ISO/IEC 24791-3:2022

INTERNATIONAL ISO/IEC
STANDARD 24791-3
Second edition
2022-12
Information technology — Radio
frequency identification (RFID) for
item management — Software system
infrastructure —
Part 3:
Device management
Technologies de l'information — Identification de radiofréquence
(RFID) pour la gestion d'élément — Infrastructure de systèmes
logiciels —
Partie 3: Gestion de dispositif
Reference number
ISO/IEC 24791-3:2022(E)
© ISO/IEC 2022

---------------------- Page: 1 ----------------------
ISO/IEC 24791-3:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
  © ISO/IEC 2022 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 24791-3:2022(E)
Contents Page
Foreword .v
Introduction . vi
1 Scope . 1
1.1 General . 1
1.2 Conformance . 1
1.3 DCI and SNMP interface set . 1
1.4 RDMP interface set . 2
2 Normative references . 2
3 Terms and definitions . 2
4 Abbreviated terms . 3
5 Software system infrastructure architecture overview . 4
6 UML modelling . 5
7 Device management . 5
7.1 Architecture . 5
8 DCI and SNMP interface set. 7
8.1 Discovery, configuration and initialization conformance group . 7
8.1.1 General . 7
8.1.2 Interrogator implementations . 7
8.1.3 Device management implementations . 7
8.2 Performance monitoring and diagnostics conformance group . 7
8.2.1 General . 7
8.2.2 Interrogator implementations . 7
8.2.3 Data management implementations providing interrogator controller
functionality . 8
9 RDMP interface set . 8
9.1 General . 8
9.2 XML namespace . 8
9.3 Device discovery . 9
9.4 Device metadata . 9
9.4.1 General . 9
9.4.2 Service discovery . 9
9.5 Firmware update service . 10
9.5.1 General . 10
9.5.2 Firmware update service state machine . 10
9.5.3 FUS Operations .12
9.6 Management service . 16
9.6.1 General . 16
9.6.2 Property identifier . 16
9.6.3 Property value metadata . 17
9.6.4 Device property profile . 17
9.6.5 Sources and source types . 17
9.6.6 MS operations . 17
9.6.7 Standard properties .20
9.6.8 Other management operations . 23
9.7 Operation error reporting . 24
9.7.1 General . 24
9.7.2 Common operation error codes . 24
9.8 Monitoring service . 25
9.8.1 General . 25
9.8.2 Monitoring event structure . 25
9.8.3 Events . 25
iii
© ISO/IEC 2022 – All rights reserved

---------------------- Page: 3 ----------------------
ISO/IEC 24791-3:2022(E)
9.8.4 Statistics . 27
9.9 Security .28
9.10 Extensibility .29
9.10.1 General .29
9.10.2 Extending monitoring events .29
Annex A (informative) Implementation examples.31
Annex B (normative) SSI Device Management MIB .34
Annex C (normative) RDMP WSDLs and XSDs .43
Bibliography .45
iv
  © ISO/IEC 2022 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC 24791-3:2022(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 31, Automatic identification and data capture techniques.
This second edition cancels and replaces the first edition (ISO/IEC 24791-3:2014), which has been
technically revised.
The main changes compared to the previous edition are: the references have been updated to the latest
standards.
A list of all parts in the ISO ISO/IEC 24791 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
v
© ISO/IEC 2022 – All rights reserved

---------------------- Page: 5 ----------------------
ISO/IEC 24791-3:2022(E)
Introduction
Radio frequency identification (RFID) air interface technology is based on non-contact electro-
magnetic communication among interrogators and tags. RFID software systems are composed of RFID
interrogators, intermediate software systems and applications that provide control and coordination
of air interface operation, tag information exchange, and health and performance management of
system components. RFID technology is expected to increase effectiveness in many aspects of business
by further advancing the capabilities of automatic identification and data capture (AIDC). To achieve
this goal through the successful adoption of RFID technology into real business environments, RFID
devices, software systems and business applications have to provide secure and interoperable services,
interfaces, and technologies. This is the goal of the ISO/IEC 24791 series, created for RFID software
system infrastructure (SSI).
vi
  © ISO/IEC 2022 – All rights reserved

---------------------- Page: 6 ----------------------
INTERNATIONAL STANDARD ISO/IEC 24791-3:2022(E)
Information technology — Radio frequency identification
(RFID) for item management — Software system
infrastructure —
Part 3:
Device management
1 Scope
1.1 General
This document defines interfaces for device management of RFID systems. Interfaces are defined that
provide for discovery, configuration, initialization and monitoring of RFID systems within the software
system infrastructure (SSI).
This document only deals with devices that provide RFID related services. It does not distinguish the
form factor of such RFID devices.
This document provides two distinct interface sets, one based on the GS1 EPCglobal DCI standard
and the IETF SNMP RFCs and the other based on the Organization for the Advancement of Structured
Information Standards (OASIS) DPWS standard. The definition of the Device Profile for RFID is referred
to in this document as the RFID Device Management Profile, or RDMP.
Each interface option set provides interface definitions that provide ISO/IEC 24791-3 Client Endpoints
and Services Endpoints with the mechanisms for:
— the discovery of the RFID devices and services on a local or remote subnet;
— a firmware upgrade service;
— a management service that implements configuration related functions;
— a monitoring service for reporting alerts, diagnostics, and performance information.
The two interface set definitions provided by this document allow for clients and services endpoints
to implement and provide the services based on the specific characteristics of the RFID system to
be implemented. Subclause 1.2 defines the Conformance requirements for systems that implement
components of one or both of the interface sets.
1.2 Conformance
This document provides two interface sets; the DCI and SNMP Interface Set and the RDMP interface Set.
If a certain implementation conforms to the mandatory functions of at least one of the interface sets,
that implementation is conformant to this document.
1.3 DCI and SNMP interface set
This document divides the DCI capabilities into two Conformance Groups:
— Discovery, Configuration, and Initialization Conformance Group: this Conformance Group is defined
in Clause 7. It specifies the protocols and operational procedures that are required for conforming
Interrogator Implementations and Device Management Implementations, as defined in this
document as well as in ISO/IEC 24791-1.
1
© ISO/IEC 2022 – All rights reserved

---------------------- Page: 7 ----------------------
ISO/IEC 24791-3:2022(E)
— Performance Monitoring and Diagnostics Conformance Group: this Conformance Group is defined
in Clause 8. It specifies the SNMP MIBs that can be implemented by Interrogator Implementations
and Data Management Implementations as defined in this document as well as in ISO/IEC 24791-1.
Conforming implementations claim conformance to the MODULE_COMPLIANCE statements in the
SNMP MIBs appropriate for the particular implementation.
A conforming implementation has to implement all of the requirements of each Conformance Group for
its particular function in the SSI, but an implementation is not required to claim conformance to either
group.
1.4 RDMP interface set
This document specifies the following device management capabilities in RDMP:
— discovery of devices and hosted services in devices;
— a Firmware Upgrade Service to initialize and manage firmware on devices;
— a Management service to set and get device configuration and to perform specific device operations,
such as reboot;
— a monitoring service to monitor the health of a device using events and statistics.
RDMP interface set is defined in Clause 9.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 19762, Information technology — Automatic identification and data capture (AIDC) techniques —
Harmonized vocabulary
Devices Profile for Web Services (DPWS) Version 1.1, OASIS Standard July 2009. http:// docs .oasis -open
.org/ ws -dd/ dpws/ 1 .1/ os/ wsdd -dpws -1 .1 -spec -os .pdf.
GS1 Discovery, Configuration, & Initialisation (DCI) Standard for Reader Operations, https:// www .gs1
.org/ standards/ epc -rfid
GS1 Reader Management, (RM v1.0.1), Ratified Standard, https:// www .gs1 .org/ standards/ epc -rfid
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
component
identifiable part of a service that provides specific functionality
3.2
data management
device functionality that includes or is a combination of reading, writing, collection, filtering, grouping,
and event subscription and notification of RFID tag data to higher level applications and interfaces
2
  © ISO/IEC 2022 – All rights reserved

---------------------- Page: 8 ----------------------
ISO/IEC 24791-3:2022(E)
3.3
device management
functionality that includes or is a combination of monitoring and control of discovery, configuration,
performance and diagnosis of one or more RFID interrogators
3.4
endpoint
component (3.1) that implements or exposes an interface to other components or uses the interface of
another component
3.5
implementation
software and hardware that provides the reduction to practice of particular functionality
3.6
interrogator controller
software capability possibly embodied in a distinct physical device, within the data management (3.2)
implementation (3.5) of the architecture in ISO/IEC 24791-1 and capable of exercising the data, control
and management of interrogators over the device interface defined in ISO/IEC 24791-5
3.7
client
network endpoint (3.4) that sends messages to and/or receives messages from a service
3.8
hosted service
service with lifecycle under the control of another service
4 Abbreviated terms
For the purposes of this document, the abbreviated terms given in ISO/IEC 19762 and the following
shall apply.
AC Access controller
CAPWAP Control and provisioning of wireless access pints
DCI Discovery, configuration, initialization
DPWS Devices profile for web services standard
IETF Internet engineering task force
LLRP Low level reader protocol
MIB Management information base
MIB-II Management information base version 2
RDMP RFID device management profile
RFC Request for comment
RM Reader management
SNMP Simple network management protocol
SOAP Simple object access protocol
SSI Software system infrastructure
3
© ISO/IEC 2022 – All rights reserved

---------------------- Page: 9 ----------------------
ISO/IEC 24791-3:2022(E)
UML Unified modelling language
URI Uniform resource identifier
URL Uniform resource locator
WTP Wireless termination point
FUS RDMP firmware update service
MS Management service
MNS Monitoring service
5 Software system infrastructure architecture overview
ISO/IEC 24791-1 defines the architecture for the software system infrastructure. The basic relationship
among the interfaces and implementations of the software system infrastructure is depicted in Figure 1.
Figure 1 — Architecture overview including relationships to other RFID standards
The parts of the ISO/IEC 24791 series that define Data Management (i.e. ISO/IEC 24791-2), Device
Interface (i.e. ISO/IEC 24791-5), and Device Management (i.e. this document) each provide one or
more interfaces which allow a client to communicate with a service-providing implementation, either
within the same computing device or across a network. These client and service implementations are
consistently referred to as client endpoints and services endpoints, respectively, and in general, the
4
  © ISO/IEC 2022 – All rights reserved

---------------------- Page: 10 ----------------------
ISO/IEC 24791-3:2022(E)
client endpoint accesses the capabilities provided by the services endpoint. It is the responsibility of the
specific standard to define the formats, procedures, operations and conformance requirements of each
interface.
Device management is concerned with providing discovery, configuration, initialization, performance
monitoring and diagnostics of software system infrastructure components and interrogators. As
shown in Figure 1, device management defines interfaces that provide pairwise communications
between interrogator implementations, data management implementations and device management
implementations.
In addition to defining interfaces for providing configuration and control of the implementations in the
network, Device Management may also define requirements for basic initial operation of interrogators,
particularly related to initialization in networked environments. This is necessary in order to achieve
the SSI goal of providing scalable deployment and management of large numbers of interrogators in a
system.
Although Figure 1 depicts the Device Management Implementation residing outside of the boundary of
the SSI, the Device Management Implementation may be implemented within any device in a system.
For example, it may reside within a standalone network management application or it may be just one
component within a device that is also providing a Data Management Implementation. It may also be
one component of an application that is also providing the End System Implementation. As with all other
components of the SSI as defined in ISO/IEC 24791-1, the platform on which the standard interfaces
are implemented is not important; it is conformance to the interfaces and procedures defined in the
ISO/IEC 24791 series that is important. Examples of different deployment models of this document are
provided in Annex A.
6 UML modelling
Although Figure 1 provides a general overview of the relationship between the interfaces and
implementations in the SSI, UML is used for the figures in this document to graphically represent the
organization and operation of the device management interfaces and implementations so that a precise
and common understanding of the relationships among the components can be defined.
UML is a very rich language, but for simplicity only the physical diagram subset of the language is used
to represent the architecture of the software system infrastructure. Physical diagrams, comprised of
component diagrams and deployment diagrams, represent the relationships among the functions and
the interfaces provided by the SSI architectural elements as well as how these functions can exist in
standards compliant solutions, respectively. Refer to ISO/IEC 24791-1 for a more complete description
of how UML is used in other parts of the ISO/IEC 24791 series.
7 Device management
7.1 Architecture
Device management defines the interface(s) that provide discovery, configuration, initialization,
performance monitoring and diagnostics of software system infrastructure components and
interrogators. Device management also defines a set of standardized operational procedures that must
be executed by conforming devices, typically related to the initial operation of a device in a networked
environment.
Specific device management interface capabilities are provided by a device management services
endpoint. A device management client endpoint accesses the services endpoint in a component that
provides the desired service(s). Figure 2 provides the representation of the device management
interface in a component.
5
© ISO/IEC 2022 – All rights reserved

---------------------- Page: 11 ----------------------
ISO/IEC 24791-3:2022(E)
Figure 2 — Device management representation
The software programs that provide device management client and services endpoints can reside
within any of the Implementations that can exist in the SSI, as shown in Figure 1. This document does
define requirements on how the implementations are developed or packaged within computing or
network platforms; requirements are only defined for the operation that is provided.
Device management is distinct from the data and control interfaces provided by ISO/IEC 24791-5 and
ISO/IEC 24791-2, respectively. It is possible that the implementation of the device management interface
utilizes the same network interface as the implementation of one of the data and/or control interfaces
in the implementation. It is also possible that for a specific operation or interface, a component can
be both a client and services endpoint, essentially resulting in peer-to-peer operation or a negotiated
client/server relationship. This does not change the architecture defined in this document or in
ISO/IEC 24791-1.
The functions covered by device management can be grouped and defined as follows:
— Discovery: the process of automatically finding components and devices in a system as well as
dynamically identifying service endpoints and enabling connections between the components and
services.
— Configuration: the process of setting operational parameters for components that are loaded at
system initialization and that change relativ
...