CEN/CENELEC

There is currently no standard addressing the cybersecurity of AI systems. In ISO/IEC JTC1 SC27 WG4  27090 is under development; and I contribute directly to this work.

The AI Act is a European regulation promoting the uptake of human-centric and trustworthy AI, while ensuring protection of health, safety, and fundamental rights. Companies can prove conformity with the AI Act by complying with the 10 harmonised standards drafted by CEN-CENELEC. My fellowship contributes to two harmonised standards supporting the AI Act.

Incorporation of at least two sensory channels for information consumption is required by the European Accessibility Act, but currently not widely realized in technical communication. With its structured semantic approach, the proposed standard seeks to help eliminate this shortcoming.

Annegrit's priority is the Convenorship of CEN CENELEC JTC21 WG 5,  the organisation and project support to work on the AI Act standardisation request for Cybersecurity. This includes a close collaboration with other groups within JTC 21, JTC 13, ISO IEC SC 42 and SC 27 to collect all information of existing and work under development. The main challenge is that JTC 21 and also our WG5 has a diverse structure of experts and knowledge, which makes the work, the effort and efficiency very difficult. In this case, the challenge in addition is the collaboration with other existing standardisation groups within JTC 21 as well as with JTC 13 for Cyber Resilience Act, with ETSI and their view, with ISO IEC SC 27 and SC 42.

ICT Standards funding enables me to attend JTC21 WG1, WG2, WG3 and WG4 meetings and national commission gatherings of NEN (Dutch standardisation body). For me, as a newcomer to the field of standardisation, attending various international and national standardisation-related meetings is insightful. 

Blockchain technology is poised to play a fundamental role in democratising internet technology, offering decentralised solutions that prioritise transparency, security, and user empowerment.

Through this fellowship project, I am directly pursuing the development, approval, and publication of the following standards: ISO 22739:2024 ‘Blockchain and Distributed Ledger Technologies – Vocabulary’, ISO/TR 24332  ‘Blockchain and Distributed Ledger Technology in relation to authoritative records, records systems, and records management’ and ISO/NP 24982 ‘Digital currencies – Vocabulary’.

Overall, I am taking a more holistic view of the AI standardisation roadmap while pursuing in parallel my contributions to specific AI standards in SC 42 and JTC 21.

The development of ICT standards for QT is crucial for establishing harmonised approaches and interoperability within the EU, thus ensuring the successful deployment of large-scale quantum networks. 

This fellowship allows me to take part to all meetings concerning Cybersecurity, Privacy and Artificial Intelligence (even most are very early or very late in the day, as per rules for scheduling in SDO's), whilst being able to keep delivering standard based consulting especially for SMEs which need to comply for ISO 27001 certifications mostly. 

Considering the publication of the AI Act, in the next months a challenge will be given to supporting the application of the EU Regulation with a complete vision of existing standards, giving also some orientations to individuate possible new standardisation requests where needed.

This project should therefore have a positive impact on the ability of SMEs to produce and assess quality NLP systems, and should simplify compliance with the AI Act requirements.