation of XML, it is by design naturally extensible.... ...Full Story
MIG and IEEE SA produce new standard for IoT, e-health, connected vehicle, aug. reality
IEEE.org September 22, 2014 - IEEE announced the availability of the IEEE 2700-2014 “Standard for Sensor Performance Parameter Definitions,” recently approved by the IEEE Standards Association (IEEE-SA) Standards Board. With sensors being one of the primary technologies to help improve the lives of every connected person in the world, IEEE 2700-2014 is intended to provide a common methodology for specifying sensor performance in the ever-expanding sensor technologies in the consumer electronics industry....The IEEE 2700-2014 fulfills the need for a common methodology to define sensor performance, and eases non-scalable integration challenges and burdens across manufacturers. Because sensor framework and technology span not only sensor vendors and ISVs, there are numerous types of sensors that require specification terminology, units, conditions and limits, including: accelerometers, magnetometers, gyrometers/gyroscopes, barometers/pressure sensors, hygrometers/humidity sensors, temperature sensors, ambient light sensors and proximity sensors.... ...Full Story
Global security association helps translate NIST framework
FedScoop September 18, 2014 - The Information Security Forum, a U.K.-based association of leading companies from around the world, released a “mapping” document Monday that for the first time helps companies that currently use the ISF’s standard of good practice—known simply as the standard—to guide their information security programs to know if they are in compliance with the U.S. National Institute of Standards and Technology’s cybersecurity framework....ISF’s standard of good practice is one of the most comprehensive guides for information security in the world. More than half of ISF’s 300 member companies are included in the Fortune 500 and span more than a dozen countries.... ...Full Story
'Open and Libre Office projects should reunite'
EU Joinup September 18, 2014 - The software developers working on Apache OpenOffice and LibreOffice - two closely related suites of open source office productivity tools - should overcome their schism and unite to compete with the ubiquitous proprietary alternative, urges Daniel Brunner, head of the IT department of Switzerland's Federal Supreme Court. Merging the two projects will convince more public administrations to use the open source office suite, he believes.
The current division between the two groups risks creating more instead of less incompatibilities, Brunner warned last week, speaking at the LibreOffice conference, which took place in the Swiss city of Bern. "I had to test this presentation in both suites, to see if it would work."
The Swiss Federal Supreme Court uses OpenOffice, but according to Brunner would benefit from the improved document filters that are available in LibreOffice. However, the former suite is more stable and is available on mobile computing platforms, he says, while the latter benefits from a bigger community of developers, introducing more new features.... ...Full Story
TC260 Releases Two Critical Information Security Cloud Computing Standards
USITO.org Weekly September 17, 2014 - According to an official statement on the Technical Committee 260 (TC260) website, two important national standards for cloud computing have officially been released and approved by the General Administration of Quality Supervision, Inspection and Quarantine (AQSIQ) and the Standardization Administration of China (SAC):
"Information Security Technology - Security Capability Requirements of Cloud Computing Services" (GB/T 31168-2014)
"Information Security Technology - Security Guide of Cloud Computing Services" (GB/T 31167-2014)... ...Full Story
Patents and Standards, or: How a Court Case Will Affect Our Everyday Lives
CircleID September 17, 2014 - ...Unnoticed by the wider public, the Court of Justice of the European Union (CJEU) in the case Huawei v. ZTE will be hearing argument on 11 September on an issue important for the continued viability of open standards. The case will examine conditions under which an owner of a patent covering one aspect of the standard essential technology can seek an injunction which will most likely result in the entire standard becoming blocked. The CJEU's ruling may have far-reaching impact not just on the telecommunication standard at issue, but also on technology available to consumers....The pivotal question being presented to the CJEU is this: Can an SEP holder who made a FRAND commitment as part of a standardization process thereafter seek to block a user's access to his standard-essential technology, if that user has declared its willingness to negotiate and take a license on FRAND terms.... ...Full Story
NIST Helps Develop New Standard for Microsensor Technology
NIST Techbeat September 17, 2014 - The National Institute of Standards and Technology (NIST) has contributed to the development of a new standard for defining the performance of micromechanical sensors—a field that is expected to expand rapidly in coming decades as these versatile sensors increasingly become part of electronic networks.
The IEEE 2700-2014 Standard for Sensor Performance Parameter Definitions, now available from the IEEE Standards Association, provides a common methodology for specifying the performance of microelectromechanical systems (MEMS) in the consumer electronics industry. The standard includes specifications for a wide range of devices, including accelerometers, gyroscopes, barometers and proximity sensors....MEMS are a class of tiny machines, typically far less than a millimeter in size, that combine moving parts or sensors with electronic components. MEMS already are used widely, for example, as motion detectors in tablet computers or as triggers for automobile collision airbags. Their use is expected to grow as sensing devices on buildings, vehicles and elsewhere are linked to computer networks to create the “Internet of Things.” The diversity of these sensing devices demands new industry standards to ensure their compatibility.... ...Full Story