Multistakeholder Process on Promoting Software Component Transparency, 80055-80056 [2020-27323]

Download as PDF Federal Register / Vol. 85, No. 239 / Friday, December 11, 2020 / Notices IHA) and alternatives with respect to potential impacts on the human environment. This action is consistent with categories of activities identified in Categorical Exclusion B4 (IHAs with no anticipated serious injury or mortality) of the Companion Manual for NOAA Administrative Order 216–6A, which do not individually or cumulatively have the potential for significant impacts on the quality of the human environment and for which we have not identified any extraordinary circumstances that would preclude this categorical exclusion. Accordingly, NMFS has determined that the issuance of the IHA qualifies to be categorically excluded from further NEPA review. Endangered Species Act (ESA) Section 7(a)(2) of the ESA (16 U.S.C. 1531 et seq.) requires that each Federal agency insure that any action it authorizes, funds, or carries out is not likely to jeopardize the continued existence of any endangered or threatened species or result in the destruction or adverse modification of designated critical habitat. No incidental take of ESA-listed species is authorized or expected to result from this activity. Therefore, NMFS has determined that formal consultation under section 7 of the ESA is not required for this action. Authorization NMFS has issued an IHA to the Coast Guard for the potential harassment of small numbers of five marine mammal species incidental to the Base Los Angeles/Long Beach Wharf Expansion project in Los Angeles, California, provided the previously mentioned mitigation, monitoring and reporting requirements are followed. Dated: December 7, 2020. Donna S. Wieting, Director, Office of Protected Resources, National Marine Fisheries Service. [FR Doc. 2020–27205 Filed 12–10–20; 8:45 am] BILLING CODE 3510–22–P DEPARTMENT OF COMMERCE jbell on DSKJLSW7X2PROD with NOTICES National Telecommunications and Information Administration Multistakeholder Process on Promoting Software Component Transparency National Telecommunications and Information Administration, Department of Commerce. ACTION: Notice of open meeting. AGENCY: VerDate Sep<11>2014 23:25 Dec 10, 2020 Jkt 253001 The National Telecommunications and Information Administration (NTIA) will convene a virtual meeting of a multistakeholder process on promoting software component transparency on January 13, 2021. DATES: The meeting will be held on January 13, 2021, from 12:00 p.m. to 4:00 p.m., Eastern Time. ADDRESSES: The meeting will be held virtually, with online slide share and dial-in information to be posted at https://www.ntia.gov/ SoftwareTransparency. FOR FURTHER INFORMATION CONTACT: Allan Friedman, National Telecommunications and Information Administration, U.S. Department of Commerce, 1401 Constitution Avenue NW, Room 4725, Washington, DC 20230; telephone: (202) 482–4281; email: afriedman@ntia.gov. Please direct media inquiries to NTIA’s Office of Public Affairs: (202) 482–7002; email: press@ntia.gov. SUPPLEMENTARY INFORMATION: SUMMARY: Background This NTIA cybersecurity multistakeholder process focuses on promoting software component transparency.1 Most modern software is not written completely from scratch, but includes existing components, modules, and libraries from the open source and commercial software world. Modern development practices such as code reuse, and a dynamic IT marketplace with acquisitions and mergers, make it challenging to track the use of software components. The Internet of Things compounds this phenomenon, as new organizations, enterprises, and innovators take on the role of software developer to add ‘‘smart’’ features or connectivity to their products. While the majority of libraries and components do not have known vulnerabilities, many do, and the sheer quantity of software means that some software products ship with vulnerable or out-ofdate components. The first meeting of this multistakeholder process was held on July 19, 2018, in Washington, DC.2 Stakeholders presented multiple perspectives, and identified several inter-related work streams: Understanding the Problem, Use Cases and State of Practice, Standards and Formats, and Healthcare Proof of 1 NTIA serves as the President’s principal adviser on telecommunications and information policies. See 47 U.S.C. 902(b)(2)(D). 2 Notes, presentations, and a video recording of the July 19, 2018 kickoff meeting are available at: https://www.ntia.gov/SoftwareTransparency. PO 00000 Frm 00066 Fmt 4703 Sfmt 4703 80055 Concept. Since then, stakeholders have been discussing key issues and developing products such as guidance documents. NTIA acts as the convener, but stakeholders drive the outcomes. Success of the process will be evaluated by the extent to which broader findings on software component transparency are implemented across the ecosystem. The first set of stakeholder-drafted documents on Software Bills of Materials was published by NTIA in November 2019. Those documents, and subsequent consensus-approved drafts from the community, are available at: https://www.ntia.gov/SBOM. The main objectives of the January 13, 2021 meeting are to share progress from the working groups; to give feedback on the ongoing work around technical challenges, tooling, demonstrations, and awareness and adoption; and to continue discussions around potential guidance or playbook documents. This meeting will also feature short demonstrations of SBOM-related tools and services to help the community understand the growth of the broader ecosystem. Demonstration suggestions and proposals should be 250 words or less and should be submitted to Allan Friedman at afriedman@ntia.gov by December 21, 2020. More information about stakeholders’ work is available at: https://www.ntia.gov/ SoftwareTransparency. Time and Date: NTIA will convene the next meeting of the multistakeholder process on Software Component Transparency on January 13, 2021, from 12:00 p.m. to 4:00 p.m. Eastern Time. The exact time of the meeting is subject to change. Please refer to NTIA’s website, https://www.ntia.gov/ SoftwareTransparency, for the most current information. Place: The meeting will be held virtually, with online slide share and dial-in information to be posted at https://www.ntia.gov/ SoftwareTransparency. Please refer to NTIA’s website, https://www.ntia.gov/ SoftwareTransparency, for the most current information. Other Information: The meeting is open to the public and the press on a first-come, first-served basis. The virtual meeting is accessible to people with disabilities. Requests for real-time captioning or other auxiliary aids should be directed to Allan Friedman at (202) 482–4281 or afriedman@ntia.gov at least seven (7) business days prior to the meeting. Access details for the meeting are subject to change. Please refer to NTIA’s website, https://www.ntia.gov/ SoftwareTransparency, for the most current information. E:\FR\FM\11DEN1.SGM 11DEN1 80056 Federal Register / Vol. 85, No. 239 / Friday, December 11, 2020 / Notices Dated: December 8, 2020. Kathy D. Smith, Chief Counsel, National Telecommunications and Information Administration. [FR Doc. 2020–27323 Filed 12–10–20; 8:45 am] BILLING CODE 3510–60–P COMMITTEE FOR PURCHASE FROM PEOPLE WHO ARE BLIND OR SEVERELY DISABLED Procurement List; Additions and Deletions Committee for Purchase From People Who Are Blind or Severely Disabled. ACTION: Additions to and deletions from the procurement list. AGENCY: This action adds product(s) and service(s) to the Procurement List that will be furnished by nonprofit agencies employing persons who are blind or have other severe disabilities, and deletes product(s) and service(s) from the Procurement List previously furnished by such agencies. DATES: Date added to and deleted from the Procurement List: January 10, 2021 ADDRESSES: Committee for Purchase From People Who Are Blind or Severely Disabled, 1401 S Clark Street, Suite 715, Arlington, Virginia 22202–4149. FOR FURTHER INFORMATION CONTACT: Michael R. Jurkowski, Telephone: (703) 603–2117, Fax: (703) 603–0655, or email CMTEFedReg@AbilityOne.gov. SUPPLEMENTARY INFORMATION: SUMMARY: Additions On 8/21/2020, 9/4/2020 and 9/11/ 2020, the Committee for Purchase From People Who Are Blind or Severely Disabled published notice of proposed additions to the Procurement List. This notice is published pursuant to 41 U.S.C. 8503 (a)(2) and 41 CFR 51–2.3. After consideration of the material presented to it concerning capability of qualified nonprofit agencies to provide the service(s) and impact of the additions on the current or most recent contractors, the Committee has determined that the service(s) listed below are suitable for procurement by the Federal Government under 41 U.S.C. 8501–8506 and 41 CFR 51–2.4. jbell on DSKJLSW7X2PROD with NOTICES Regulatory Flexibility Act Certification I certify that the following action will not have a significant impact on a substantial number of small entities. The major factors considered for this certification were: 1. The action will not result in any additional reporting, recordkeeping or VerDate Sep<11>2014 23:25 Dec 10, 2020 Jkt 253001 other compliance requirements for small entities other than the small organizations that will furnish the service(s) to the Government. 2. The action will result in authorizing small entities to furnish the service(s) to the Government. 3. There are no known regulatory alternatives which would accomplish the objectives of the Javits-WagnerO’Day Act (41 U.S.C. 8501–8506) in connection with the service(s) proposed for addition to the Procurement List. End of Certification Accordingly, the following service(s) are added to the Procurement List: Service(s) Service Type: Base Supply Center and Retail Gift Shop Mandatory for: Bureau of Alcohol, Firearms, Tobacco and Explosives, Washington, DC Designated Source of Supply: Virginia Industries for the Blind, Charlottesville, VA Contracting Activity: ATF ACQUISITION AND PROPERTY MGMT DIV, ATF Service Type: Janitorial Service Mandatory for: FAA, Portland Air Traffic Control Tower and SSC Office Space, Portland, ME Designated Source of Supply: Northern New England Employment Services, Portland, ME Contracting Activity: FEDERAL AVIATION ADMINISTRATION, 697DCK REGIONAL ACQUISITIONS SVCS Service Type: Janitorial Service Mandatory for: Federal Aviation Administration, Norfolk Air Traffic Control Tower, Virginia Beach, VA and Patrick Henry Field Air Traffic Control Tower, Newport News, VA Designated Source of Supply: Portco, Inc., Portsmouth, VA Contracting Activity: FEDERAL AVIATION ADMINISTRATION, 697DCK REGIONAL ACQUISITIONS SVCS Service Type: Janitorial Service Mandatory for: FAA, Air Traffic Control Tower, Roanoke, VA Designated Source of Supply: Goodwill Industries of the Valleys, Inc., Roanoke, VA Contracting Activity: FEDERAL AVIATION ADMINISTRATION, 697DCK REGIONAL ACQUISITIONS SVCS Deletions On 11/6/2020, the Committee for Purchase From People Who Are Blind or Severely Disabled published notice of proposed deletions from the Procurement List. This notice is published pursuant to 41 U.S.C. 8503 (a)(2) and 41 CFR 51–2.3. After consideration of the relevant matter presented, the Committee has determined that the product(s) and service(s) listed below are no longer suitable for procurement by the Federal PO 00000 Frm 00067 Fmt 4703 Sfmt 4703 Government under 41 U.S.C. 8501–8506 and 41 CFR 51–2.4. Regulatory Flexibility Act Certification I certify that the following action will not have a significant impact on a substantial number of small entities. The major factors considered for this certification were: 1. The action will not result in additional reporting, recordkeeping or other compliance requirements for small entities. 2. The action may result in authorizing small entities to furnish the product(s) and service(s) to the Government. 3. There are no known regulatory alternatives which would accomplish the objectives of the Javits-WagnerO’Day Act (41 U.S.C. 8501–8506) in connection with the product(s) and service(s) deleted from the Procurement List. End of Certification Accordingly, the following product(s) and service(s) are deleted from the Procurement List: Product(s) NSN(s)—Product Name(s): 7510–01–357–6830—Pad, Executive Message Recording, White/Yellow, 25⁄8″ x 61⁄4″, 400 Message Forms Designated Source of Supply: WinstonSalem Industries for the Blind, Inc., Winston-Salem, NC; The Arkansas Lighthouse for the Blind, Little Rock, AR Contracting Activity: GSA/FAS ADMIN SVCS ACQUISITION BR (2, NEW YORK, NY NSN(s)—Product Name(s): 7530–01–600–2026—Notebook, Memorandum Book, 100% PCW, 3x5″, 60 sheets, Narrow Rule, White 7530–01–600–2028—Notebook, Spiral Bound, 100% PCW, 81⁄2x11″, 80 sheets, College Rule, White 7530–01–600–2027—Notebook, Spiral Bound, 100% PCW, 81⁄2x11″, 100 sheets, Wide Rule, White 7530–01–600–2016—Notebook, Spiral Bound, 100% PCW, 81⁄2x11’’, 120 sheets, College Rule, White 7530–01–600–2015—Notebook, Spiral Bound, 100% PCW, 81⁄2x11″, 200 sheets, College Rule, White 7530–01–600–2021—Notebook, Spiral Bound, 100% PCW, 8x101⁄2″, 70 sheets, Wide Rule, White Designated Source of Supply: WinstonSalem Industries for the Blind, Inc., Winston-Salem, NC Contracting Activity: GSA/FAS ADMIN SVCS ACQUISITION BR(2, NEW YORK, NY NSN(s)—Product Name(s): 1005–01–134–3621—Index, Elevation Designated Source of Supply: Arizona Industries for the Blind, Phoenix, AZ Contracting Activity: DLA LAND AND MARITIME, COLUMBUS, OH E:\FR\FM\11DEN1.SGM 11DEN1

Agencies

[Federal Register Volume 85, Number 239 (Friday, December 11, 2020)]
[Notices]
[Pages 80055-80056]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-27323]


-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE

National Telecommunications and Information Administration


Multistakeholder Process on Promoting Software Component 
Transparency

AGENCY: National Telecommunications and Information Administration, 
Department of Commerce.

ACTION: Notice of open meeting.

-----------------------------------------------------------------------

SUMMARY: The National Telecommunications and Information Administration 
(NTIA) will convene a virtual meeting of a multistakeholder process on 
promoting software component transparency on January 13, 2021.

DATES: The meeting will be held on January 13, 2021, from 12:00 p.m. to 
4:00 p.m., Eastern Time.

ADDRESSES: The meeting will be held virtually, with online slide share 
and dial-in information to be posted at https://www.ntia.gov/SoftwareTransparency.

FOR FURTHER INFORMATION CONTACT: Allan Friedman, National 
Telecommunications and Information Administration, U.S. Department of 
Commerce, 1401 Constitution Avenue NW, Room 4725, Washington, DC 20230; 
telephone: (202) 482-4281; email: [email protected]. Please direct 
media inquiries to NTIA's Office of Public Affairs: (202) 482-7002; 
email: [email protected].

SUPPLEMENTARY INFORMATION:

Background

    This NTIA cybersecurity multistakeholder process focuses on 
promoting software component transparency.\1\ Most modern software is 
not written completely from scratch, but includes existing components, 
modules, and libraries from the open source and commercial software 
world. Modern development practices such as code reuse, and a dynamic 
IT marketplace with acquisitions and mergers, make it challenging to 
track the use of software components. The Internet of Things compounds 
this phenomenon, as new organizations, enterprises, and innovators take 
on the role of software developer to add ``smart'' features or 
connectivity to their products. While the majority of libraries and 
components do not have known vulnerabilities, many do, and the sheer 
quantity of software means that some software products ship with 
vulnerable or out-of-date components.
---------------------------------------------------------------------------

    \1\ NTIA serves as the President's principal adviser on 
telecommunications and information policies. See 47 U.S.C. 
902(b)(2)(D).
---------------------------------------------------------------------------

    The first meeting of this multistakeholder process was held on July 
19, 2018, in Washington, DC.\2\ Stakeholders presented multiple 
perspectives, and identified several inter-related work streams: 
Understanding the Problem, Use Cases and State of Practice, Standards 
and Formats, and Healthcare Proof of Concept. Since then, stakeholders 
have been discussing key issues and developing products such as 
guidance documents. NTIA acts as the convener, but stakeholders drive 
the outcomes. Success of the process will be evaluated by the extent to 
which broader findings on software component transparency are 
implemented across the ecosystem.
---------------------------------------------------------------------------

    \2\ Notes, presentations, and a video recording of the July 19, 
2018 kickoff meeting are available at: https://www.ntia.gov/SoftwareTransparency.
---------------------------------------------------------------------------

    The first set of stakeholder-drafted documents on Software Bills of 
Materials was published by NTIA in November 2019. Those documents, and 
subsequent consensus-approved drafts from the community, are available 
at: https://www.ntia.gov/SBOM. The main objectives of the January 13, 
2021 meeting are to share progress from the working groups; to give 
feedback on the ongoing work around technical challenges, tooling, 
demonstrations, and awareness and adoption; and to continue discussions 
around potential guidance or playbook documents. This meeting will also 
feature short demonstrations of SBOM-related tools and services to help 
the community understand the growth of the broader ecosystem. 
Demonstration suggestions and proposals should be 250 words or less and 
should be submitted to Allan Friedman at [email protected] by December 
21, 2020. More information about stakeholders' work is available at: 
https://www.ntia.gov/SoftwareTransparency.
    Time and Date: NTIA will convene the next meeting of the 
multistakeholder process on Software Component Transparency on January 
13, 2021, from 12:00 p.m. to 4:00 p.m. Eastern Time. The exact time of 
the meeting is subject to change. Please refer to NTIA's website, 
https://www.ntia.gov/SoftwareTransparency, for the most current 
information.
    Place: The meeting will be held virtually, with online slide share 
and dial-in information to be posted at https://www.ntia.gov/SoftwareTransparency. Please refer to NTIA's website, https://www.ntia.gov/SoftwareTransparency, for the most current information.
    Other Information: The meeting is open to the public and the press 
on a first-come, first-served basis.
    The virtual meeting is accessible to people with disabilities. 
Requests for real-time captioning or other auxiliary aids should be 
directed to Allan Friedman at (202) 482-4281 or [email protected] at 
least seven (7) business days prior to the meeting. Access details for 
the meeting are subject to change. Please refer to NTIA's website, 
https://www.ntia.gov/SoftwareTransparency, for the most current 
information.


[[Page 80056]]


    Dated: December 8, 2020.
Kathy D. Smith,
Chief Counsel, National Telecommunications and Information 
Administration.
[FR Doc. 2020-27323 Filed 12-10-20; 8:45 am]
BILLING CODE 3510-60-P