Through a Standards Watch, StandICT.

eu will analyse and monitor

the international ICT standards landscape and liaise with Standards
Development Organisations (SDOs) and Standard Setting
Organisations (SSOs), key organisations such as the EU
Multistakeholder Platform for ICT Standardisation as well as
industry-led groups, to pinpoint gaps and priorities matching EU
DSM objectives.
These become the topics for a series of 8 Open calls focused on
priority domains and a continuous cascading grants process,
launched by StandICT.eu from March 2018, providing support for
European specialists to contribute to ongoing standards
development activities, and attend SDO & SSO meetings.
Find out more about the 8th StandICT.eu Open Call below and
follow the instructions to apply.

The proposals will also have to clearly demonstrate:

Added value to existing SDO activities;
Impact of work on European interests and the
standard in question;
Expertise of the applicant in the respective priority
area;
Expertise of the applicant in standardisation, e.g.
previous contributions to standards developments,
participation in other groups working on architectures,
APIs, guidelines in the respective priority area.

Please note for the avoidance of doubt that the expert’s

applications should be related to activities or events within
SDOs such as ISO, IEC, UNCEFACT, ITU, ISO/IEC JTC-1, IETF,
IEEE, W3C, OASIS, ECMA international, OMA, OMG, etc., as well
as global projects like 3GPP and oneM2M (where ETSI is a
partner) for any of the topic priorities. As such, Experts
applying for participation and/or contributions to NSOs or ESOs
will normally be rejected during the evaluation phase, unless
clear evidence is shown that the former is relevant or linked to
broader international cooperation or initiative in which the
NSO or the ESO takes part.
Evaluations (for each proposal) will be performed using the
following 4-criteria principle (score 1 to 10):
Criterion 1: Soundness of the proposal and foreseen
impact on European strategy (30%);
 Criterion 2: Technical excellence & adherence to the
standardisation requirements and SDO activities (30%);
Criterion 3: Experience and qualifications of the
applicant (20%);
Criterion 4: Economics of the proposal (20%)
The proposals final scoring and the ranking final score will be
automatically determined by averaging scores provided by the
3 independent evaluators.

APPLICATION FORM
2 CONCEPT, OBJECTIVES AND APPROACH
2.1 Describe the objectives and concept behind the proposed
activity

In line with the 8th StandICT.eu call, the objective of the

activity that the applicant will carry out is that of supporting
EU in the ICT Standardisation scene, and more specifically in
the domain of Internet of Things. In this domain, security and
privacy are gaining more and more attention by industry and
academia because of the repercussion of having billions of IoT
devices connected to the Internet and exposed to different
threats and vulnerabilities. For this reason, standardisation
bodies plays and important role so as to promote the adoption
of different security technologies at IoT level, not as
complementary issue, but from the beginning of the design
phase.

In this scope, secure bootstrapping of IoT devices, as well as

the integration of authorization and access control mechanism
are my main target topics to be addressed during my proposed
activity. Additionally privacy, in terms of data encryption is
also considered.

2.2Explain the envisioned area and relevance of the

targeted ICT standards development activity and/or the
gap(s) addressed from a European perspective
Resuming the objective already established before,
security in the IoT domain is the area targeted by my
proposal. The development of standard mechanisms for
a secure bootstrapping of IoT devices, as well as the
integration of access control technologies for securely
manage the information and operation of IoT devices is
something worth standardizing. In this area, different
techniques such as CoAP + EAP, PANA + EAP has been
studied and can provide value to the standardisation
activity in this domain.

Additionally, the experience obtained so far in the ETSI

ISG CIM group which put the focus in Context
Information can be relevant for this domain.

2.3 Summarise your expertise in the chosen priority

area your broader expertise in standardisation (e.g.
previous contributions to standards developments,
participation to other WGs, publications)

I have dedicated a lot of years in the study of different

access control mechanism, not only in IoT, but also in
the environment of mobile ad-hoc networks (MANETs).
In addition, my PhD dissertation contributed to the
efficiency in access control mechanisms applied to
Vehicular Networks ( a specific sort of MANETs).
Additionally, during the last years I’ve been
contributing in the domain of IoT applied to the Smart
City domain. In this sense, I’ve obtained a lot of
experience in managing and integrating lightweight
protocols usually employed by IoT devices such as
CoAP, MQTT plus different access control mechanism,
such as PANA, and EAP.

Additionally, the experience obtained so far thanks to

the work in Odin Solutions (SME) in this domain allowed
me to gain experience and expertise in Smart Cities
solutions. Studying and assessing the whole stack, from
IoT level to Context Information.

Finally, the work carried out in different research

projects during my whole career, and more specifically,
thanks to the most recent ones. I have joined the ETSI
ISG CIM group where I’ve taken the role of Rapporteur
for the Work Item 007 related to security and privacy.

3.1 Describe the expected impact of the proposed

activity on the chosen priority of the call and on
European interests in more general terms

With my proposal I expect to contribute to the

standardisation bodies with the experience and
expertise mentioned before. The point of view of SMEs
is something that must be considered in addition to
other points of view like academia, since it provide a
more real view of the adoption of the technologies and
methods. Additionally, this point of view can introduce
other variable to be considered such as the penetration
of specific technologies in the markets, or their
maturity level.

I would like to contribute with the expertise and

experience obtained so far thanks to both areas
research and production so as to promote new
standards in security and privacy for the IoT domain.

3.2 Indicate what is the added value of the proposed

activity to targeted SDO & ICT standardisation
processes

The value added that my proposed activity provides

relies on the experience obtained so far in both
research and production domains. I have been working
in security and privacy mechanisms at IoT level.
Additionally, my experience obtained thanks to my
collaboration inside the ETSI ISG CIM, as well as being
responsible for the security and privacy work item
inside this group is something to be considered.

3.3 Describe the workplan with the envisioned timeline:

Please note that the timeline must not run beyond the
31st of December 2019

Dedication:

- September: 4 weeks

- October: 5 weeks

- November 4 weeks

- December: 2 weeks

Tasks to be carried out:

- Review of documentation provided in each of the SDOs. I will dedicate

about 10 hours per week approximately.Â

- Weekly or By-weekly audio meetings for the aforementioned topics of 1

hour of duration on average.

- Attendance to about 2 physical meetings for discussion and agreements.

3.3 Describe the operational mode of the hosting SDO,

SSO, national bodies e.g., openness of the processes,
the type of membership and foreseen contribution

SDOs usually propose regular audio-meetings for

tracking the work carried out by that moment, and the
proposition of new work items. So that people could
progress in the specific and selected work items.

Additionally, physical meetings are usually a

requirements which can take place from two two four
per year.
Although I expect to contribute in the revision of
different drafts and final documents already agreed by
the SDOs, my contribution is not limited to this task,
which can be extended to a more participatory way
contributing more actively in the security and privacy
topics for IoT level.

3.4 KPIs
Attendance to regular meetings
Attendance to physical meetings
Participation in the discussion and proposals during the
SDOs
Quality of the documents after revision

4. Please detail the funding required and related

estimated costs

The dedication expected for this task has been already defined by
dedicating at least 10 hours per week. Additionally, The attendance to
physical meetings implies the use of public transportation as well as
flights so as to arrive to the different SDOs facilities.

For this reason:

The estimated work for this proposal is about 150 hours, plus the trips for
physical meetings.