1) Inter-System Dependencies - Blockchains are not all self-sufficient. Thought needs to be given to the inter-system dependencies that a blockchain would rely on to operate. This is in addition to the Third party ecosystem of DApps. For example Blockchains may need to interface with other Blockchains/Proprietary databases to function.
Main focus of this should be on data sharing and privacy, the traditional data sharing agreement may not work in the blockchain world due to the nature of the ledger (immutability, transparency). So, it will be important to business owners.
2) Codebase creation: Coding from scratch or leveraging existing frameworks
Most blockchain projects leverage existing open source code, the security and license requirements of the open source or third party code base certainly needs to be considered from risk management perspectives.3) Rules Agreement : that joint venture owners decide on how to operate the network ( example: who is accountable for an incident ?)
This would include areas such as security incident response, legal framework， risk management of blockchain network participants. It is very important for the business owners.
4) Protocol Governance: when/ how and if to change a protocol to align with business needs
Open source project such as Compound and MakerDAO has some experiment work on leverage on-chain voting to change protocol to align business needs. The whole Protocol Governance is very important and we do need some smart minds to figure this out.Overall, in CSA GCR, there is no such group yet. So, the efforts of this sub-group will be very helpful.CSA GCR does have the network security working group headed by a University professor and dean of computer science in one of the top University in China. Depends on the progress, I can coordinate some meetings for this.In addition, we do have DID Security working group, and I have shared the initial work in PPT in another discussion thread.