SCOTT:SCOTT-Netherlands exchange certification

= Goals to achieve with comments = Get to know each other.
 * Thanks for the meeting, and the explanations. We experienced a range of activities for further collaboration.

Get a first understanding of the work done by “Zeker Online” / “Partnering Trust” and the parties involved.
 * The presentation of "partnering trust" and the "multi-layer framework" allows for trusted partner relations on different levels.
 * .1 Future discussions might address to what degree IoT will put different requirements on the framework
 * .2 One of the discussions on future developments is the need for continuous monitoring to elaborate potential security risks. Through SCOTT we collaborate with F-Secure (FI) on a monitoring service for the home, converting the F-Sense device into an SaaS.
 * .3 we also discussed briefly the monitoring of traffic in the Norwegian Smart Grid network

Explain SCOTT and its key objectives in this field. Identify opportunities for further cooperation.
 * SCOTT is about secured connected and trustable things. About 25 demonstrators and use case mainly address the increase of security in wireless communications in the selected domains. In addition, SCOTT has introduced the following new concepts, as presented in [[Media:201801SCOTT-Privacy_Label.pdf]]
 * Measurable Security and Security Classes, addressing exposure and impact as compared to frequency and impact as in traditional risk analysis. The main reason is that IoT devices might only be attacked once (thus low frequency), but the risk remains all the time. Future discussions might address
 * Trust framework, combining technical and sociological parameters for enhancing trust. The trust framework is going to be applied to selected use cases.
 * Regarding Privacy Label (A-F), the idea is to make privacy visible to customers, and thus it part of the decision process when buying devices or services. Current discussions are on the understanding what the specific privacy labels address (see ongoing discussions in the presentation). Future discussions might address the understanding of the label (A-F), as well as the technical implementation and the audit regarding the devices.
 * please see the ideas above. While SCOTT addresses potential solutions, the path to market and certification issues might be part of the future collaborations.
 * In addition, the alliance of projects working with the same objectives should be pursued.

Define follow-up actions (e.g. share documents, organize a F2F meeting, …)
 * invitation to follow-up meeting (define topics first, or invite directly for a F2F meeting).
 * IT week envisaged in the week of 17Apr2018 in Den Haag

= Agenda =
 * 15.00    Welcome / goals of meeting [Ewout].
 * 15.05    Round table get to know each other [All].
 * 15.20    Introduction of “Zeker Online” / “Partnering Trust” [Jelle, Bianca, …]
 * 15.50    Introduction of SCOTT and ambitions around trust, privacy labelling and measurable security [Werner, Josef]
 * 16.10    Discussion & next steps
 * 16.30    Close


 * Welcome
 * Table round
 * end of meeting
 * end of meeting