TC-11 Report to Council and TA 2006 21 February 2006 Leon Strous Chairman IFIP TC-11

PART I. General Assembly a. Meetings held and scheduled. • TC-11 held its' annual meeting on Sunday 29 May 2005 in Chiba, Japan, preceding the SEC2005 conference. Attendance: 20 members, 1 representative, 2 observers. Apologies: 21 members, 1 observer. Absent: 2 members. Resigned: 1 member. • The next annual TC meeting is scheduled for Sunday 21 May 2006 in Karlstad, Sweden, preceding the SEC2006 conference.

b. Changes in membership and officers Changes in officers No changes in officers since GA 2005. At the annual meeting in May, the second term of the chairman of wg 11.4 Network & distributed systems security will end.

TC membership changes since GA 2005: • Korea: Seung-Won Sohn (new member country) • Portugal: Pedro Manuel Barbosa Veiga (succeeding Luis Sousa Cardoso)

Currently TC-11 is missing representatives of the following IFIP full members (list of January 2006): Andorra, Botswana, Brazil, Bulgaria, Canada, Croatia, Ethiopia, Ireland, Israel, Lithuania, Malaysia, Mauritius, Nigeria, Oman, Poland, Russia, Sri Lanka, Syria and Thailand.

The representatives of Egypt, India and Singapore have not attended three consecutive meetings and the GA members of these countries will be contacted in order to get active participation.

c. Working groups In previous meetings of TC-11, the membership and membership rules of working groups has been extensively discussed. Slow but steady progress is being made by the working groups in establishing sound, international and active membership lists. In order to focus the approach in this respect, the strategy questions that have been sent to all TCs, have also been sent to all TC-11 working groups. TC- 11 expects to discuss the results during the annual meeting in May.

1. Wg 11.1 Information Security Management Officers: Chair: Steven Furnell, University of Plymouth, UK (first term, 2004 – 2007) Vice-Chair: Gurpreet Dhillon, Virginia Commonwealth University, Richmond, VA, USA (first term, 2004 – 2007) Secretary: Paul Dowland, University of Plymouth, UK (first term, 2004 – 2007)

1

Membership: The membership of the wg has been reconfirmed, and per end of January 2006 there are 30 members from 11 countries. Around a third of these are new members, not previously affiliated to wg 11.1.

Activities: A new website for the working group has been established, http://ted.see.plymouth.ac.uk/ifip, with some additional content and functionality compared to the previous incarnation. From the perspective of providing a useful contribution to the security community, the new site includes the facility for registered WG members to post articles online for public download. This provides a means for WG members to further promote their work, as well as the potential for the website itself become a useful resource for those interested in information security management topics. At the time of writing the facility is not being widely supported by the full WG membership, but further promotion will hopefully encourage this to increase.

The most significant activity undertaken to date has been the organisation of a joint working conference with WG11.5. The event, a Working Conference on Security Management, Integrity, and Internal Control in Information Systems, took place from 1-2 December 2005 in Fairfax, Virginia, USA, and associated proceedings have been published by Springer. Further details can be found at http://www.cs.uvm.edu/ifip11.1.5/

A collaboration has also been established with WG11.8, with whom we are running a Security Culture Workshop as part of SEC 2006. A successful call for papers has been issued, and six short papers selected for presentation and inclusion in the main SEC proceedings.

2. Wg 11.2 Small Systems Security Officers: Chair: Jan Verschuren, Ministry of the Interior, The Hague, Netherlands (second term, 2004 – 2007) Vice-chair: Erik Poll, University of Nijmegen, Netherlands Secretary: Erik de Vink, University of Eindhoven, Netherlands

Membership: The membershiplist of wg 11.2 is under revision.

Activities: Together with WG 8.8, WG 11.2 organises the 6th Conference on Smart Card Research and Advanced Applications (CARDIS), taking place 19 – 21 April 2006 in Tarragona, Spain.

3. Wg 11.3 Data and Application Security Officers: Chair: Pierangela Samarati, Universita degli Studi di Milano, Crema, Italy (second term, 2004 – 2007) Vice-chair: Secretary:

Membership:

2 The complete list of members and observers is available at: http://cimic.rutgers.edu/ifip113/

Activities: The proceedings of the annual conferences have been published in the form of a book by Kluwer. In 2004, for the 18th conference the working group switched from having post-conference proceedings to have proceedings available at the time of the conference. This solution made management of the publication easier and less expensive (not requiring pre-proceedings and mailing of the final books). Last year’s proceedings were published in the LNCS series.

4. Wg 11.4 Network & distributed systems security Officers: Chair: Bart De Decker, K.U. Leuven, Belgium (second term, 2003 – 2006) Vice-chair: Secretary: Michalis Georgiou, Cyprus College, Nicosia, Cyprus (first term, 2005 – 2008)

Membership: The membership list is under revision.

Activities: The wg will organize a workshop as part of SEC 2006.

5. Wg 11.5 Systems Integrity and Control Officers: Chair: Sushil Jajodia, George Mason University, Fairfax, VA, USA (second term, 2004 – 2007) Vice-chair: Michael Gertz, University of California, Davis, CA, USA Secretary: Sabrina de Capitani di Vimercati, Universita degli Studi di Milano, Crema, Italy

Membership: The membershiplist of wg 11.5 is under revision.

Activities: A joint 11.1 and 11.5 working conference on security Management, Integrity, and Internal Control in Information Systems was organized. It was held at George Mason University, Fairfax, Virginia, December 1-2, 2005. For additional info, go to http://www.cs.uvm.edu/ifip11.1.5/

6. Wg 9.6 / 11.7 Information Technology: Mis-use and the law Officers: Chair: Kai Rannenberg, Goethe University, Frankfurt, Germany (second term, 2005 – 2008, * in 2005 the wg changed from a situation with two co-chairs in 2002 to a situation with a chair and a vice- chair in 2005) Vice-chair: Albin Zuccato, Karlstad University, Karlstad, Sweden (first term, 2005 – 2008) Secretary: Judith Valdivia, Spain (first term, 2005 – 2008)

Although the current chair is representing TC-11, TC-9 will remain the TC with the administrative responsibility for this joint working group as agreed in September 2001 between the TC-9 and TC-11

3 chairs at that time. For an extensive report on this joint working group reference is made to the TC-9 report.

7. Wg 11.8 Information Security Education Officers: Chair: Daniel Ragsdale, United States Military Academy, West Point, NY, USA (first term, 2005 – 2008) Vice-chairs: Natalia Miloslavskaya, Moscow Physics Engineering Institute, Russia (first term, 2005 – 2008) Lynn Futcher, Nelson Mandela Metropolitan University, South Africa (first term, 2005 – 2008) Secretary: Ronald Dodge, United States Military Academy, West Point, NY, USA (first term, 2005 – 2008)

Membership: The issue of membership rules and establishing an active membership list will be taken up in the forthcoming period.

Activities: WG 11.8 organized a successful working conference in cooperation with wg 11.5 on 1-2 November 2005 in Fairfax, Virginia, USA.

WG 11.8 organizes in cooperation with wg 11.1 a workshop on security culture during SEC 2006.

The wg will have the Fifth World Conference in Information Security Education WISE5 in the USA, to be hosted by the Westpoint Military Academy, New York, in May 2007. The Chair of the conference will be Daniel Ragsdale.

8. Wg 11.9 Digital forensics Officers: Chair: Indrajit Ray, Colorado State University, Fort Collins, Colorado, USA (first term, 2004 – 2007) Vice-chair: Mark Pollitt, Digital Evidence Professional Services, Ellicott City, Maryland, USA (first term, 2004 – 2007) Secretary / Treasurer: Sujeet Shenoi, University of Tulsa, Tulsa, Oklahoma, USA (first term, 2004 – 2007)

Membership: IFIP Working Group 11.9 has two membership categories, members and observers. IFIP WG 11.9 has 50 members as of February 2006. The majority of the members (35) are from the United States; the others are from Australia (1), France (2), Japan (1), Norway (1), South Africa (9) and the United Kingdom (1). More non-US members are expected to join the group in the forthcoming years. IFIP WG 11.9 has 25 observers as of February 2006. Most of the observers (17) are from the United States; the others are from Japan (4), South Africa (1), Taiwan (2) and the United Kingdom (1).

Activities: The working group organizes annual conferences for the research community. In addition it hosts technology transfer workshops to showcase advances in digital forensics research and practices to the

4 law enforcement, inspector general and intelligence communities and to solicit input on research trends and needs.

The proceedings of the first annual international conference were published in November 2005. Advances in digital forensics. First IFIP WG 11.9 International conference on Digital forensics, Mark Pollitt / Sujeet Shenoi, Springer (SSBM), ISBN 0 387 30012 0, 332 pages.

The 2005 Technology Transfer Workshop on Digital Forensics was held at Johns Hopkins University (Columbia, Maryland, USA) on June 9-10, 2005. This two-day workshop included seven presentations delivered by wg members. In addition, a moderated discussion on Research Needs and Technology Transfer was organized.

The Second Annual IFIP WG 11.9 International Conference on Digital Forensics was held in conjunction with the annual meeting of IFIP Working Group 11.9 at the National Center for Forensic Science in Orlando, Florida from January 29 – February 1, 2006. The purposes of the three-day conference were: i) to provide a forum for the international digital forensics community to discuss the current status of research and practice in the discipline; ii) to enable participants to expand their knowledge in digital forensics through personal contact with other researchers and practitioners, and iii) to disseminate widely the results of the conference and accompanying discussions, including original research, practical experiences and innovative ideas in digital forensics. The proceedings will be published in the course of 2006 by Springer Science & Business Media. The conference was well attended with 64 participants, including 21 from outside USA (Australia, Japan, Taiwan, UK and South Africa). Papers presented numbered 31 (selected out of 50 submissions) and were 2/3 from USA and 1/3 from other countries. The group is working hard to further increase the international participation.

d. Events Past events: see annex 3 for an overview of the events since GA 2005. Planned events: see annex 3 for an overview of the planned events.

e. Publications Proceedings: see annex 3 for an overview of the published proceedings for events. Other publications: • The journal Computers & Security started in January 1982, is published by Elsevier and is the official journal of TC-11 since November 1983. Dimitris Gritzalis from Greece is the dedicated TC-11 editor in the editorial board. • Working group 11.9 on Digital Forensics is in contact with Elsevier concerning options for a relationship with their new journal Digital Investigation which just started in 2004.

f. Progress and status At the meeting in May a number of strategic issues for TC-11 will be (further) discussed: • Strategic questions with respect to target audience, products, etcetera (following the general IFIP discussions on strategy). This may lead to the revision of aims and scope and will facilitate a more focused approach and marketing possibilities. • Cooperation with IFIP groups / joint events. 5 • Cooperation with other non-profit organizations. • Cooperation with commercial organizations. • IFIP Schools. • Certification of IT security professionals.

g. TC meeting attendance No meeting since GA 2005. For a complete overview of meeting attendance since 1990 see annex 2.

h. Any other items The Kristian Beckman Award was established in 1992 by TC-11 to commemorate the first chair of the committee. The objective of the award is to publicly recognize an individual who has significantly contributed to the development of information security, especially achievements with an international perspective. The 2006 edition has been awarded to Butler Lampson from the UK.

i. Website The website of TC-11 is http://www.ifip.tu-graz.ac.at/TC11

6

PART II. Technical Assembly a. Changes of TC/WG aims and scopes No changes in aims and scopes, pending the strategy discussion TC-11 will have in May (based on the strategy issues document that has been distributed to all TCs earlier this year). b. Proposals for establishment/discontinuation of wg's TC-11 proposes the establishment of a new working group: - Wg 11.10 Critical Infrastructure Protection See annex 4 for the full proposal.

Proposals for two other new working groups are in an advanced stage: - Wg 11.6 Identity Management - Wg 11.11 Trust Management These proposals will be discussed at our annual meeting in May and submitted for approval to TA in August 2006. c. Strategic issues for TC-11 The strategic issues for TC-11 in the near future have been listed under f. in Part I. of the report. e. Other matters No other matters.

7 Annex 1. Membership per 11 February 2006

Country Name Role Argentina Enrique A. Chaparro Country representative Australia William J Caelli Member ex art. 4.3.2.b (Bylaws) Australia Vijay Varadharajan Country representative Austria Ingrid Schaumüller-Bichl Country representative Austria Herbert Leitold Webmaster Belgium Bart de Decker Country representative, Chair WG 11.4 Chile Marcos Kiwi Country representative China Sihan Qing Country representative Cyprus Philippos Peleties Country representative Czech Republic Dagmar Brechlerova Country representative Denmark Jørn Knudsen Country representative Egypt Mahmoud T. El-Hadidi Country representative Finland Teemupekka Virtanen Country representative France Yves Deswarte IEEE-CS representative France Michel Dupuy Country representative Germany Hartmut Pohl Country representative Germany Kai Rannenberg Member ex art. 4.3.2.b (Bylaws), CEPIS repr., Vice- Chair TC-11, Chair wg 9.6 / 11.7 Greece Dimitris Gritzalis Country representative Hungary György Papp Country representative India Ashok Pawar Country representative Italy Pierangela Samarati Country representative, Chair WG 11.3 Japan Ryoichi Sasaki Country representative Korea Seung-Won Sohn Country representative Netherlands Leon Strous Country representative, Chair TC-11 Netherlands Jan Verschuren Chair WG 11.2 New Zealand Lech Janczewski SEARCC representative, Secretary TC-11 Norway Annikken Seip Country representative Portugal Pedro Manuel Barbosa Veiga Country representative Singapore Lam Kwok Yan Country representative Slovak Republic Jozef Vyskoc Country representative Slovenia Tatjana Welzer Country representative South Africa Jan Eloff Member ex art. 4.3.2.b (Bylaws) South Africa Rossouw von Solms Country representative, WG coordinator Spain Javier López Country representative Sweden Louise Yngström Country representative Switzerland Stephanie Teufel Country representative UK Steven Furnell Chair WG 11.1 UK William List Country representative USA Sushil Jajodia Chair WG 11.5 USA Carl E. Landwehr ACM representative USA Daniel Ragsdale Chair WG 11.8 USA Indrajit Ray Chair WG 11.9 Zimbabwe Geoff Fairall Country representative

8 Annex 2. TC-11 meeting attendance

Country / Year 90 91 92 93 94 95 96 97 98 99 00 01 02 03 04 05

Argentina A A Australia + + + + + + A + + + + A A A A + Australia (2) + + + A A + Austria + + + + + + + + A A A + + Belgium + + + + + + + Bulgaria A + T Canada + + + + + + + + X Chile A A China + + + + + + + + + + A + A + + Cyprus + + A Czech Republic + A Denmark + A + + + + + A A A + A A + + Egypt A + A + A + + + A A A Finland + + + + + A + + + + + + + + + + France A + + + + + A + + A + A Germany + + + + + + + A A A + + + Germany (2) / CEPIS + + + + + + + + Greece A A + + + A A A + + + + A A Hungary + + + + + + + + + A + A A India A A A A + A N N Ireland + + T Israel + A X Italy A + A + A + A + + A + A A Japan + + + A + + A A + + + + + + + + Korea Netherlands + + + + + + + + + + + + + + + + New Zealand + + + + + + + + + + + X New Zealand / SEARCC + Norway + + + Poland T Portugal N A N Singapore + T A N N Slovakia + A + A + + A Slovenia + A + + A Spain + A + + + + A A X + + South Africa + + + + + + + + + + + + A A + + South Africa (2) + A + A A Sweden + + + + + + + + + + + A + + + A Switzerland + + + A A + + + + + + + + + + A Tunisia + N N N T United Kingdom + + + + + + + + + A A + + + + + USA (FOCUS) + + A + + + A + USA (ACM) A + A A A A + + USA (IEEE CS) + + + + + A + Zimbabwe + A A + A + + + A + + + A A

9

wg 11.1 + + + + + + + A wg 11.2 + + + + + + + A wg 11.3 + + + + A + A A wg 11.4 D D + + + + + + wg 11.5 + + + + + + + A wg 9.6 / 11.7 S S S + + + + + wg 11.8 + + + A A A + A wg 11.9 + + Country / Year 90 91 92 93 94 95 96 97 98 99 00 01 02 03 04 05

+ = attended A = apologies X = resigned T = terminated N = absent without notice D = working group was dormant S = wg 9.6 and 11.7 were separate working groups, wg 11.7 was dormant at that time, the joint wg 9.6 / 11.7 was established in 2001

The data for the working group attendance before 1998 still have to be completed.

10 Annex 3. Events and publications

TC-11 activities since GA 2005

WHEN WHO WHAT WHERE PROCEEDINGS

19-21 TC-6 / TC-11 CMS 2005 Salzburg, Communications and multimedia security (Jana September 2005 Conference Austria Dittmann / Stefan Katzenbeisser / Andreas Uhl, ISBN 3 540 28791 4, LNCS 3677, 2005) 26-28 October TC-6 / TC-8 / I3E Poznan, Challenges of Expanding Internet: E-Commerce, 2005 TC-11 Conference Poland E-Business, and E-Government (Matohisa Funabashi / Adam Grzech, ISBN 0 387 28753 1, 2005) 1-2 December WGs 11.1 / Security Fairfax, VA, Security Management, Integrity and Internal 2005 11.5 Management, USA Control in Information Systems (Paul Dowland / Integrity, and Steven Furnell / Bhavani Thuraisingham / X.S. Internal Control in Wang, ISBN 0 387 29826 6, 2005) Information Systems working conference 29 January – 1 Wg 11.9 Second Annual IFIP Orlando, To be published in 2006. February 2006 WG 11.9 Florida, USA International Conference on Digital Forensics

11

TC-11 activities planned

WHEN WHO WHAT WHERE URL

19-21 April 2006 Wg 8.8 / Wg CARDIS’06 Tarragona, Spain http://www.informatik.uni- 11.2 conference hamburg.de/SVS/cardis/ 22-24 May 2006 TC-11 SEC 2006 Karlstad, Sweden http://www.sec2006.org Conference 22 May 2006 Wg 11.1 / Wg Security culture Karlstad, Sweden http://ted.see.plymouth.ac.uk/ifip/ 11.8 Workshop as part http://www.sec2006.org of SEC 2006 24 May 2006 Wg 11.4 I-Netsec 06 Karlstad, Sweden http://www.sec2006.org Working conf. as part of SEC 2006 31 July – 2 August Wg 11.3 Data and Sophia Antipolis, http://cimic.rutgers.edu/ifip113/2006 2006 applications France security XX Working conf. 20-25 August 2006 TC-11 Security stream Santiago, Chile http://www.wcc-2006.org in WCC 2006 World computer Congress TC-6 / TC-11 CMS 06 Crete, Greece Working conf. 11 – 13 October TC-6 / TC-8 / I3E 2006 Turku, Finland http://ww.tukkk.fi/i3e 2006 TC-11 Conference

January 2007 Wg 11.9 3rd International Conference on Digital Forensics Working conf. May 2007 Wg 11.8 WISE 5 New York, USA Working conf. 14 – 16 May 2007 TC-11 SEC 2007 Johannesburg, Conference South Africa August / September TC-11 SEC 2008 Milan, Italy 2008 Conference / part of WCC 2008

12 Annex 4. Proposal for a new working group

IFIP Working Group 11.10 Critical Infrastructure Protection

1. Motivation The “information infrastructure” – comprising computers, embedded devices, networks and software systems– is vital to day-to-day operations in every sector: agriculture, food, water, public health, emergency services, government, defense, information and telecommunications, energy, transportation, banking and finance, chemicals and hazardous materials, and postal and shipping. Global business and industry, governments, indeed society itself, cannot function effectively if major components of the critical information infrastructure are degraded, disabled or destroyed. Starting in the late 1990s, several countries launched critical infrastructure protection efforts. These efforts grew in size and scope in the aftermath of the September 11, 2001 terrorist attacks. Practically every developed country instituted sustained infrastructure protection programs within the various sectors, and undertook strong efforts to understand the interdependencies between sectors. But the information infrastructure is a global resource, and serious attempts must be made to draw the international community – governments, private sector entities and researchers – to the shared task of critical infrastructure protection. The United States, the European Union and other countries are cooperating on several major initiatives related to critical infrastructure protection. However, these international initiatives mainly involve governmental and quasi-governmental agencies and the private sector. Few efforts have engaged academia and the larger international research community to address scientific and engineering problems that are crucial to securing the global information infrastructure. The proposed IFIP Working Group 11.10 on Critical Infrastructure Protection seeks to fill this void. IFIP WG 11.10 will attempt to engage the international information security research community to work together on applying scientific principles and engineering techniques to address current and future problems in information infrastructure protection. In addition to engaging the research community, IFIP WG 11.10 will strive to draw other interested parties (government agencies, infrastructure owners, operators and vendors, and policy makers) in a constructive dialog on critical infrastructure protection. IFIP WG 11.10 will endeavor to cooperate with other IFIP TC 11 working groups, which have had extensive experience engaging the international security research community. In particular, IFIP WG 11.10 will attempt to interact with WG 11.1 (Security Management), WG 11.2 (Small Systems Security), WG 11.3 (Data and Applications Security), WG 11.4 (Network Security) and WG 11.5 (Systems Integrity and Control) on information assurance initiatives. IFIP WG 11.10 will strive to support the legal, policy and educational efforts being spearheaded by WG 11.7 (Technology Misuse and the Law) and WG 11.8 (Information Security Education), and the incident response mission of WG 11.9 (Digital Forensics). Furthermore, WG 11.10 will reach out to other IFIP working groups, especially WG 10.4 (Dependable Computing and Fault Tolerance); the proposed collaboration will be enhanced by the fact that William Sanders, former WG 10.4 Vice Chair, is a charter member of WG 11.10.

2. Aims The principal aim of IFIP WG 11.10 is to weave science, technology and policy in developing and implementing sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. Information infrastructure protection efforts at all levels – local, regional, national and international – will be advanced by leveraging the WG 11.10 membership’s strengths in sustained research and development, educational and outreach initiatives.

3. Scope The scope of IFIP WG 11.10 is: • To identify information security challenges and implementation issues that are common (as well as unique) to infrastructure sectors.

13 • To elucidate the interdependencies existing between infrastructure sectors and their information security implications. • To identify core security principles and techniques that can be applied to address problems in information infrastructure protection. • To develop sophisticated information infrastructure protection solutions that blend scientific methods, engineering techniques and public policy.

4. Planned Activities IFIP WG 11.10 will host an annual international conference as well as one or more technology transfer workshops each year.

• International Conference The Annual IFIP WG 11.10 International Conference will provide a forum for presenting original, unpublished research results and innovative ideas related to information security and critical infrastructure protection. The annual conference will attract key members of the community – researchers, infrastructure owners, operators and vendors, and policy makers – to examine the current state of research and practice in the discipline, analyze problems and trends, and discuss potential solutions. Each conference will be organized around a specific theme based on the interests of the WG 11.10 membership and pressing research issues related to critical infrastructure protection. To maintain an intimate working group atmosphere and enhance personal interactions between researchers and practitioners, the annual conferences will be limited to 50-60 attendees. WG 11.10 will disseminate, to the widest possible extent, the results of each annual conference and the accompanying discussions, including original research, practical experiences and innovative ideas in critical infrastructure protection. Research results from the annual IFIP WG 11.10 conferences will be published by Springer (New York) as books in the new (TC-11) series, Critical Infrastructure Protection: Issues and Solutions. In addition, selected papers from the conferences will be published in special issues of scholarly journals.

• Technology Transfer Workshops Between one to three technology transfer workshops will be organized each year to showcase advances in critical infrastructure research and practice to the larger community of stakeholders, and to solicit input on research trends and needs. The technology transfer workshops will provide important visibility for WG 11.10, while ensuring that the research results related to critical infrastructure protection have practical application. To allow for effective interactions, workshop attendance will be limited to approximately 60 invited participants.

5. Proposed Officers Officers of IFIP Working Group 11.10 will include: a Chair, Vice Chair and Secretary. • Chair: Sujeet Shenoi, University of Tulsa, Tulsa, Oklahoma, USA Sujeet Shenoi, the F.P. Walter Professor of Computer Science at the University of Tulsa, has strong research experience in several aspects of critical infrastructure protection, especially telecommunications security and DCS/SCADA system security. His research in these areas has been supported by the U.S. Departments of Commerce, Defense, Homeland Security and Justice. He has interacted with several industry and government entities from the U.S. and other NATO countries. Professor Shenoi also has extensive experience with IFIP Working Groups. He has been actively involved in WG 11.3 (Data and Applications Security) since August 1994. In 2004, he spearheaded the creation of WG 11.9 (Digital Forensics) and currently serves as the Secretary of this active and energetic working group. • Vice Chair: Eric Goetz, Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire, USA Eric Goetz, Assistant Director for Research and Analysis at the Institute for Information Infrastructure Protection (I3P) at Dartmouth College, has extensive experience in various areas of critical infrastructure protection. He currently coordinates and oversees the I3P’s national research and analysis efforts related to protecting process control systems in the oil and gas industry and gaining a better understanding of the economics of information security. Mr. Goetz has worked closely with government and businesses leaders from the U.S., Europe and Asia. He has conducted analyses of vulnerabilities and threats affecting critical infrastructures, including the information and telecommunications, electric energy, transportation and 14 banking and finance sectors. His research has been supported by the U.S. Departments of Commerce, Homeland Security and Justice. • Secretary: To be determined.

6. Membership Categories IFIP Working Group 11.10 will have two membership categories: members and observers. No membership fees will be levied on members and observers. • Members: IFIP WG 11.10 members are expected to be qualified researchers, practitioners and/or educators with strong interests and experience in critical infrastructure protection. Members will be nominated by the Working Group Chair, subject to IFIP approval. Members are expected to participate in Working Group activities. At a minimum, members must present a paper at a WG 11.10 conference or workshop, or take an active role in the organization of a conference or workshop at least once every three years. A three-year period of inactivity is taken to indicate that a member is no longer interested in the technical area. • Observers: IFIP WG 11.10 observers are expected to be qualified researchers, practitioners and/or educators with interests and/or experience in critical infrastructure protection. Observers will be nominated by the Working Group Chair, subject to IFIP approval. Individuals attending or presenting papers at WG 11.10 conferences or workshops will be offered observer or member status. Observers who do not attend at least one WG 11.10 event every three years will lose their status. A three-year period of inactivity is taken to indicate that an observer is no longer interested in the technical area.

7. Charter Members The following individuals have agreed to serve as Charter Members of IFIP WG 11.10: • Robert Bruce, Dartmouth College, USA • Eric Byres, British Columbia Institute of Technology, Canada • Andrew Clark, Queensland University of Technology, Australia • Benjamin Cook, Sandia National Laboratories, USA • Robert Cunningham, MIT/Lincoln Laboratories, USA • Matthew Devost, Terrorism Resource Center, USA • Paolo Donzelli, Prime Minister’s Office, Italy • Myriam Dunn, Swiss Federal Institute of Technology, Switzerland • Scott Dynes, Dartmouth College, USA • Adrian Gheorghe, Swiss Federal Institute of Technology, Switzerland • Eric Goetz, I3P/Dartmouth College, USA • Seymour Goodman, Georgia Tech, USA • Yacov Haimes, University of Virginia, USA • Jeffrey Hunker, Carnegie Mellon University, USA • Maitland Hyslop, Northumbria University, UK • Stig Johnsen, SINTEF, Norway • John Kluver, Industry Canada, Canada • Les Labuschagne, University of Johannesburg, South Africa • Shari Lawrence-Pfleeger, RAND, USA • Ulf Lindquist, SRI International, USA • Javier Lopez, University of Malaga, Spain • Eric Luiijf, Clingendael Center for Strategic Studies and TNO Defence, The Netherlands • Marcelo Masera, European Commission, Joint Research Centre, Italy • Wayne Meitzler, Pacific Northwest National Laboratories, USA • Martin Olivier, University of Pretoria, South Africa • Mauricio Papa, University of Tulsa, USA • Jeffrey Picciotto, MITRE, USA • Christine Pommerening, George Mason University, USA • William Sanders, University of Illinois, USA • Tillman Schulze, EBP, Switzerland • Sujeet Shenoi, University of Tulsa, USA

15 • Malcolm Shore, University of Canterbury, New Zealand • Jill Slay, University of South Australia, Australia • Craig Valli, Edith Cowan University, Australia • Duminda Wijesekera, George Mason University, USA • Rae Zimmerman, New York University, USA

16