ISO/TS 15638-4:2020
Intelligent transport systems — Framework for cooperative telematics applications for regulated commercial freight vehicles (TARV) — Part 4: System security requirements
Security requirements address both hardware and software aspects.
This document addresses the security requirements for:
— the transfer of TARV data from an IVS to an application service provider across a wireless communications interface;
— the receipt of instructions from an application service provider to a TARV IVS;
— the communications aspects of handling of software updates for the IVS over wireless communications.
This document defines the requirements for telematics applications for regulated commercial vehicles for:
a) threat, vulnerability and risk analysis;
b) security services and architecture;
c) identity management;
d) security architecture and management;
e) identity-trust and privacy management;
f) security-access control;
g) security-confidentiality services.
This document provides:
— general specifications for the security of TARV;
— specifications for the security of TARV transactions and data within an ITS-station "bounded secure managed domain" (BSMD);
— specifications for the security of TARV transactions and data transacted with a predetermined address outside of a BSMD.
IVS security requirements are dealt with by the prime service provider and application service provider (See ISO 15638-1).
Application service provision security is dealt with by the application service provider (and could be the subject of a separate TARV standards deliverable).
| Get this standard | Prices exclude GST | |
|---|---|---|
| PDF ( Single user document) |
$179.13 NZD
|
|
| HardCopy |
$214.78 NZD
|
|
| Networkable PDF |
Price varies
|
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 General overview and framework
6 Requirements
6.1 Threat, vulnerability and risk analysis
6.2 Functional requirements for security of targets of evaluation (TOEs)
6.2.1 TOE — In-vehicle systems
6.2.2 TOE — Application service provider systems
6.2.3 TOE — TARV data transfer
6.2.4 Means of TARV data transfer
6.2.5 TARV data security requirements
6.3 General specifications for the security of TARV
6.3.1 Destined to a predetermined IPv6 address (URI)
6.3.2 ASP or jurisdiction determines security requirements
6.4 Low security data transfers via an ITS-station
6.5 TARV Data transfers via an ITS-station with C-ITS security (BSMD)
6.5.1 Within ISO 21217 ITS-station environment
6.5.2 Within ISO 21210 networking environment
6.5.3 Within ISO 17423 selection of communications profile requirements
6.5.4 When accessing specific wireless media
6.6 TARV data transfers including defined security, but outside a BSMD
6.6.1 General
6.6.2 Security data
6.6.3 IVS TARV security module
6.7 Identity management
6.8 Trust and privacy management
6.9 Access control
6.10 Confidentiality services
6.11 Data privacy
6.12 Integrity of trailer identification
6.13 Exception handling
6.14 Cross-border operations and harmonization
7 Quality of service requirements
8 Test requirements
9 Marking, labelling and packaging
Annex A (informative) Example TARV security in a regulatory domain
Bibliography
Keep me up-to-date
Register to receive notifications when updates are made to this standard.
Related Information
Similar Standards
-
23/30382233DC
BS EN 9300-00. Aerospace series. LOTAR -LOng Term Archiving and Retrieval of digital technical product documentation such as 3D, CAD and PDM data, Part 007. Terms and references
-
AS/NZS 2890.1:2004
Parking facilities - Off-street car parking
-
AS/NZS 2890.1:2004 A1
Parking facilities - Off-street car parking: Amendment 1
-
AS/NZS 2890.6:2009
Parking facilities - Off-street parking for people with disabilities
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 General overview and framework
6 Requirements
6.1 Threat, vulnerability and risk analysis
6.2 Functional requirements for security of targets of evaluation (TOEs)
6.2.1 TOE — In-vehicle systems
6.2.2 TOE — Application service provider systems
6.2.3 TOE — TARV data transfer
6.2.4 Means of TARV data transfer
6.2.5 TARV data security requirements
6.3 General specifications for the security of TARV
6.3.1 Destined to a predetermined IPv6 address (URI)
6.3.2 ASP or jurisdiction determines security requirements
6.4 Low security data transfers via an ITS-station
6.5 TARV Data transfers via an ITS-station with C-ITS security (BSMD)
6.5.1 Within ISO 21217 ITS-station environment
6.5.2 Within ISO 21210 networking environment
6.5.3 Within ISO 17423 selection of communications profile requirements
6.5.4 When accessing specific wireless media
6.6 TARV data transfers including defined security, but outside a BSMD
6.6.1 General
6.6.2 Security data
6.6.3 IVS TARV security module
6.7 Identity management
6.8 Trust and privacy management
6.9 Access control
6.10 Confidentiality services
6.11 Data privacy
6.12 Integrity of trailer identification
6.13 Exception handling
6.14 Cross-border operations and harmonization
7 Quality of service requirements
8 Test requirements
9 Marking, labelling and packaging
Annex A (informative) Example TARV security in a regulatory domain
Bibliography