Working group

Standardization in the area of Artificial Intelligence

• Serve as the focus and proponent for JTC 1's standardization program on Artificial Intelligence
• Provide guidance to JTC 1, IEC, and ISO committees developing Artificial Intelligence applications

Scope

Standardization of IT Service Management and IT Governance.

Develop standards, tools, frameworks, best practices and related documents for IT Service Management and IT Governance, including areas of IT activity such as audit, digital forensics, governance, risk management, outsourcing, service operations and service maintenance, but excluding subject matter covered under the scope and existing work programs of JTC 1/SC 27 and JTC 1/SC 38.

The work will initially cover:

• Governance of IT, including the development of the ISO/IEC 38500 series standards and related documents.
• Operational aspects of Governance of IT, including ISO/IEC 30121 Information Technology — Governance of digital forensic risk framework, and interfaces with the management of IT as well as the role of governance in the area of business innovation.
• All aspects relating to IT service management, including the development of the ISO/IEC 20000 series standards and related documents.
• All aspects relating to IT-Enabled Services — Business Process Outsourcing, including the development of the ISO/IEC 30105 series standards and related documents.

Standardization of assessment methods, design practices, operation and management aspects to support resource efficiency, resilience and environmental sustainability for and by information , data centres and other facilities and infrastructure necessary for service provisioning

To avoid any duplication of work and to support innovation, SC 39 will engage in active liaison and collaboration with

• other JTC1 entities
• ISO TC 207, ISO TC 242, ISO TC 257;
• IEC TC 100, IEC TC 111, IEC PC 118, SMB SG 4, IEC/TC 57/WG 2 and IEC/TC 9
• ITU-T SG 5; and
• Any other appropriate body including external organizations (e.g. consortia)

Standardization in the areas of Cloud Computing and Distributed Platforms including:

• Foundational concepts and technologies,
• Operational issues, and
• Interactions among Cloud Computing systems and with other distributed systems

SC 38 serves as the focus, proponent, and systems integration entity on Cloud Computing, Distributed Platforms, and the application of these technologies. SC 38 provides guidance to JTC 1, IEC, ISO and other entities developing standards in these areas.

Standardization of generic biometric technologies pertaining to human beings to support interoperability and data interchange among applications and systems.

Generic human biometric standards include: common f ile frameworks; biometric application programming interfaces; biometric data interchange formats; related biometric profiles; application of evaluation criteria to biometric technologies; methodologies for performance testing and reporting and cross jurisdictional and societal aspects.

Excluded is the work in ISO/IEC JTC 1/SC 17 to apply biometric technologies to cards and personal identification. Excluded is the work in ISO/IEC JTC 1/SC 27 for biometric data protections techniques, biometric security testing, evaluations and evaluations methodologies.

Standardization in the field of information technologies for learning, education, and training to support individuals, groups, or organizations, and to enable interoperability and reusability of resources and tool.

Excluded from this scope are:

• standards or technical reports that define educational standards (competencies), cultural conventions, learning objectives, or specific learning content.
• work done by other ISO or IEC TCs, SCs, or WGs with respect to their component, specialty, or domain. Instead, when appropriate, normative or informative references to other standards shall be included. Examples include documents on special topics such as multimedia, web content, cultural adaptation, and security.

Standardization in the field of user-system interfaces in information and communication technology (ICT) environments and support for these interfaces to serve all users, including people having accessibility or other specific needs, with a priority of meeting the JTC 1 requirements for cultural and linguistic adaptability.

This includes:

• user interface accessibility (requirements, needs, methods, techniques and enablers);
• cultural and linguistic adaptability and accessibility (such as evaluation of cultural and linguistic adaptability of ICT products, harmonized human language equivalents, localization parameters, voice messaging menus);
• user interface objects, actions and attributes;
• methods and technologies for controlling and navigating within systems, devices and applications in visual, auditory, tactile and other sensorial modalities (such as by voice, vision, movement, gestures);
• symbols, functionality and interactions of user interfaces (such as graphical, tactile and auditory icons, graphical symbols and other user interface elements);
• visual, auditory, tactile and other sensorial input and output devices and methods in ICT environments (for devices such as keyboards, displays, mice);
• user interfaces for mobile devices, hand‐held devices and remote interactions.

Standardization in the field of document structures, languages and related facilities for the description and processing of compound and hypermedia documents, including:

• languages for describing document logical structures and their support facilities
• languages for describing document-like objects in web environments facilities
• document processing architecture and formatting for logical documents facilities
• languages for describing interactive documents facilities
• multilingual font information interchange and related services facilities
• final-form document architecture and page information interchange facilities
• hypermedia document structuring language and application resources facilities
• API's for document processing

Standardization in the area of Internet of Things and related technologies.

1. Serve as the focus and proponent for JTC 1's standardization programme on the Internet of Things and related technologies, including Sensor Networks and Wearables technologies.
2. Provide guidance to JTC 1, IEC, ISO and other entities developing Internet of Things related applications.

SC 31 continues to deliver technically rigorous standards that meet user requirements. Looking ahead in 2016 SC31 will deliver three standards of note. One jointly developed with SC 17 will measure the quality of OCR Characters used on passports significantly improving the readability of the characters (ISO/IEC 30116). The second will establish the first quantitative method for test and evaluation of localization systems aiding the first responder community and public safety (ISO/IEC 18305). The third is a method for uniquely identifying devices and items touching the Internet of Things (ISO/IEC 29161). In 2016 SC31 will commence a joint effort with the ISO Conformance Assessment Organization (CASCO) focusing on use of an “eLabel” to replace traditional conformance markings on electronic devices.

The OASIS MQTT TC is producing a standard for the Message Queuing Telemetry Transport Protocol compatible with MQTT V3.1, together with requirements for enhancements, documented usage examples, best practices, and guidance for use of MQTT topics with commonly available registry and discovery mechanisms. The standard supports bi-directional messaging to uniformly handle both signals and commands, deterministic message delivery, basic QoS levels, always/sometimes-connected scenarios, loose coupling, and scalability to support large numbers of devices. Candidates for enhancements include message priority and expiry, message payload typing, request/reply, and subscription expiry.

As an M2M/Internet of Things (IoT) connectivity protocol, MQTT is designed to support messaging transport from remote locations/devices involving small code footprints (e.g., 8-bit, 256KB ram controllers), low power, low bandwidth, high-cost connections, high latency, variable availability, and negotiated delivery guarantees. For example, MQTT is being used in sensors communicating to a broker via satellite links, SCADA, over occasional dial-up connections with healthcare providers (medical devices), and in a range of home automation and small device scenarios. MQTT is also ideal for mobile applications because of its small size, minimized data packets, and efficient distribution of information to one or many receivers (subscribers).

For more information on the MQTT TC, see the TC Charter.

The OASIS Cyber Threat Intelligence (CTI) TC was chartered to define a set of information representations and protocols to address the need to model, analyze, and share cyber threat intelligence. In the initial phase of TC work, three specifications will be transitioned from the US Department of Homeland Security (DHS) for development and standardization under the OASIS open standards process: STIX (Structured Threat Information Expression), TAXII (Trusted Automated Exchange of Indicator Information), and CybOX (Cyber Observable Expression).

The OASIS CTI Technical Committee will:

• define composable information sharing services for peer-to-peer, hub-and-spoke, and source subscriber threat intelligence sharing models
• develop standardized representations for campaigns, threat actors, incidents, tactics techniques and procedures (TTPs), indicators, exploit targets, observables, and courses of action
• develop formal models that allow organizations to develop their own standards-based sharing architectures to meet specific needs

For more information on the CTI TC, see the TC Charter.