Multistakeholder Process on Promoting Software Component Transparency, 80055-80056 [2020-27323]
Download as PDF
<![CDATA[
Federal Register / Vol. 85, No. 239 / Friday, December 11, 2020 / Notices
IHA) and alternatives with respect to
potential impacts on the human
environment.
This action is consistent with
categories of activities identified in
Categorical Exclusion B4 (IHAs with no
anticipated serious injury or mortality)
of the Companion Manual for NOAA
Administrative Order 216–6A, which do
not individually or cumulatively have
the potential for significant impacts on
the quality of the human environment
and for which we have not identified
any extraordinary circumstances that
would preclude this categorical
exclusion. Accordingly, NMFS has
determined that the issuance of the IHA
qualifies to be categorically excluded
from further NEPA review.
Endangered Species Act (ESA)
Section 7(a)(2) of the ESA (16 U.S.C.
1531 et seq.) requires that each Federal
agency insure that any action it
authorizes, funds, or carries out is not
likely to jeopardize the continued
existence of any endangered or
threatened species or result in the
destruction or adverse modification of
designated critical habitat.
No incidental take of ESA-listed
species is authorized or expected to
result from this activity. Therefore,
NMFS has determined that formal
consultation under section 7 of the ESA
is not required for this action.
Authorization
NMFS has issued an IHA to the Coast
Guard for the potential harassment of
small numbers of five marine mammal
species incidental to the Base Los
Angeles/Long Beach Wharf Expansion
project in Los Angeles, California,
provided the previously mentioned
mitigation, monitoring and reporting
requirements are followed.
Dated: December 7, 2020.
Donna S. Wieting,
Director, Office of Protected Resources,
National Marine Fisheries Service.
[FR Doc. 2020–27205 Filed 12–10–20; 8:45 am]
BILLING CODE 3510–22–P
DEPARTMENT OF COMMERCE
jbell on DSKJLSW7X2PROD with NOTICES
National Telecommunications and
Information Administration
Multistakeholder Process on
Promoting Software Component
Transparency
National Telecommunications
and Information Administration,
Department of Commerce.
ACTION: Notice of open meeting.
AGENCY:
VerDate Sep<11>2014
23:25 Dec 10, 2020
Jkt 253001
The National
Telecommunications and Information
Administration (NTIA) will convene a
virtual meeting of a multistakeholder
process on promoting software
component transparency on January 13,
2021.
DATES: The meeting will be held on
January 13, 2021, from 12:00 p.m. to
4:00 p.m., Eastern Time.
ADDRESSES: The meeting will be held
virtually, with online slide share and
dial-in information to be posted at
https://www.ntia.gov/
SoftwareTransparency.
FOR FURTHER INFORMATION CONTACT:
Allan Friedman, National
Telecommunications and Information
Administration, U.S. Department of
Commerce, 1401 Constitution Avenue
NW, Room 4725, Washington, DC
20230; telephone: (202) 482–4281;
email: afriedman@ntia.gov. Please direct
media inquiries to NTIA’s Office of
Public Affairs: (202) 482–7002; email:
press@ntia.gov.
SUPPLEMENTARY INFORMATION:
SUMMARY:
Background
This NTIA cybersecurity
multistakeholder process focuses on
promoting software component
transparency.1 Most modern software is
not written completely from scratch, but
includes existing components, modules,
and libraries from the open source and
commercial software world. Modern
development practices such as code
reuse, and a dynamic IT marketplace
with acquisitions and mergers, make it
challenging to track the use of software
components. The Internet of Things
compounds this phenomenon, as new
organizations, enterprises, and
innovators take on the role of software
developer to add ‘‘smart’’ features or
connectivity to their products. While
the majority of libraries and components
do not have known vulnerabilities,
many do, and the sheer quantity of
software means that some software
products ship with vulnerable or out-ofdate components.
The first meeting of this
multistakeholder process was held on
July 19, 2018, in Washington, DC.2
Stakeholders presented multiple
perspectives, and identified several
inter-related work streams:
Understanding the Problem, Use Cases
and State of Practice, Standards and
Formats, and Healthcare Proof of
1 NTIA serves as the President’s principal adviser
on telecommunications and information policies.
See 47 U.S.C. 902(b)(2)(D).
2 Notes, presentations, and a video recording of
the July 19, 2018 kickoff meeting are available at:
https://www.ntia.gov/SoftwareTransparency.
PO 00000
Frm 00066
Fmt 4703
Sfmt 4703
80055
Concept. Since then, stakeholders have
been discussing key issues and
developing products such as guidance
documents. NTIA acts as the convener,
but stakeholders drive the outcomes.
Success of the process will be evaluated
by the extent to which broader findings
on software component transparency are
implemented across the ecosystem.
The first set of stakeholder-drafted
documents on Software Bills of
Materials was published by NTIA in
November 2019. Those documents, and
subsequent consensus-approved drafts
from the community, are available at:
https://www.ntia.gov/SBOM. The main
objectives of the January 13, 2021
meeting are to share progress from the
working groups; to give feedback on the
ongoing work around technical
challenges, tooling, demonstrations, and
awareness and adoption; and to
continue discussions around potential
guidance or playbook documents. This
meeting will also feature short
demonstrations of SBOM-related tools
and services to help the community
understand the growth of the broader
ecosystem. Demonstration suggestions
and proposals should be 250 words or
less and should be submitted to Allan
Friedman at afriedman@ntia.gov by
December 21, 2020. More information
about stakeholders’ work is available at:
https://www.ntia.gov/
SoftwareTransparency.
Time and Date: NTIA will convene
the next meeting of the multistakeholder
process on Software Component
Transparency on January 13, 2021, from
12:00 p.m. to 4:00 p.m. Eastern Time.
The exact time of the meeting is subject
to change. Please refer to NTIA’s
website, https://www.ntia.gov/
SoftwareTransparency, for the most
current information.
Place: The meeting will be held
virtually, with online slide share and
dial-in information to be posted at
https://www.ntia.gov/
SoftwareTransparency. Please refer to
NTIA’s website, https://www.ntia.gov/
SoftwareTransparency, for the most
current information.
Other Information: The meeting is
open to the public and the press on a
first-come, first-served basis.
The virtual meeting is accessible to
people with disabilities. Requests for
real-time captioning or other auxiliary
aids should be directed to Allan
Friedman at (202) 482–4281 or
afriedman@ntia.gov at least seven (7)
business days prior to the meeting.
Access details for the meeting are
subject to change. Please refer to NTIA’s
website, https://www.ntia.gov/
SoftwareTransparency, for the most
current information.
E:\FR\FM\11DEN1.SGM
11DEN1
80056
Federal Register / Vol. 85, No. 239 / Friday, December 11, 2020 / Notices
Dated: December 8, 2020.
Kathy D. Smith,
Chief Counsel, National Telecommunications
and Information Administration.
[FR Doc. 2020–27323 Filed 12–10–20; 8:45 am]
BILLING CODE 3510–60–P
COMMITTEE FOR PURCHASE FROM
PEOPLE WHO ARE BLIND OR
SEVERELY DISABLED
Procurement List; Additions and
Deletions
Committee for Purchase From
People Who Are Blind or Severely
Disabled.
ACTION: Additions to and deletions from
the procurement list.
AGENCY:
This action adds product(s)
and service(s) to the Procurement List
that will be furnished by nonprofit
agencies employing persons who are
blind or have other severe disabilities,
and deletes product(s) and service(s)
from the Procurement List previously
furnished by such agencies.
DATES: Date added to and deleted from
the Procurement List: January 10, 2021
ADDRESSES: Committee for Purchase
From People Who Are Blind or Severely
Disabled, 1401 S Clark Street, Suite 715,
Arlington, Virginia 22202–4149.
FOR FURTHER INFORMATION CONTACT:
Michael R. Jurkowski, Telephone: (703)
603–2117, Fax: (703) 603–0655, or email
CMTEFedReg@AbilityOne.gov.
SUPPLEMENTARY INFORMATION:
SUMMARY:
Additions
On 8/21/2020, 9/4/2020 and 9/11/
2020, the Committee for Purchase From
People Who Are Blind or Severely
Disabled published notice of proposed
additions to the Procurement List. This
notice is published pursuant to 41
U.S.C. 8503 (a)(2) and 41 CFR 51–2.3.
After consideration of the material
presented to it concerning capability of
qualified nonprofit agencies to provide
the service(s) and impact of the
additions on the current or most recent
contractors, the Committee has
determined that the service(s) listed
below are suitable for procurement by
the Federal Government under 41 U.S.C.
8501–8506 and 41 CFR 51–2.4.
jbell on DSKJLSW7X2PROD with NOTICES
Regulatory Flexibility Act Certification
I certify that the following action will
not have a significant impact on a
substantial number of small entities.
The major factors considered for this
certification were:
1. The action will not result in any
additional reporting, recordkeeping or
VerDate Sep<11>2014
23:25 Dec 10, 2020
Jkt 253001
other compliance requirements for small
entities other than the small
organizations that will furnish the
service(s) to the Government.
2. The action will result in
authorizing small entities to furnish the
service(s) to the Government.
3. There are no known regulatory
alternatives which would accomplish
the objectives of the Javits-WagnerO’Day Act (41 U.S.C. 8501–8506) in
connection with the service(s) proposed
for addition to the Procurement List.
End of Certification
Accordingly, the following service(s)
are added to the Procurement List:
Service(s)
Service Type: Base Supply Center and Retail
Gift Shop
Mandatory for: Bureau of Alcohol, Firearms,
Tobacco and Explosives, Washington,
DC
Designated Source of Supply: Virginia
Industries for the Blind, Charlottesville,
VA
Contracting Activity: ATF ACQUISITION
AND PROPERTY MGMT DIV, ATF
Service Type: Janitorial Service
Mandatory for: FAA, Portland Air Traffic
Control Tower and SSC Office Space,
Portland, ME
Designated Source of Supply: Northern New
England Employment Services, Portland,
ME
Contracting Activity: FEDERAL AVIATION
ADMINISTRATION, 697DCK
REGIONAL ACQUISITIONS SVCS
Service Type: Janitorial Service
Mandatory for: Federal Aviation
Administration, Norfolk Air Traffic
Control Tower, Virginia Beach, VA and
Patrick Henry Field Air Traffic Control
Tower, Newport News, VA
Designated Source of Supply: Portco, Inc.,
Portsmouth, VA
Contracting Activity: FEDERAL AVIATION
ADMINISTRATION, 697DCK
REGIONAL ACQUISITIONS SVCS
Service Type: Janitorial Service
Mandatory for: FAA, Air Traffic Control
Tower, Roanoke, VA
Designated Source of Supply: Goodwill
Industries of the Valleys, Inc., Roanoke,
VA
Contracting Activity: FEDERAL AVIATION
ADMINISTRATION, 697DCK
REGIONAL ACQUISITIONS SVCS
Deletions
On 11/6/2020, the Committee for
Purchase From People Who Are Blind
or Severely Disabled published notice of
proposed deletions from the
Procurement List. This notice is
published pursuant to 41 U.S.C. 8503
(a)(2) and 41 CFR 51–2.3.
After consideration of the relevant
matter presented, the Committee has
determined that the product(s) and
service(s) listed below are no longer
suitable for procurement by the Federal
PO 00000
Frm 00067
Fmt 4703
Sfmt 4703
Government under 41 U.S.C. 8501–8506
and 41 CFR 51–2.4.
Regulatory Flexibility Act Certification
I certify that the following action will
not have a significant impact on a
substantial number of small entities.
The major factors considered for this
certification were:
1. The action will not result in
additional reporting, recordkeeping or
other compliance requirements for small
entities.
2. The action may result in
authorizing small entities to furnish the
product(s) and service(s) to the
Government.
3. There are no known regulatory
alternatives which would accomplish
the objectives of the Javits-WagnerO’Day Act (41 U.S.C. 8501–8506) in
connection with the product(s) and
service(s) deleted from the Procurement
List.
End of Certification
Accordingly, the following product(s)
and service(s) are deleted from the
Procurement List:
Product(s)
NSN(s)—Product Name(s):
7510–01–357–6830—Pad, Executive
Message Recording, White/Yellow, 25⁄8″
x 61⁄4″, 400 Message Forms
Designated Source of Supply: WinstonSalem Industries for the Blind, Inc.,
Winston-Salem, NC; The Arkansas
Lighthouse for the Blind, Little Rock, AR
Contracting Activity: GSA/FAS ADMIN
SVCS ACQUISITION BR (2, NEW YORK,
NY
NSN(s)—Product Name(s):
7530–01–600–2026—Notebook,
Memorandum Book, 100% PCW, 3x5″,
60 sheets, Narrow Rule, White
7530–01–600–2028—Notebook, Spiral
Bound, 100% PCW, 81⁄2x11″, 80 sheets,
College Rule, White
7530–01–600–2027—Notebook, Spiral
Bound, 100% PCW, 81⁄2x11″, 100 sheets,
Wide Rule, White
7530–01–600–2016—Notebook, Spiral
Bound, 100% PCW, 81⁄2x11’’, 120 sheets,
College Rule, White
7530–01–600–2015—Notebook, Spiral
Bound, 100% PCW, 81⁄2x11″, 200 sheets,
College Rule, White
7530–01–600–2021—Notebook, Spiral
Bound, 100% PCW, 8x101⁄2″, 70 sheets,
Wide Rule, White
Designated Source of Supply: WinstonSalem Industries for the Blind, Inc.,
Winston-Salem, NC
Contracting Activity: GSA/FAS ADMIN
SVCS ACQUISITION BR(2, NEW YORK,
NY
NSN(s)—Product Name(s):
1005–01–134–3621—Index, Elevation
Designated Source of Supply: Arizona
Industries for the Blind, Phoenix, AZ
Contracting Activity: DLA LAND AND
MARITIME, COLUMBUS, OH
E:\FR\FM\11DEN1.SGM
11DEN1
]]>Agencies
[Federal Register Volume 85, Number 239 (Friday, December 11, 2020)]
[Notices]
[Pages 80055-80056]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-27323]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
National Telecommunications and Information Administration
Multistakeholder Process on Promoting Software Component
Transparency
AGENCY: National Telecommunications and Information Administration,
Department of Commerce.
ACTION: Notice of open meeting.
-----------------------------------------------------------------------
SUMMARY: The National Telecommunications and Information Administration
(NTIA) will convene a virtual meeting of a multistakeholder process on
promoting software component transparency on January 13, 2021.
DATES: The meeting will be held on January 13, 2021, from 12:00 p.m. to
4:00 p.m., Eastern Time.
ADDRESSES: The meeting will be held virtually, with online slide share
and dial-in information to be posted at https://www.ntia.gov/SoftwareTransparency.
FOR FURTHER INFORMATION CONTACT: Allan Friedman, National
Telecommunications and Information Administration, U.S. Department of
Commerce, 1401 Constitution Avenue NW, Room 4725, Washington, DC 20230;
telephone: (202) 482-4281; email: [email protected]. Please direct
media inquiries to NTIA's Office of Public Affairs: (202) 482-7002;
email: [email protected].
SUPPLEMENTARY INFORMATION:
Background
This NTIA cybersecurity multistakeholder process focuses on
promoting software component transparency.\1\ Most modern software is
not written completely from scratch, but includes existing components,
modules, and libraries from the open source and commercial software
world. Modern development practices such as code reuse, and a dynamic
IT marketplace with acquisitions and mergers, make it challenging to
track the use of software components. The Internet of Things compounds
this phenomenon, as new organizations, enterprises, and innovators take
on the role of software developer to add ``smart'' features or
connectivity to their products. While the majority of libraries and
components do not have known vulnerabilities, many do, and the sheer
quantity of software means that some software products ship with
vulnerable or out-of-date components.
---------------------------------------------------------------------------
\1\ NTIA serves as the President's principal adviser on
telecommunications and information policies. See 47 U.S.C.
902(b)(2)(D).
---------------------------------------------------------------------------
The first meeting of this multistakeholder process was held on July
19, 2018, in Washington, DC.\2\ Stakeholders presented multiple
perspectives, and identified several inter-related work streams:
Understanding the Problem, Use Cases and State of Practice, Standards
and Formats, and Healthcare Proof of Concept. Since then, stakeholders
have been discussing key issues and developing products such as
guidance documents. NTIA acts as the convener, but stakeholders drive
the outcomes. Success of the process will be evaluated by the extent to
which broader findings on software component transparency are
implemented across the ecosystem.
---------------------------------------------------------------------------
\2\ Notes, presentations, and a video recording of the July 19,
2018 kickoff meeting are available at: https://www.ntia.gov/SoftwareTransparency.
---------------------------------------------------------------------------
The first set of stakeholder-drafted documents on Software Bills of
Materials was published by NTIA in November 2019. Those documents, and
subsequent consensus-approved drafts from the community, are available
at: https://www.ntia.gov/SBOM. The main objectives of the January 13,
2021 meeting are to share progress from the working groups; to give
feedback on the ongoing work around technical challenges, tooling,
demonstrations, and awareness and adoption; and to continue discussions
around potential guidance or playbook documents. This meeting will also
feature short demonstrations of SBOM-related tools and services to help
the community understand the growth of the broader ecosystem.
Demonstration suggestions and proposals should be 250 words or less and
should be submitted to Allan Friedman at [email protected] by December
21, 2020. More information about stakeholders' work is available at:
https://www.ntia.gov/SoftwareTransparency.
Time and Date: NTIA will convene the next meeting of the
multistakeholder process on Software Component Transparency on January
13, 2021, from 12:00 p.m. to 4:00 p.m. Eastern Time. The exact time of
the meeting is subject to change. Please refer to NTIA's website,
https://www.ntia.gov/SoftwareTransparency, for the most current
information.
Place: The meeting will be held virtually, with online slide share
and dial-in information to be posted at https://www.ntia.gov/SoftwareTransparency. Please refer to NTIA's website, https://www.ntia.gov/SoftwareTransparency, for the most current information.
Other Information: The meeting is open to the public and the press
on a first-come, first-served basis.
The virtual meeting is accessible to people with disabilities.
Requests for real-time captioning or other auxiliary aids should be
directed to Allan Friedman at (202) 482-4281 or [email protected] at
least seven (7) business days prior to the meeting. Access details for
the meeting are subject to change. Please refer to NTIA's website,
https://www.ntia.gov/SoftwareTransparency, for the most current
information.
[[Page 80056]]
Dated: December 8, 2020.
Kathy D. Smith,
Chief Counsel, National Telecommunications and Information
Administration.
[FR Doc. 2020-27323 Filed 12-10-20; 8:45 am]
BILLING CODE 3510-60-P
