This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy
Transparency
Huawei Cyber Security Transparency Centre
Committed to Securing Our Shared Digital Future
An open, digital, and prosperous world requires a secure and trustworthy digital environment that meets the challenges of today and tomorrow. In the face of the increasing numbers of cyber security challenges, Huawei has decided to take on its role as leading global ICT solution provider and respond with its first Cyber Security Transparency Centre to help build that environment to support the Digital Markets.
Established in Brussels, with an overall surface of 1000 m² spread over two floors, the Brussels Huawei Cyber Security Transparency Centre officially opened its doors on March 5, 2019. As a city, and as an institution, Brussels reminds us of what collective effort and a clear vision can achieve. As people, as organisations, as companies, Huawei strongly believes that we are always more effective when we work together.
This centre provides a platform to enhance communication and joint innovation with all stakeholders, public and private. It also provides a technical verification and evaluation platform for our customers.
Openness, Transparency and Collaboration are the three words driving this project. Through open collaboration with ecosystem partners, we create lasting value for our customers, working to empower people, enrich home life, and inspire innovation in organizations of all shapes and sizes.
Cyber Security Challenges
One elemental property for Cyber Security is to ensure trust everywhere. Trust is the foundation for the digital world to prosper. But trust is not easy to build in this environment.
New developments in cloud computing, intelligence, and software-defined everything are posing unprecedented challenges to the cyber security of ICT infrastructure. The lack of consensus on cyber security, technical standards, verification systems, and legislative support further exacerbates these challenges. Safeguarding cyber security is considered to be a responsibility held by all industry players and society as a whole. Growing security risks are significant threats to the future digital society.
New more sophisticated cybersecurity threat trends have been highlighted in recent years. First, ransomwares pose the most challenging threat for cyber security, IT and data professionals, involving monetary demands up to millions of dollars. Second, while Artificial Intelligence can assist in the defense against incoming cyber-attacks, AI can also be intelligently utilized to initiate novel more sophisticated types of network attacks. Third, the Internet-of-Things (IoT), while ensuring personal devices are continuously interconnected, also exposes users to more cyber threats, specifically due to the insufficiently secured web interfaces, data transfers, authentication methods, and a lack of consumer awareness. Fourth, with blockchain, it is still difficult to fully understand what the clear direction for blockchain-enabled cyber security will be, but it will certainly never be the same. Finally, the rise of 5G will generate new businesses, new architectures and new technologies which will pose new challenges to security and privacy protection.
Security is a necessary enabler for business continuity, but faces a more significant and intelligent threat landscape.
How the HCSTC Can Help
The Huawei Cyber Security Transparency Centre aims at addressing European objectives and needs, as well as sharing important technical information on our solutions to cyber security threats and vulnerabilities.
The Huawei Cyber Security Transparency Centre is to be a platform for collaboration on cyber security innovations, certifications and standards across the industry.
Through the Cyber Security Transparency Centre, we plan to increase communication and collaboration with security professionals, governmental agencies, customers and other industry stakeholders, in order to develop a secure and trusted digital environment supporting Europe’s Digital Single Market.
Experience & Communication
The establishment of the Brussels Cyber Security Transparency Centre demonstrates Huawei's commitment to all stakeholders across Europe, public and private, and intent to facilitate cyber security collaboration.
Showcase Huawei's end-to-end cyber security practices, from strategies and supply chain to R&D and products and solutions through presentations, videos, demos, etc.
Experience cyber security with Huawei's products and solutions, in areas including 5G, IoT, cloud, etc.
Collaboration & Innovation
Communicate with key stakeholders on cyber security practices, to explore and promote the development of security standards, verification mechanisms, and technological innovation in cyber security across the industry.
Collaborate with industry organizations (i.e. GSMA, C4C WEF) and standard organizations (3GPP, IETF, ITU-T), to promote and develop security standards and verification mechanisms.
Collaborate and innovate jointly with the EU cyber security verification organizations (ENISA, BEREC, etc.).
Collaborate with industry and EU regulators to establish verification partnerships and promote industry innovation.
Verification & Evaluation
Provide a product security testing & verification platform to Huawei customers.
Provide testing and validation environment and platform for products and solutions to customers, including white box and black box security. It can simultaneously carry out 5 projects of products and platform.
Cooperate with industry to validate the security validation standards, such as testing and reviewing test standards documentation.
Cooperate with industry organizations, such as GSMA, to validate industry verification mechanisms.
Future Direction
Over the past 30 years, Huawei has served more than three billion people around the world. We support the stable operations of more than 1,500 carrier networks in over 170 countries and regions. In this time, we have maintained a solid track record in cyber security.
Looking to the future, we want to do more. We will keep investing in our cyber security and technical capabilities. We also commit to working more closely with all stakeholders, including regulators, carriers, and standards organizations in an open and transparent manner, to build a system of trust based on objective facts and verification. This is the cornerstone of a secure digital environment for all.
Welcome to Visit and Connect With Us
Huawei Cyber Security Transparency Centre, Brussels
Rue Guimard 9, 1000 Brussels, Belgium
Tel.: +32 2801 1766
www.huawei.com
Huawei's Security Standards and Certification
Security Standards
Huawei advocates and promotes the establishment of cyber security standards that are globally recognized and agreed upon. Huawei has also been actively participating with industry standards organizations to promote the establishment of new standards.
1.Huawei has participated in more than 360 industry standards organizations; held more than 300 important positions in these industry standards organizations; and actively submits proposals to industry standards organizations, making significant contributions to the development of these standards. Huawei has joined more than 360 standards organizations, industry alliances, and open-source communities, and held over 300 key positions, including board or executive committee membership, in the IIC, IEEE-SA, BBF, ETSI, TMF, WFA, OASIS, WWRF, OpenStack, Linaro, ONAP, IFAA, GP, CCSA, and AII. In 2018, Huawei submitted more than 5,000 standard proposals, increasing Huawei’s total number of standard proposals to 54,000. Huawei also submitted 251 security standard proposals to the 3GPP SA Working Group (WG) 3, ranking first in terms of comprehensive contributions; submitted 34 security proposals to the NFV Security Group, ranking high in terms of contribution; and promoted the 5G security project initiative while working with industry leaders to complete 5G security architecture and incorporating it into the 3GPP 5G security specifications. Huawei has also proposed 4 WG drafts to the Internet Engineering Task Force (IETF), and chaired the DOTS I2NSF WG.
2.Huawei not only participates in existing industry standards organizations, but also advocates the establishment of new industry standards organizations. For example:
- To build a globally unified machine-to-machine (M2M) standards platform and promote the healthy development of the M2M market, Huawei and Qualcomm launched the M2M Industry Group in 2010. Since July 2011, seven standards developing organizations (SDOs) have participated in the M2M Industry Group and organized four face to face (F2F) preparation meetings. In July 2012, the OneM2M standards organization was officially established.
- To address cyber security challenges in the information and communications technology (ICT) supply chain, Huawei helped develop the Open Trusted Technology Forum (OTTF) standards, actively analyzed threats and countermeasures, discussed its best practices and viewpoints with industry partners, and officially released the Open Trusted Technology Supplier Standard V1.0 with industry partners in April 2013.
Figure 1-1 Huawei's participation and contribution in standards organizations
Security Certification
Huawei believes that trust needs to be based on facts, facts need to be verifiable, and verification needs to be based on common standards. By using industry practices, certification is the most effective way to address security issues.
1.Management System Security Certification
Huawei has established a sustainability management system based on the International Standards Organization (ISO) standards, and passed third-party certification to ensure that Huawei’s R&D and production processes are trustworthy.
- Huawei has established an information security management system based on the ISO27000 series standards and passed the ISO 27001 certification.
- Huawei has established a supply chain security management system based on the ISO 28000 standards, as well as the TAPA and C-TPAT requirements; passed the ISO 28000 certification (Chinese Supply Center, European Supply Center, and Mexican Supply Center); and obtained C-TPAT membership. (3) Huawei has optimized its development and supply chain management practices by referring to the Open Trusted Technology Supplier Standard (OTTPS) and is conducting the OTTPS certification.
2.Product Certification
Huawei has incorporated internationally recognized cyber security certification standards and requirements, such as CC and FIPS, into product R&D, and actively invites third-party labs to certify Huawei products. In April 2019, Huawei already obtained 242 product security certificates, including 43 CC certificates, 6 CC EAL4+ certificates, 20 FIPS certificates, and 15 PCI certificates.
Figure 1-1 Huawei's certificates
Huawei's Security Standards and Certification
Security Standards
Huawei advocates and promotes the establishment of cyber security standards that are globally recognized and agreed upon. Huawei has also been actively participating with industry standards organizations to promote the establishment of new standards.
1.Huawei has participated in more than 360 industry standards organizations; held more than 300 important positions in these industry standards organizations; and actively submits proposals to industry standards organizations, making significant contributions to the development of these standards. Huawei has joined more than 360 standards organizations, industry alliances, and open-source communities, and held over 300 key positions, including board or executive committee membership, in the IIC, IEEE-SA, BBF, ETSI, TMF, WFA, OASIS, WWRF, OpenStack, Linaro, ONAP, IFAA, GP, CCSA, and AII. In 2018, Huawei submitted more than 5,000 standard proposals, increasing Huawei’s total number of standard proposals to 54,000. Huawei also submitted 251 security standard proposals to the 3GPP SA Working Group (WG) 3, ranking first in terms of comprehensive contributions; submitted 34 security proposals to the NFV Security Group, ranking high in terms of contribution; and promoted the 5G security project initiative while working with industry leaders to complete 5G security architecture and incorporating it into the 3GPP 5G security specifications. Huawei has also proposed 4 WG drafts to the Internet Engineering Task Force (IETF), and chaired the DOTS I2NSF WG.
2.Huawei not only participates in existing industry standards organizations, but also advocates the establishment of new industry standards organizations. For example:
- To build a globally unified machine-to-machine (M2M) standards platform and promote the healthy development of the M2M market, Huawei and Qualcomm launched the M2M Industry Group in 2010. Since July 2011, seven standards developing organizations (SDOs) have participated in the M2M Industry Group and organized four face to face (F2F) preparation meetings. In July 2012, the OneM2M standards organization was officially established.
- To address cyber security challenges in the information and communications technology (ICT) supply chain, Huawei helped develop the Open Trusted Technology Forum (OTTF) standards, actively analyzed threats and countermeasures, discussed its best practices and viewpoints with industry partners, and officially released the Open Trusted Technology Supplier Standard V1.0 with industry partners in April 2013.
Figure 1-1 Huawei's participation and contribution in standards organizations
Security Certification
Huawei believes that trust needs to be based on facts, facts need to be verifiable, and verification needs to be based on common standards. By using industry practices, certification is the most effective way to address security issues.
1.Management System Security Certification
Huawei has established a sustainability management system based on the International Standards Organization (ISO) standards, and passed third-party certification to ensure that Huawei’s R&D and production processes are trustworthy.
- Huawei has established an information security management system based on the ISO27000 series standards and passed the ISO 27001 certification.
- Huawei has established a supply chain security management system based on the ISO 28000 standards, as well as the TAPA and C-TPAT requirements; passed the ISO 28000 certification (Chinese Supply Center, European Supply Center, and Mexican Supply Center); and obtained C-TPAT membership. (3) Huawei has optimized its development and supply chain management practices by referring to the Open Trusted Technology Supplier Standard (OTTPS) and is conducting the OTTPS certification.
2.Product Certification
Huawei has incorporated internationally recognized cyber security certification standards and requirements, such as CC and FIPS, into product R&D, and actively invites third-party labs to certify Huawei products. In April 2019, Huawei already obtained 242 product security certificates, including 43 CC certificates, 6 CC EAL4+ certificates, 20 FIPS certificates, and 15 PCI certificates.
Figure 1-1 Huawei's certificates
