Skip to Content

Notice

Multistakeholder Process on Promoting Software Component Transparency

Document Details

Information about this document as published in the Federal Register.

Document Statistics
Document page views are updated periodically throughout the day and are cumulative counts for this document including its time on Public Inspection. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.
Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble

AGENCY:

National Telecommunications and Information Administration, U.S. Department of Commerce.

ACTION:

Notice of open meeting.

SUMMARY:

The National Telecommunications and Information Administration (NTIA) will convene a meeting of a multistakeholder process on promoting software component transparency on November 6, 2018.

DATES:

The meeting will be held on November 6, 2018, from 10 a.m. to 4 p.m., Eastern Standard Time.

ADDRESSES:

The meeting will be held at the American Institute of Architects, 1735 New York Ave. NW, Washington, DC 20006.

Start Further Info

FOR FURTHER INFORMATION CONTACT:

Allan Friedman, National Telecommunications and Information Administration, U.S. Department of Commerce, 1401 Constitution Avenue NW, Room 4725, Washington, DC 20230; telephone: (202) 482-4281; email: afriedman@ntia.doc.gov. Please direct media inquiries to NTIA's Office of Public Affairs: (202) 482-7002; email: press@ntia.doc.gov.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

Background

This National Telecommunications and Information Administration cybersecurity multistakeholder process focuses on promoting software component transparency. Most modern software is not written completely from scratch, but includes existing components, modules, and libraries from the open source and commercial software world. Modern development practices, such as code reuse, and a dynamic IT marketplace with acquisitions and mergers, make it challenging to track the use of software components. The Internet of Things compounds this phenomenon, as new organizations, enterprises, and innovators take on the role of software developer to add “smart” features or connectivity to their products. Although the majority of libraries and components do not have known vulnerabilities, the sheer quantity of software means that some software products ship with vulnerable or out-of-date components.

Under the multistakeholder process, NTIA acts as the convener, but stakeholders drive the outcomes, determine how to scope and organize the work through subgroups or other means, and evaluate success of the process based on the extent to which the group's findings on software component transparency are implemented across the ecosystem. The first meeting of this multistakeholder process was held on July 19, 2018, in Washington, DC.[1] Stakeholders presented multiple perspectives, and identified four inter-related work streams: Understanding the Problem, Use Cases and State of Practice, Standards and Formats, and Healthcare Proof of Concept.

The main objectives of the November 6, 2018, meeting are to share progress from the working groups and hear feedback from the broader stakeholder community. Stakeholders will also discuss how the outputs of the different work streams can complement each other, and identify issues for further study. More information about stakeholders' work is available at: https://www.ntia.doc.gov/​SoftwareTransparency.

Time and Date: NTIA will convene the next meeting of the multistakeholder process on software component transparency on November 6, 2018, from 10 a.m. to 4 p.m. Eastern Standard Time. Please refer to NTIA's website, https://www.ntia.doc.gov/​SoftwareTransparency, for the most current information.

Place: The meeting will be held at the American Institute of Architects, 1735 New York Ave. NW, Washington, DC 20006. The location of the meeting is subject to change. Please refer to NTIA's website, https://www.ntia.doc.gov/​SoftwareTransparency, for the most current information.

Other Information: The meeting is open to the public and the press on a first-come, first-served basis. Space is limited.

The meeting is physically accessible to people with disabilities. Requests for sign language interpretation or other auxiliary aids should be directed to Allan Friedman at (202) 482-4281 or afriedman@ntia.doc.gov at least seven (7) business days prior to each meeting. The meetings will also be webcast. Requests for real-time captioning of the webcast or other auxiliary aids should be directed to Allan Friedman at (202) 482-4281 or afriedman@ntia.doc.gov at least seven (7) business days prior to each meeting. There will be an opportunity for stakeholders viewing the webcast to participate remotely in the meetings through a moderated conference bridge, including polling functionality. Access details for the meetings are subject to change. Please refer to NTIA's website, https://www.ntia.doc.gov/​SoftwareTransparency, for the most current information.

Start Signature

Dated: October 16, 2018.

Kathy Smith,

Chief Counsel, National Telecommunications and Information Administration.

End Signature End Supplemental Information

Footnotes

1.  Notes, presentations, and a video recording of the July 19, 2018, kickoff meeting are available at: https://www.ntia.doc.gov/​SoftwareTransparency.

Back to Citation

[FR Doc. 2018-22872 Filed 10-19-18; 8:45 am]

BILLING CODE 3510-60-P