Multistakeholder Process on Promoting Software Component Transparency, 53233 [2018-22872]

Download as PDF Federal Register / Vol. 83, No. 204 / Monday, October 22, 2018 / Notices Dated: October 17, 2018. Tracey L. Thompson, Acting Deputy Director, Office of Sustainable Fisheries, National Marine Fisheries Service. [FR Doc. 2018–22992 Filed 10–19–18; 8:45 am] BILLING CODE 3510–22–P DEPARTMENT OF COMMERCE National Telecommunications and Information Administration Multistakeholder Process on Promoting Software Component Transparency National Telecommunications and Information Administration, U.S. Department of Commerce. ACTION: Notice of open meeting. AGENCY: The National Telecommunications and Information Administration (NTIA) will convene a meeting of a multistakeholder process on promoting software component transparency on November 6, 2018. DATES: The meeting will be held on November 6, 2018, from 10 a.m. to 4 p.m., Eastern Standard Time. ADDRESSES: The meeting will be held at the American Institute of Architects, 1735 New York Ave. NW, Washington, DC 20006. FOR FURTHER INFORMATION CONTACT: Allan Friedman, National Telecommunications and Information Administration, U.S. Department of Commerce, 1401 Constitution Avenue NW, Room 4725, Washington, DC 20230; telephone: (202) 482–4281; email: afriedman@ntia.doc.gov. Please direct media inquiries to NTIA’s Office of Public Affairs: (202) 482–7002; email: press@ntia.doc.gov. SUPPLEMENTARY INFORMATION: daltland on DSKBBV9HB2PROD with NOTICES SUMMARY: Background This National Telecommunications and Information Administration cybersecurity multistakeholder process focuses on promoting software component transparency. Most modern software is not written completely from scratch, but includes existing components, modules, and libraries from the open source and commercial software world. Modern development practices, such as code reuse, and a dynamic IT marketplace with acquisitions and mergers, make it challenging to track the use of software components. The Internet of Things compounds this phenomenon, as new organizations, enterprises, and innovators take on the role of software developer to add ‘‘smart’’ features or connectivity to their products. Although VerDate Sep<11>2014 18:12 Oct 19, 2018 Jkt 247001 the majority of libraries and components do not have known vulnerabilities, the sheer quantity of software means that some software products ship with vulnerable or out-of-date components. Under the multistakeholder process, NTIA acts as the convener, but stakeholders drive the outcomes, determine how to scope and organize the work through subgroups or other means, and evaluate success of the process based on the extent to which the group’s findings on software component transparency are implemented across the ecosystem. The first meeting of this multistakeholder process was held on July 19, 2018, in Washington, DC.1 Stakeholders presented multiple perspectives, and identified four interrelated work streams: Understanding the Problem, Use Cases and State of Practice, Standards and Formats, and Healthcare Proof of Concept. The main objectives of the November 6, 2018, meeting are to share progress from the working groups and hear feedback from the broader stakeholder community. Stakeholders will also discuss how the outputs of the different work streams can complement each other, and identify issues for further study. More information about stakeholders’ work is available at: https://www.ntia.doc.gov/ SoftwareTransparency. Time and Date: NTIA will convene the next meeting of the multistakeholder process on software component transparency on November 6, 2018, from 10 a.m. to 4 p.m. Eastern Standard Time. Please refer to NTIA’s website, https://www.ntia.doc.gov/ SoftwareTransparency, for the most current information. Place: The meeting will be held at the American Institute of Architects, 1735 New York Ave. NW, Washington, DC 20006. The location of the meeting is subject to change. Please refer to NTIA’s website, https://www.ntia.doc.gov/ SoftwareTransparency, for the most current information. Other Information: The meeting is open to the public and the press on a first-come, first-served basis. Space is limited. The meeting is physically accessible to people with disabilities. Requests for sign language interpretation or other auxiliary aids should be directed to Allan Friedman at (202) 482–4281 or afriedman@ntia.doc.gov at least seven (7) business days prior to each meeting. The meetings will also be webcast. Requests for real-time captioning of the 1 Notes, presentations, and a video recording of the July 19, 2018, kickoff meeting are available at: https://www.ntia.doc.gov/SoftwareTransparency. PO 00000 Frm 00028 Fmt 4703 Sfmt 4703 53233 webcast or other auxiliary aids should be directed to Allan Friedman at (202) 482–4281 or afriedman@ntia.doc.gov at least seven (7) business days prior to each meeting. There will be an opportunity for stakeholders viewing the webcast to participate remotely in the meetings through a moderated conference bridge, including polling functionality. Access details for the meetings are subject to change. Please refer to NTIA’s website, https:// www.ntia.doc.gov/Software Transparency, for the most current information. Dated: October 16, 2018. Kathy Smith, Chief Counsel, National Telecommunications and Information Administration. [FR Doc. 2018–22872 Filed 10–19–18; 8:45 am] BILLING CODE 3510–60–P DEPARTMENT OF DEFENSE Defense Acquisition Regulations System [Docket Number DARS–2018–0047; OMB Control Number 0704–0321] Information Collection Requirement; Defense Federal Acquisition Regulation Supplement (DFARS); Contract Financing Defense Acquisition Regulations System, Department of Defense (DoD). ACTION: Notice and request for comments regarding a proposed extension of an approved information collection requirement. AGENCY: In compliance with the Paperwork Reduction Act of 1995, DoD announces the proposed extension of a public information collection requirement and seeks public comment on the provisions thereof. DoD invites comments on: Whether the proposed collection of information is necessary for the proper performance of the functions of DoD, including whether the information will have practical utility; the accuracy of the estimate of the burden of the proposed information collection; ways to enhance the quality, utility, and clarity of the information to be collected; and ways to minimize the burden of the information collection on respondents, including the use of automated collection techniques or other forms of information technology. The Office of Management and Budget (OMB) has approved this information collection for use through January 31, 2019. DoD proposes that OMB extend its approval for use for three additional SUMMARY: E:\FR\FM\22OCN1.SGM 22OCN1

Agencies

[Federal Register Volume 83, Number 204 (Monday, October 22, 2018)]
[Notices]
[Page 53233]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2018-22872]


-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE

National Telecommunications and Information Administration


Multistakeholder Process on Promoting Software Component 
Transparency

AGENCY: National Telecommunications and Information Administration, 
U.S. Department of Commerce.

ACTION: Notice of open meeting.

-----------------------------------------------------------------------

SUMMARY: The National Telecommunications and Information Administration 
(NTIA) will convene a meeting of a multistakeholder process on 
promoting software component transparency on November 6, 2018.

DATES: The meeting will be held on November 6, 2018, from 10 a.m. to 4 
p.m., Eastern Standard Time.

ADDRESSES: The meeting will be held at the American Institute of 
Architects, 1735 New York Ave. NW, Washington, DC 20006.

FOR FURTHER INFORMATION CONTACT: Allan Friedman, National 
Telecommunications and Information Administration, U.S. Department of 
Commerce, 1401 Constitution Avenue NW, Room 4725, Washington, DC 20230; 
telephone: (202) 482-4281; email: [email protected]. Please direct 
media inquiries to NTIA's Office of Public Affairs: (202) 482-7002; 
email: [email protected].

SUPPLEMENTARY INFORMATION: 

Background

    This National Telecommunications and Information Administration 
cybersecurity multistakeholder process focuses on promoting software 
component transparency. Most modern software is not written completely 
from scratch, but includes existing components, modules, and libraries 
from the open source and commercial software world. Modern development 
practices, such as code reuse, and a dynamic IT marketplace with 
acquisitions and mergers, make it challenging to track the use of 
software components. The Internet of Things compounds this phenomenon, 
as new organizations, enterprises, and innovators take on the role of 
software developer to add ``smart'' features or connectivity to their 
products. Although the majority of libraries and components do not have 
known vulnerabilities, the sheer quantity of software means that some 
software products ship with vulnerable or out-of-date components.
    Under the multistakeholder process, NTIA acts as the convener, but 
stakeholders drive the outcomes, determine how to scope and organize 
the work through subgroups or other means, and evaluate success of the 
process based on the extent to which the group's findings on software 
component transparency are implemented across the ecosystem. The first 
meeting of this multistakeholder process was held on July 19, 2018, in 
Washington, DC.\1\ Stakeholders presented multiple perspectives, and 
identified four inter-related work streams: Understanding the Problem, 
Use Cases and State of Practice, Standards and Formats, and Healthcare 
Proof of Concept.
---------------------------------------------------------------------------

    \1\ Notes, presentations, and a video recording of the July 19, 
2018, kickoff meeting are available at: https://www.ntia.doc.gov/SoftwareTransparency.
---------------------------------------------------------------------------

    The main objectives of the November 6, 2018, meeting are to share 
progress from the working groups and hear feedback from the broader 
stakeholder community. Stakeholders will also discuss how the outputs 
of the different work streams can complement each other, and identify 
issues for further study. More information about stakeholders' work is 
available at: https://www.ntia.doc.gov/SoftwareTransparency.
    Time and Date: NTIA will convene the next meeting of the 
multistakeholder process on software component transparency on November 
6, 2018, from 10 a.m. to 4 p.m. Eastern Standard Time. Please refer to 
NTIA's website, https://www.ntia.doc.gov/SoftwareTransparency, for the 
most current information.
    Place: The meeting will be held at the American Institute of 
Architects, 1735 New York Ave. NW, Washington, DC 20006. The location 
of the meeting is subject to change. Please refer to NTIA's website, 
https://www.ntia.doc.gov/SoftwareTransparency, for the most current 
information.
    Other Information: The meeting is open to the public and the press 
on a first-come, first-served basis. Space is limited.
    The meeting is physically accessible to people with disabilities. 
Requests for sign language interpretation or other auxiliary aids 
should be directed to Allan Friedman at (202) 482-4281 or 
[email protected] at least seven (7) business days prior to each 
meeting. The meetings will also be webcast. Requests for real-time 
captioning of the webcast or other auxiliary aids should be directed to 
Allan Friedman at (202) 482-4281 or [email protected] at least 
seven (7) business days prior to each meeting. There will be an 
opportunity for stakeholders viewing the webcast to participate 
remotely in the meetings through a moderated conference bridge, 
including polling functionality. Access details for the meetings are 
subject to change. Please refer to NTIA's website, https://www.ntia.doc.gov/SoftwareTransparency, for the most current 
information.

    Dated: October 16, 2018.
Kathy Smith,
Chief Counsel, National Telecommunications and Information 
Administration.
[FR Doc. 2018-22872 Filed 10-19-18; 8:45 am]
 BILLING CODE 3510-60-P