Multistakeholder Process on Promoting Software Component Transparency, 53233 [2018-22872]
Download as PDF
<![CDATA[
Federal Register / Vol. 83, No. 204 / Monday, October 22, 2018 / Notices
Dated: October 17, 2018.
Tracey L. Thompson,
Acting Deputy Director, Office of Sustainable
Fisheries, National Marine Fisheries Service.
[FR Doc. 2018–22992 Filed 10–19–18; 8:45 am]
BILLING CODE 3510–22–P
DEPARTMENT OF COMMERCE
National Telecommunications and
Information Administration
Multistakeholder Process on
Promoting Software Component
Transparency
National Telecommunications
and Information Administration, U.S.
Department of Commerce.
ACTION: Notice of open meeting.
AGENCY:
The National
Telecommunications and Information
Administration (NTIA) will convene a
meeting of a multistakeholder process
on promoting software component
transparency on November 6, 2018.
DATES: The meeting will be held on
November 6, 2018, from 10 a.m. to 4
p.m., Eastern Standard Time.
ADDRESSES: The meeting will be held at
the American Institute of Architects,
1735 New York Ave. NW, Washington,
DC 20006.
FOR FURTHER INFORMATION CONTACT:
Allan Friedman, National
Telecommunications and Information
Administration, U.S. Department of
Commerce, 1401 Constitution Avenue
NW, Room 4725, Washington, DC
20230; telephone: (202) 482–4281;
email: afriedman@ntia.doc.gov. Please
direct media inquiries to NTIA’s Office
of Public Affairs: (202) 482–7002; email:
press@ntia.doc.gov.
SUPPLEMENTARY INFORMATION:
daltland on DSKBBV9HB2PROD with NOTICES
SUMMARY:
Background
This National Telecommunications
and Information Administration
cybersecurity multistakeholder process
focuses on promoting software
component transparency. Most modern
software is not written completely from
scratch, but includes existing
components, modules, and libraries
from the open source and commercial
software world. Modern development
practices, such as code reuse, and a
dynamic IT marketplace with
acquisitions and mergers, make it
challenging to track the use of software
components. The Internet of Things
compounds this phenomenon, as new
organizations, enterprises, and
innovators take on the role of software
developer to add ‘‘smart’’ features or
connectivity to their products. Although
VerDate Sep<11>2014
18:12 Oct 19, 2018
Jkt 247001
the majority of libraries and components
do not have known vulnerabilities, the
sheer quantity of software means that
some software products ship with
vulnerable or out-of-date components.
Under the multistakeholder process,
NTIA acts as the convener, but
stakeholders drive the outcomes,
determine how to scope and organize
the work through subgroups or other
means, and evaluate success of the
process based on the extent to which the
group’s findings on software component
transparency are implemented across
the ecosystem. The first meeting of this
multistakeholder process was held on
July 19, 2018, in Washington, DC.1
Stakeholders presented multiple
perspectives, and identified four interrelated work streams: Understanding the
Problem, Use Cases and State of
Practice, Standards and Formats, and
Healthcare Proof of Concept.
The main objectives of the November
6, 2018, meeting are to share progress
from the working groups and hear
feedback from the broader stakeholder
community. Stakeholders will also
discuss how the outputs of the different
work streams can complement each
other, and identify issues for further
study. More information about
stakeholders’ work is available at:
https://www.ntia.doc.gov/
SoftwareTransparency.
Time and Date: NTIA will convene
the next meeting of the multistakeholder
process on software component
transparency on November 6, 2018,
from 10 a.m. to 4 p.m. Eastern Standard
Time. Please refer to NTIA’s website,
https://www.ntia.doc.gov/
SoftwareTransparency, for the most
current information.
Place: The meeting will be held at the
American Institute of Architects, 1735
New York Ave. NW, Washington, DC
20006. The location of the meeting is
subject to change. Please refer to NTIA’s
website, https://www.ntia.doc.gov/
SoftwareTransparency, for the most
current information.
Other Information: The meeting is
open to the public and the press on a
first-come, first-served basis. Space is
limited.
The meeting is physically accessible
to people with disabilities. Requests for
sign language interpretation or other
auxiliary aids should be directed to
Allan Friedman at (202) 482–4281 or
afriedman@ntia.doc.gov at least seven
(7) business days prior to each meeting.
The meetings will also be webcast.
Requests for real-time captioning of the
1 Notes, presentations, and a video recording of
the July 19, 2018, kickoff meeting are available at:
https://www.ntia.doc.gov/SoftwareTransparency.
PO 00000
Frm 00028
Fmt 4703
Sfmt 4703
53233
webcast or other auxiliary aids should
be directed to Allan Friedman at (202)
482–4281 or afriedman@ntia.doc.gov at
least seven (7) business days prior to
each meeting. There will be an
opportunity for stakeholders viewing
the webcast to participate remotely in
the meetings through a moderated
conference bridge, including polling
functionality. Access details for the
meetings are subject to change. Please
refer to NTIA’s website, https://
www.ntia.doc.gov/Software
Transparency, for the most current
information.
Dated: October 16, 2018.
Kathy Smith,
Chief Counsel, National Telecommunications
and Information Administration.
[FR Doc. 2018–22872 Filed 10–19–18; 8:45 am]
BILLING CODE 3510–60–P
DEPARTMENT OF DEFENSE
Defense Acquisition Regulations
System
[Docket Number DARS–2018–0047; OMB
Control Number 0704–0321]
Information Collection Requirement;
Defense Federal Acquisition
Regulation Supplement (DFARS);
Contract Financing
Defense Acquisition
Regulations System, Department of
Defense (DoD).
ACTION: Notice and request for
comments regarding a proposed
extension of an approved information
collection requirement.
AGENCY:
In compliance with the
Paperwork Reduction Act of 1995, DoD
announces the proposed extension of a
public information collection
requirement and seeks public comment
on the provisions thereof. DoD invites
comments on: Whether the proposed
collection of information is necessary
for the proper performance of the
functions of DoD, including whether the
information will have practical utility;
the accuracy of the estimate of the
burden of the proposed information
collection; ways to enhance the quality,
utility, and clarity of the information to
be collected; and ways to minimize the
burden of the information collection on
respondents, including the use of
automated collection techniques or
other forms of information technology.
The Office of Management and Budget
(OMB) has approved this information
collection for use through January 31,
2019. DoD proposes that OMB extend its
approval for use for three additional
SUMMARY:
E:\FR\FM\22OCN1.SGM
22OCN1
]]>Agencies
[Federal Register Volume 83, Number 204 (Monday, October 22, 2018)]
[Notices]
[Page 53233]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2018-22872]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
National Telecommunications and Information Administration
Multistakeholder Process on Promoting Software Component
Transparency
AGENCY: National Telecommunications and Information Administration,
U.S. Department of Commerce.
ACTION: Notice of open meeting.
-----------------------------------------------------------------------
SUMMARY: The National Telecommunications and Information Administration
(NTIA) will convene a meeting of a multistakeholder process on
promoting software component transparency on November 6, 2018.
DATES: The meeting will be held on November 6, 2018, from 10 a.m. to 4
p.m., Eastern Standard Time.
ADDRESSES: The meeting will be held at the American Institute of
Architects, 1735 New York Ave. NW, Washington, DC 20006.
FOR FURTHER INFORMATION CONTACT: Allan Friedman, National
Telecommunications and Information Administration, U.S. Department of
Commerce, 1401 Constitution Avenue NW, Room 4725, Washington, DC 20230;
telephone: (202) 482-4281; email: [email protected]. Please direct
media inquiries to NTIA's Office of Public Affairs: (202) 482-7002;
email: [email protected].
SUPPLEMENTARY INFORMATION:
Background
This National Telecommunications and Information Administration
cybersecurity multistakeholder process focuses on promoting software
component transparency. Most modern software is not written completely
from scratch, but includes existing components, modules, and libraries
from the open source and commercial software world. Modern development
practices, such as code reuse, and a dynamic IT marketplace with
acquisitions and mergers, make it challenging to track the use of
software components. The Internet of Things compounds this phenomenon,
as new organizations, enterprises, and innovators take on the role of
software developer to add ``smart'' features or connectivity to their
products. Although the majority of libraries and components do not have
known vulnerabilities, the sheer quantity of software means that some
software products ship with vulnerable or out-of-date components.
Under the multistakeholder process, NTIA acts as the convener, but
stakeholders drive the outcomes, determine how to scope and organize
the work through subgroups or other means, and evaluate success of the
process based on the extent to which the group's findings on software
component transparency are implemented across the ecosystem. The first
meeting of this multistakeholder process was held on July 19, 2018, in
Washington, DC.\1\ Stakeholders presented multiple perspectives, and
identified four inter-related work streams: Understanding the Problem,
Use Cases and State of Practice, Standards and Formats, and Healthcare
Proof of Concept.
---------------------------------------------------------------------------
\1\ Notes, presentations, and a video recording of the July 19,
2018, kickoff meeting are available at: https://www.ntia.doc.gov/SoftwareTransparency.
---------------------------------------------------------------------------
The main objectives of the November 6, 2018, meeting are to share
progress from the working groups and hear feedback from the broader
stakeholder community. Stakeholders will also discuss how the outputs
of the different work streams can complement each other, and identify
issues for further study. More information about stakeholders' work is
available at: https://www.ntia.doc.gov/SoftwareTransparency.
Time and Date: NTIA will convene the next meeting of the
multistakeholder process on software component transparency on November
6, 2018, from 10 a.m. to 4 p.m. Eastern Standard Time. Please refer to
NTIA's website, https://www.ntia.doc.gov/SoftwareTransparency, for the
most current information.
Place: The meeting will be held at the American Institute of
Architects, 1735 New York Ave. NW, Washington, DC 20006. The location
of the meeting is subject to change. Please refer to NTIA's website,
https://www.ntia.doc.gov/SoftwareTransparency, for the most current
information.
Other Information: The meeting is open to the public and the press
on a first-come, first-served basis. Space is limited.
The meeting is physically accessible to people with disabilities.
Requests for sign language interpretation or other auxiliary aids
should be directed to Allan Friedman at (202) 482-4281 or
[email protected] at least seven (7) business days prior to each
meeting. The meetings will also be webcast. Requests for real-time
captioning of the webcast or other auxiliary aids should be directed to
Allan Friedman at (202) 482-4281 or [email protected] at least
seven (7) business days prior to each meeting. There will be an
opportunity for stakeholders viewing the webcast to participate
remotely in the meetings through a moderated conference bridge,
including polling functionality. Access details for the meetings are
subject to change. Please refer to NTIA's website, https://www.ntia.doc.gov/SoftwareTransparency, for the most current
information.
Dated: October 16, 2018.
Kathy Smith,
Chief Counsel, National Telecommunications and Information
Administration.
[FR Doc. 2018-22872 Filed 10-19-18; 8:45 am]
BILLING CODE 3510-60-P
