ISO/IEC TS 22237-7:2018 specifies processes for the management and operation of data centres. The primary focus of this document is the operational processes necessary to deliver the expected level of resilience, availability, risk management, risk mitigation, capacity planning, security and energy efficiency.
The secondary focus is on management processes to align the actual and future demands of users.
This document specifies requirements and recommendations concerning the physical security of data centres based on the criteria and classifications for “availability”, “security” and “energy efficiency enablement” within ISO/IEC 22237-1.
This document provides designations for the data centre spaces defined in ISO/IEC 22237-1.
This document specifies requirements and recommendations for such data centre spaces, and the systems employed within those spaces, in relation to protection against:
a) unauthorized access addressing organizational and technological solutions;
b) intrusion;
c) internal fire events igniting within data centre spaces;
d) internal environmental events (other than fire) within the data centre spaces which would affect the defined level of protection;
e) external environmental events outside the data centre spaces which would affect the defined level of protection.
NOTE Constructional requirements and recommendations are provided by reference to ISO/IEC 22237-2.
Safety and electromagnetic compatibility (EMC) requirements are outside the scope of this document and are covered by other standards and regulations. However, information given in this document can be of assistance in meeting these standards and regulations.
Conformance of data centres to the present document is covered in Clause 4.
ISO/IEC TS 22237-5:2018 addresses the wide range of telecommunications cabling infrastructures within data centres based upon the criteria and classifications for "availability" within ISO/IEC TS 22237‑1.
ISO/IEC TS 22237-5:2018 specifies requirements and recommendations for the following:
a) information technology and network telecommunications cabling (e.g. SAN and LAN);
b) general information technology cabling to support the operation of the data centre;
c) telecommunications cabling to monitor and control, as appropriate, power distribution, environmental control and physical security of the data centre;
d) other building automation cabling;
e) pathways, spaces and enclosures for the telecommunications cabling infrastructures.
Safety and electromagnetic compatibility (EMC) requirements are outside the scope of this document and are covered by other standards and regulations. However, information given in this document may be of assistance in meeting these standards and regulations.
This document addresses environmental control within data centres based upon the criteria and classifications for “availability”, “security” and “energy efficiency enablement” within ISO/IEC 22237‑1.
This document specifies requirements and recommendations for the following:
a) temperature control;
b) fluid movement control;
c) relative humidity control;
d) particulate control;
e) vibration;
f) physical security of environmental control systems.
This document addresses power supplies to, and power distribution within, data centres based upon the criteria and classifications for “availability”, “physical security” and “energy efficiency enablement” within ISO/IEC 22237‑1.
This document specifies requirements and recommendations for the following:
a) power supplies to data centres;
b) power distribution systems to all equipment within data centres;
c) telecommunications infrastructure bonding;
d) lightning protection;
e) devices for the measurement of the power consumption and power quality characteristics at points along the power distribution system and their integration within management tools.
Safety and electromagnetic compatibility (EMC) requirements are outside the scope of this document and are covered by other standards and regulations. However, information given in this document can be of assistance in meeting these standards and regulations.
Conformance of data centres to the present document is covered in Clause 4.
The use of the data centre stored energy or alternate sources to be used by the grid is not in the scope of this document and is for consideration in future specifications.
This document specifies requirements and recommendations for the construction of buildings and other structures which provide accommodation for data centres based on the criteria and classification for “physical security” within ISO/IEC 22237-1 in support of availability.
This document specifies requirements and recommendations for the following:
a)location and site selection (taking in to account natural environment and adjacencies);
b)protection from environmental risks;
c)site configuration;
d)building construction;
e)building configuration;
f)provision of access;
g)physical intrusion protection;
h)physical fire protection;
i)protection against damage from water;
j)quality construction measures.
Safety and electromagnetic compatibility (EMC) requirements are outside the scope of this document and are covered by other standards and regulations. However, information given in this document can be of assistance in meeting these standards and regulations.
Conformance of data centres to the present document is covered in Clause 4.
a) describes the general principles for data centres upon which the requirements of the ISO/IEC22237 series are based;
b) defines the common aspects of data centres including terminology, parameters and reference models (functional elements and their accommodation) addressing both the size and complexity of their intended purpose;
c) describes general aspects of the facilities and infrastructures required to support data centres;
d) specifies a classification system, based upon the key criteria of “availability”, “security” and “energy-efficiency” over the planned lifetime of the data centre, for the provision of effective facilities and infrastructure;
e) details the issues to be addressed in a business risk and operating cost analysis enabling application of the classification of the data centre;
f) provides a reference to the operation and management of data centres.
The following topics are outside of the scope of the ISO/IEC 22237 series:
1) the selection of information technology and network telecommunications equipment, software and associated configuration issues are outside the scope of this International Standard;
2) quantitative analysis of overall service availability resulting from multi-site data centres;
3) safety and electromagnetic compatibility (EMC) requirements (covered by other standards and regulations. However, information given in this document can be of assistance in meeting these standards and regulations).
My fellowship significantly contributes to the ICT standards landscape by advancing the Biometric System-on-Card (BSoC) standards, particularly within the ISO/IEC 17839 series.
My contribution impacts European SMEs by providing clear guidelines for implementing Biometric System-on-Card (BSoC) technology. Standards promote interoperability, reduce costs, enhance trust, and foster innovation, enabling SMEs to compete effectively, access markets, and build credibility.
Impact on SMEs (7th Open Call)
My contribution impacts European SMEs by providing clear guidelines for implementing Biometric System-on-Card (BSoC) technology. Standards promote interoperability, reduce costs, enhance trust, and foster innovation, enabling SMEs to compete effectively, access markets, and build credibility.
Impact on society (4th Open Call)
The work supported societal impacts by enhancing security and privacy, facilitating access to services, supporting digital transformation, promoting innovation and economic growth, and protecting individual rights in the digital age.
Impact on society (7th Open Call)
The work supported societal impacts by enhancing security and privacy, facilitating access to services, supporting digital transformation, promoting innovation and economic growth, and protecting individual rights in the digital age.
The number of devices in these areas vastly outnumbers the number of human beings and this area is almost unprotected, which could have detrimental effects on our society. It is the hope that the project could be one way to enable a broader cybersecurity protection.
The involved standards are useful so that Europe is involved in this type of cybersecurity, which may affect future EU directives.
Impact on society (4th Open Call)
Every aspect of cybersecurity has a high priority. Access control needs to be timely in place to prevent unauthorised access.
Impact on society (6th Open Call)
This updated standard will allow users (relying parties) to access certificate information for the whole of Europe and be a significant contributor to the single market. The two priorities selected are cybersecurity and interoperability.
The whole scope of DPKI and the proposed access secure protocols are primarily related to cybersecurity. The proposed access protocol will use robust and trusted cryptographic algorithms to protect the protocols. It is prepared for migration to quantum resistant cryptographic algorithms (crypto agility).
In parallel, any communication protocol is designed for interoperability and the two proposed protocols are no exception. Interoperability is a necessity.
Work on ICT readiness is essential for organisations facing increasing risks and threats in an unstable environment when they rely more and more on ICT, supplying them guidance to gain more resilience to infrastructures and organisations.
With AI’s evolution, a growing need for AI ethicists to address ethical, social, and psychological queries is evident. One gap, however, lies in the absence of standardised competencies for these professionals, causing hesitation among organisations to embrace AI ethics.
Establish requirements and ethical guidelines for AI nudging, particularly for vulnerable groups providing requirements, definitions and methodologies that safeguard individual free will, benefiting organisations, and consumers.
Impact on SMEs (2nd Open Call)
The work on ethics helps SME to apply guidelines or choose qualified professionals in the AI ethics field.
Impact on SMEs (4th Open Call)
The ethical standards initiatives are particularly important for SMEs, as they provide the necessary guidance to address the residual uncertainties surrounding AI implementation.
Impact on SMEs (6th Open Call)
The ethical standards initiatives are particularly important for SMEs, as they provide the necessary guidance to address the residual uncertainties surrounding AI implementation. By helping SMEs employ competent ethicists, choose the right tools, and upskill the ethical awareness of developers, these efforts ensure that smaller enterprises can foster responsible innovation.
Impact on society (1st Open Call)
Using distributed morality mechanisms on multi-agent systems, we aim to mitigate risks and assist the industry in fostering an ethical ecosystem, thereby facilitating the implementation of EU regulatory requirements.
Impact on society (2nd Open Call)
Establishing a uniform language, processes, and ethical methods to regulate their application is paramount to avert unintentional harm and protect vulnerable demographics.
Impact on society (4th Open Call)
The ongoing work on sustainable AI is preparing organizations for compliance with forthcoming EU regulations on environmental sustainability.
CEN CENELEC JTC21 AI WG4 Foundational and societal aspects
ISO/IEC JTC1 SC 42 AI WG3 Trustworthiness
AFNOR ethics committee on AI
Impact on society (6th Open Call)
The development of the AI Trustworthiness Framework is highly significant as it directly supports the implementation of the EU AI Act. This framework establishes essential standards that will enable organisations to meet the legal requirements of the Act. Furthermore, the ongoing work on sustainable AI is preparing organizations for compliance with forthcoming EU regulations on environmental sustainability. These initiatives focus on creating AI systems that are energy-efficient and environmentally responsible, ensuring that businesses are not only able to meet the new regulatory standards.
Interoperability ensures that users can seamlessly navigate and interact within the Metaverse, breaking down barriers between different platforms and ecosystems.
