iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST-TS CEN ISO/TS 19299:2016

(Main)

Electronic fee collection - Security framework (ISO/TS 19299:2015)

Electronic fee collection - Security framework (ISO/TS 19299:2015)

Based on the system architecture defined in ISO 17573, the security framework
describes a set of requirements and security measures for stakeholders to
implement and operate their part of an electronic fee collection (EFC) system as
required for a trustworthy environment according to its basic information security
policy. In general the overall scope is an information security framework for all
organisational and technical entities and in detail for the interfaces between
them.
This Technical Specification is based on the assumption of an OBE which is
dedicated to EFC purposes only and does neither consider value added services
based on EFC OBE, nor more generic OBE platforms (called in-vehicle ITS Stations)
used to host the EFC application.
The scope of this security framework comprises the following:
- general information security objectives of the stakeholders;
- threat analysis;
- definition of a trust model;
- security requirements;
- security measures – countermeasures;
- security specifications for interface implementation;
- key management;
- security policies;
- privacy-enabled implementations.
Outside the scope of this Technical Specification is:
- a complete risk assessment for an EFC system;
- security issues rising from an EFC application running on an ITS station;
- entities and interfaces of the interoperability management role;
- the technical trust relation of the model between TSP and User;
- a complete specification and description of all necessary security measures to all
identified threats;
- concrete implementation specifications for implementation of security for EFC
system, e.g. European electronic toll service (EETS);
-detailed specifications required for privacy-friendly EFC implementations.

Elektronische Gebührenerhebung - Sicherheitsgrundstruktur (ISO/TS 19299:2015)

Perception de télépéage - Cadre de sécurité (ISO/TS 19299:2015)

Le domaine d'application général de l'ISO/TS 19299:2015 consiste à fournir un cadre de sécurité de l'information pour l'ensemble des entités organisationnelles et techniques d'un plan de perception du télépéage (EFC), et plus particulièrement pour les interfaces entre elles, sur la base de l'architecture système définie dans l'ISO 17573. Le cadre de sécurité décrit un ensemble d'exigences et de mesures de sécurité associées destinées à être mises en ?uvre par les parties prenantes, garantissant ainsi un fonctionnement sécurisé de leur partie d'un système EFC, tel que l'exige la politique de sécurité d'un environnement de confiance.
Le domaine d'application de l'ISO/TS 19299:2015 inclut:
la définition d'un modèle de confiance;
Principes et hypothèses de base pour l'établissement de relations de confiance entre les parties prenantes.
les exigences de sécurité;
les mesures de sécurité ? contre-mesures;
Exigences de sécurité relatives à la prise en charge des mises en ?uvre du système EFC actuel.
les spécifications de sécurité relatives à la mise en ?uvre de l'interface;
Ces spécifications offrent une extension de sécurité aux normes correspondantes.
la gestion des clés;
Couvre l'instauration (initiale) de l'échange de clés entre les parties prenantes et plusieurs procédures opérationnelles telles que le renouvellement de clés, la révocation de certificats, etc.
les profils de sécurité;
la déclaration de conformité de la mise en ?uvre propose une liste de contrôle devant être utilisée par un fournisseur d'équipement, un chargé de mise en ?uvre d'un système ou l'acteur d'un rôle pour déclarer sa conformité à l'ISO/TS 19299:2015;
les objectifs généraux de sécurité de l'information des parties prenantes qui constituent le principal motif des exigences de sécurité;
l'analyse des menaces inhérentes au modèle de système EFC et à ses actifs en utilisant deux méthodes complémentaires distinctes, une analyse basée sur les attaques et une analyse basée sur les actifs;
des exemples de politiques de sécurité;
les recommandations relatives à une mise en ?uvre axée sur la protection de la vie privée;
une proposition relative aux certificats d'entité finale.

Elektronsko pobiranje pristojbin - Varnostni okvir (ISO/TS 19299:2015)

Ta tehnična specifikacija:
– Opisuje zahteve in priporočene metode, na podlagi katerih lahko zdravniki zbirajo, analizirajo in označujejo klinične kontekste, vsebine ter strukture podrobnih kliničnih modelov.
– Določa podrobne klinične modele (DCM) na podlagi osnovnega logičnega modela. To so logični modeli kliničnih pojmov in jih je mogoče uporabiti za določitev in strukturiranje kliničnih informacij.
– Opisuje zahteve in načela za modele DCM, metapodatke, shranjevanje različic, specifikacijo vsebine in konteksta, specifikacijo podatkovnih elementov in razmerij med njimi ter podaja napotke in primere.
– Določa načela upravljanja modelov DCM za namene zagotavljanja zasnovne celovitosti vseh atributov DCM
in natančnosti logičnega modela.
– Opisuje razvoj modelov DCM in metodološka načela, s katerimi se podpre izdelava
kakovostnih modelov DCM za namene zmanjšanja tveganja in zagotavljanja varnosti pacientov.
Ta tehnična specifikacija se ne uporablja za:
– Podrobno vsebino primerkov podrobnih kliničnih modelov. Primer: ta tehnična specifikacija ne določa konkretnih podatkovnih elementov za Glasgowsko lestvico nezavesti, telesno višino ipd. (razen nekaterih primerov razlag členov). Vključuje pa navodila o tem, kako pravilno določiti klinično znanje po Glasgowski lestvici nezavesti ali telesni višini, kako pravilno prepoznati, poimenovati in modelirati podatkovne elemente za te klinične koncepte ter kako podati enolične kode posameznim podatkovnim elementom in (če je mogoče) naborom vrednosti. Povedano drugače, opisuje način ustvarjanja primerkov, vendar ne vključuje posameznih primerkov.
– Specifikacije dinamičnega modeliranja, npr. poteka dela.
– Specifikacije za modeliranje celotnih domen ali agregatov številnih podrobnih kliničnih modelov, npr. celotne dokumentacije pregledov ali povzetkov odpustnic. Ne določa sestave modelov DCM.

General Information

Status
Withdrawn
Publication Date
05-Jan-2016
Withdrawal Date
16-Sep-2020
ICS
35.240.60 - IT applications in transport
Technical Committee
ITC - Information technology
Current Stage
9900 - Withdrawal (Adopted Project)
Start Date
17-Sep-2020
Due Date
10-Oct-2020
Completion Date
17-Sep-2020
Directive
2004/52/EC - Interoperability of electronic road toll systems in the Community
Mandate
M/338 - Standardisation mandate to CEN, CENELEC and ETSI in support of interoperabilty of electonic road toll systems in the community
Ref Project
CEN ISO/TS 19299:2015 - Electronic fee collection - Security framework (ISO/TS 19299:2015)

Relations

Replaced By
SIST EN ISO 19299:2020 - Electronic fee collection - Security framework (ISO 19299:2020)
Effective Date
01-Nov-2020
Replaces
SIST-TS CEN/TS 16439:2013 - Electronic fee collection - Security framework
Effective Date
21-Oct-2015
Replaces
SIST-TS CEN/TS 16439:2013 - Electronic fee collection - Security framework
Effective Date
08-Jun-2022

Buy Standard

TS CEN ISO/TS 19299:2016 - BARVETS CEN ISO/TS 19299:2016 - BARVE
PreviousNext
Technical specification
TS CEN ISO/TS 19299:2016 - BARVE
English language
151 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST-TS CEN ISO/TS 19299:2016
01-marec-2016
1DGRPHãþD
SIST-TS CEN/TS 16439:2013
Elektronsko pobiranje pristojbin - Varnostni okvir (ISO/TS 19299:2015)
Electronic fee collection - Security framework (ISO/TS 19299:2015)
Elektronische Gebührenerhebung - Sicherheitsgrundstruktur (ISO/TS 19299:2015)
Perception de télépéage - Cadre de sécurité (ISO/TS 19299:2015)
Ta slovenski standard je istoveten z: CEN ISO/TS 19299:2015
ICS:
35.240.60 Uporabniške rešitve IT v IT applications in transport
transportu in trgovini and trade
SIST-TS CEN ISO/TS 19299:2016 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST-TS CEN ISO/TS 19299:2016

---------------------- Page: 2 ----------------------

SIST-TS CEN ISO/TS 19299:2016


CEN ISO/TS 19299
TECHNICAL SPECIFICATION

SPÉCIFICATION TECHNIQUE

October 2015
TECHNISCHE SPEZIFIKATION
ICS 35.240.60; 03.220.20 Supersedes CEN/TS 16439:2013
English Version

Electronic fee collection - Security framework (ISO/TS
19299:2015)
Perception de télépéage - Cadre de sécurité (ISO/TS Elektronische Gebührenerhebung -
19299:2015) Sicherheitsgrundstruktur (ISO/TS 19299:2015)
This Technical Specification (CEN/TS) was approved by CEN on 26 June 2015 for provisional application.

The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to
submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard.

CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS
available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in
parallel to the CEN/TS) until the final decision about the possible conversion of the CEN/TS into an EN is reached.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and
United Kingdom.





EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2015 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN ISO/TS 19299:2015 E
worldwide for CEN national Members.

---------------------- Page: 3 ----------------------

SIST-TS CEN ISO/TS 19299:2016
CEN ISO/TS 19299:2015 (E)
Contents Page
European foreword . 3

2

---------------------- Page: 4 ----------------------

SIST-TS CEN ISO/TS 19299:2016
CEN ISO/TS 19299:2015 (E)
European foreword
This document (CEN ISO/TS 19299:2015) has been prepared by Technical Committee ISO/TC 204
"Intelligent transport systems" in collaboration with Technical Committee CEN/TC 278 “Intelligent
transport systems” the secretariat of which is held by NEN.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent
rights.
This document supersedes CEN/TS 16439:2013.
This document has been prepared under a mandate given to CEN by the European Commission and the
European Free Trade Association.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia,
France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta,
Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.
Endorsement notice
The text of ISO/TS 19299:2015 has been approved by CEN as CEN ISO/TS 19299:2015 without any
modification.
3

---------------------- Page: 5 ----------------------

SIST-TS CEN ISO/TS 19299:2016

---------------------- Page: 6 ----------------------

SIST-TS CEN ISO/TS 19299:2016
TECHNICAL ISO/TS
SPECIFICATION 19299
First edition
2015-10-01
Electronic fee collection — Security
framework
Perception de télépéage — Cadre de sécurité
Reference number
ISO/TS 19299:2015(E)
©
ISO 2015

---------------------- Page: 7 ----------------------

SIST-TS CEN ISO/TS 19299:2016
ISO/TS 19299:2015(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2015, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2015 – All rights reserved

---------------------- Page: 8 ----------------------

SIST-TS CEN ISO/TS 19299:2016
ISO/TS 19299:2015(E)

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 2
3 Terms and definitions . 4
4 Symbols and abbreviated terms . 9
5 Trust model .10
5.1 Overview .10
5.2 Stakeholders trust relations .10
5.3 Technical trust model .11
5.3.1 General.11
5.3.2 Trust model for TC and TSP relations .11
5.3.3 Trust model for TSP and service user relations .13
5.3.4 Trust model for Interoperability Management relations .13
5.4 Implementation .13
5.4.1 Setup of trust relations .13
5.4.2 Trust relation renewal and revocation .14
5.4.3 Issuing and revocation of sub CA and end-entity certificates .14
5.4.4 Certificate and certificate revocation list profile and format .15
5.4.5 Certificate extensions .15
6 Security requirements .17
6.1 General .17
6.2 Information security management system .18
6.3 Communication interfaces .18
6.4 Data storage .19
6.5 Toll charger .19
6.6 Toll service provider .21
6.7 Interoperability Management .23
6.8 Limitation of requirements .23
7 Security measures — countermeasures .24
7.1 Overview .24
7.2 General security measures .24
7.3 Communication interfaces security measures .25
7.3.1 General.25
7.3.2 DSRC-EFC interface . .26
7.3.3 CCC interface .27
7.3.4 LAC interface .28
7.3.5 Front End to TSP back end interface .28
7.3.6 TC to TSP interface .29
7.3.7 ICC interface .30
7.4 End-to-end security measures .30
7.5 Toll service provider security measures .32
7.5.1 Front end security measures .32
7.5.2 Back end security measures .33
7.6 Toll charger security measures .34
7.6.1 RSE security measures . .34
7.6.2 Back end security measures .34
7.6.3 Other TC security measures .35
8 Security specifications for interoperable interface implementation .35
8.1 General .35
8.1.1 Subject.35
© ISO 2015 – All rights reserved iii

---------------------- Page: 9 ----------------------

SIST-TS CEN ISO/TS 19299:2016
ISO/TS 19299:2015(E)

8.1.2 Signature and hash algorithms .35
8.2 Security specifications for DSRC-EFC .36
8.2.1 Subject.36
8.2.2 OBE .36
8.2.3 RSE .36
9 Key management .36
9.1 Overview .36
9.2 Asymmetric keys .36
9.2.1 Key exchange between stakeholders .36
9.2.2 Key generation and certification .37
9.2.3 Protection of keys .37
9.2.4 Application .37
9.3 Symmetric keys .38
9.3.1 General.38
9.3.2 Key exchange between stakeholders .38
9.3.3 Key lifecycle .39
9.3.4 Key storage and protection .40
9.3.5 Session keys .41
Annex A (normative) Security profiles .42
Annex B (normative) Implementation conformance statement (ICS) proforma .46
Annex C (informative) Stakeholder objectives and generic requirements .64
Annex D (informative) Threat analysis .68
Annex E (informative) Security policies .124
Annex F (informative) Example for an EETS security policy .131
Annex G (informative) Recommendations for privacy-focused implementation .133
Annex H (informative) Proposal for end-entity certificates.135
Bibliography .136
iv © ISO 2015 – All rights reserved

---------------------- Page: 10 ----------------------

SIST-TS CEN ISO/TS 19299:2016
ISO/TS 19299:2015(E)

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the WTO principles in the Technical
Barriers to Trade (TBT) see the following URL: Foreword - Supplementary information
ISO/TS 19299 was prepared by European Committee for Standardization (CEN) in collaboration with
ISO/TC 204, Intelligent transport systems, in accordance with the agreement on technical cooperation
between ISO and CEN (Vienna Agreement).
This first edition of ISO/TS 19299 cancels and replaces CEN/TS 16439:2013.
© ISO 2015 – All rights reserved v

---------------------- Page: 11 ----------------------

SIST-TS CEN ISO/TS 19299:2016
ISO/TS 19299:2015(E)

Introduction
Reader’s guide
The development process for a security concept and implementation to protect any existing electronic
fee collection (EFC) system normally includes several steps as follows:
— definition of the security objectives and policy statements in a security policy;
— threat analysis with risk assessment to define the security requirements;
— development of the security measures followed by the development of security test specifications.
Figure 1 — Development path for the security documents
In the second step, each actor in an existing EFC system has to implement the defined security measures
and supervise the effectiveness. Security measures which do not work or work incorrectly need to be
improved. The development of the EFC security framework follows this approach as closely as possible.
The used methodology needs to consider following limitations:
— No security policy exists: The security policy can only be defined by the responsible stakeholders
and its freedom is only limited by laws and regulations. Nonetheless, this Technical Specification
provides basic examples of possible security policies (in Annex E to Annex F).
— No risk assessment possible: The risk assessment compares the possible loss for the stakeholder
and the required resources (e.g. equipment, knowledge, time, etc.) to perform an attack. It is the
trade-off evaluation of the cost and benefit of each countermeasure which is only possible for an
implemented system.
— No specific system design or configuration during the development of this Technical Specification
was considered to keep it universally applicable. Only the available EFC base standards and the
comments received by the CEN/TS 16439:2013 (i.e. the previous edition of the EFC security
framework) were taken as references. Specific technical details of a particular system (e.g.
servers, computer centres, and de-central elements like road side equipment) need to be taken into
consideration during the implementation in addition to the present EFC security framework.
vi © ISO 2015 – All rights reserved

---------------------- Page: 12 ----------------------

SIST-TS CEN ISO/TS 19299:2016
ISO/TS 19299:2015(E)

The selection of requirements and the respective security measures for an existing EFC system is based
on the security policy and the risk assessment of several stakeholders systems. Due to the fact that
there is neither an overall valid security policy, nor the possibility to provide a useful risk assessment,
the EFC security framework provides a toolbox of requirements and security measures covering as
many threats as possible without claiming to provide an exhaustive list.
There is one limitation though to be compliant to this Technical Specification that is, if a requirement is
selected, the associated security measure(s) have to be implemented.
To understand the content of this Technical Specification, the reader should be aware of the
methodological assumptions used to develop it. The security of an (interoperable) EFC scheme depends
on the correct implementation and operation of a number of processes, systems, and interfaces.
Only a reliable end-to-end security ensures the accurate and trustworthy operation of interacting
components of toll charging environments. Therefore, this security framework also covers systems or
interfaces which are not EFC specific like back office connections. The application independent security
framework for such system parts and interfaces, the Information Security Management System (ISMS),
is provided in the ISO 2700x family of standards.
The development process of this Technical Specification is described briefly in the steps below:
a) Definition of the stakeholder objectives and generic requirements as the basic motivation for the
security requirements (Annex C). A possible security policy with a set of policy statements is
provided in Annex E, and an example of an European electronic toll service (EETS) security policy
is given in Annex F.
b) Based on the EFC role model and further definitions from the EFC architecture standard
(ISO 17573), the specification defines an abstract EFC system model as the basis for a threat
analysis, definition of requirements, and security measures.
c) The threats on the EFC system model and its assets are analysed by two different methods: an attack-
based analysis and an asset-based analysis. The first approach considers a number of threat scenarios
from the perspective of various attackers. The second approach looks in depth on threats against the
various identified assets (tangible and intangible entities). This approach, although producing some
redundancy, ensures completeness and coverage of a broader range of risks (see Annex D).
d) The requirements specification (see Clause 6) is based on the threats identified in Annex D. Each
requirement is at least motivated by one threat and at least one requirement covers each threat.
e) The definition of security measures (see Clause 7) provides a high-level description of recommended
possible methods to cover the developed requirements.
f) The security specifications for interoperable interface implementation (Clause 8) provide detailed
definitions, e.g. for message authenticators. These specifications represent an add-on for security
to the corresponding relevant interface standards.
g) Basic key management requirements that support the implementation of the interoperable
interfaces are described in Clause 9. The toll charging environment uses cryptographic elements
(keys, certificates, certificate revocation lists, etc.) to support security services like confidentiality,
integrity, authenticity, and non-repudiation. This section of the specification covers the (initial)
setup of key exchange between stakeholders and several operational procedures like key renewal,
certificate revocation, etc.
h) A general trust model (see Clause 5) is defined to form the basis for the implementation of
cryptographic procedures to ensure confidentiality, integrity, and authenticity of exchanged
data. In this context, the security framework references approved international standards for the
implementation of cryptographic procedures enhanced by EFC specific details where needed.
A stakeholder of an EFC scheme who wants to use this security framework needs to do the following:
— define a security policy for the EFC scheme (may involve more than one stakeholder in an
interoperable EFC scheme). Some examples for a security policy and its elements are provided (in
© ISO 2015 – All rights reserved vii

---------------------- Page: 13 ----------------------

SIST-TS CEN ISO/TS 19299:2016
ISO/TS 19299:2015(E)

Annex E and Annex F) as an aid for using this Technical Specification to build up a secure system for
a concrete interoperability framework (including the European electronic toll service).
— identify the relevant processes, systems and interfaces, and match them to the EFC security framework;
— select the corresponding security requirements according to the security policy;
— implement the security measures associated to the selected requirements;
— provide evidence of compliance of its systems, processes, and interfaces with the requirements set
forth in this Technical Specification. Evidence can be provided by a self-declaration, an internal or
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST EN 17870:2023(Main)
Intelligent transport systems - eSafety - eCall additional data concept for equipment limitations
EN 17870:2023

This document defines an additional data concept that may be transferred as the ‘optional additional data ’ part of an eCall MSD, as defined in EN 15722, that may be transferred from a vehicle to a PSAP in the event of a crash or emergency via an eCall communication session.
The purpose of this document is to provide means to notify the PSAP of any limitations to the sending equipment that are endorsed by other standards, but not (immediately) apparent to the receiver. Lack of knowledge about these limitations can hamper the emergency process. This document describes an additional data concept which facilitates the inclusion of information about such limitations in a consistent and usable matter.
This document can be seen as an addendum to EN 15722; it contains as little redundancy as possible.

  • Standard
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 15876:2023(Main)
Electronic fee collection - Conformity evaluation of on-board and roadside equipment to EN 15509
EN 15876:2023

It defines the test suite structure and the test purposes for conformity evaluation of on-board and roadside equipment designed for compliance with the requirements set up in EN 15509.

  • Standard
    122 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    147 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 21177:2023(Main)
Intelligent transport systems - ITS station security services for secure session establishment and authentication between trusted devices (ISO 21177:2023)
EN ISO 21177:2023

This document contains specifications for a set of ITS station security services required to ensure the authenticity of the source and integrity of information exchanged between trusted entities, i.e.:
—    between devices operated as bounded secured managed entities, i.e. "ITS Station Communication Units" (ITS-SCU) and "ITS station units" (ITS-SU) as specified in ISO 21217; and
—    between ITS-SUs (composed of one or several ITS-SCUs) and external trusted entities such as sensor and control networks.
These services include the authentication and secure session establishment which are required to exchange information in a trusted and secure manner.
These services are essential for many intelligent transport system (ITS) applications and services including time-critical safety applications, automated driving, remote management of ITS stations (ISO 24102-2), and roadside/infrastructure-related services.

  • Standard
    114 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    110 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 15509:2023(Main)
Electronic fee collection - Interoperability application profile for DSRC
EN 15509:2023

The scope for this European Standard is limited to:
-   payment method: Central account based on EFC-DSRC;
-   physical systems: OBU, RSE and the DSRC interface between them (all functions and information flows related to these parts);
-   DSRC-link requirements;
-   EFC transactions over the DSRC interface;
-   data elements to be used by OBU and RSE used in EFC-DSRC transactions;
-   security mechanisms for OBU and RSE used in EFC-DSRC transactions.

  • Standard
    61 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    59 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/TR 17949:2023(Main)
Public transport - Distribution APIs for MaaS
CEN/TR 17949:2023

Existing public and private distribution API specifications will be identified, where practicable, and summarised in a number of ways, including: ownership of specification, scope of API functionality, basis of data model and data categorisation used, management of reference data, commercial access rules to the specification, governance of the specification, existing examples of use for MaaS booking, coherence with existing CEN standards, potential for becoming a new CEN standard.

  • Technical report
    30 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 20524-1:2023(Main)
Intelligent transport systems - Geographic Data Files (GDF) GDF5.1 - Part 1: Application independent map data shared between multiple sources (ISO 20524-1:2020)
EN ISO 20524-1:2022

This standard specifies the conceptual and logical data model and physical encoding formats for geographic databases for Intelligent Transport Systems (ITS) applications and services. It includes a specification of potential contents of such databases (data dictionaries for Features, Attributes and Relationships), a specification of how these contents shall be represented, and of how relevant information about the database itself can be specified (metadata).
The focus of this standard is on ITS applications and services and it emphasizes road and road-related information. ITS applications and services, however, also require information in addition to road and road-related information.
Typical ITS applications and services targeted by this International Standard are in-vehicle or portable navigation systems, traffic management centres, or services linked with road management systems, including public transport systems.
The Conceptual Data Model has a broader focus than ITS applications and services. It is application-independent, allowing for future harmonization of this standard with other geographic database standards.
In order to deal with a multiple data provider environment and new applications, conceptual models, features, attributes and relationships are expanded in GDF5.1.
GDF5.1 is separated into two parts according to methods of utilization.
GDF5.1 Part 1 defines application-independent map data shared between multiple sources.
GDF5.1 Part 2 defines map data used in automated driving systems, cooperative ITS, and multi-modal transport.

  • Standard
    1077 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    1074 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 17184:2023(Main)
Intelligent transport systems - eSafety - eCall High level application protocols (HLAP) using IP Multimedia Subsystem (IMS) over packet switched networks
CEN/TS 17184:2022

In respect of pan European eCall (operating requirements defined in EN 16072), this document defines the high level application protocols, procedures and processes required to provide the eCall service via a packet switched wireless communications network using IMS (IP Multimedia Subsystem) and wireless access (such as LTE, NR and their successors).
This document assumes support of eCall using IMS over packet switched networks by an IVS and a PSAP and further assumes that all PLMNs available to an IVS at the time an eCall or test eCall is initiated are packet switched networks. Support of eCall where eCall using IMS over packet switched networks is not supported by an IVS or PSAP is out of the scope of this document.
At some moment in time packet switched networks will be the only Public Land Mobile Networks (PLMN) available. However as long as GSM/UMTS PLMNs are available (Teleservice 12/TS12) ETSI TS 122 003 will remain operational. Both the use of such PLMNs and the logic behind choosing the appropriate network in a hybrid situation (where both packet-switched and circuit-switched networks are available) are out of scope of this document.
NOTE 1   The objective of implementing the pan-European in-vehicle emergency call system (eCall) is to automate the notification of a traffic accident, wherever in Europe, with the same technical standards and the same quality of services objectives by using a PLMN (such as ETSI prime medium) which supports the European harmonized 112/E112 emergency number (TS12 ETSI TS 122 003 or IMS packet switched network) and to provide a means of manually triggering the notification of an emergency incident.
NOTE 2   HLAP requirements for third party services supporting eCall can be found in EN 16102,. This document makes reference to those provisions but does not duplicate them.

  • Technical specification
    52 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 17875:2023(Main)
Intelligent transport systems - eSafety - Incident Support Information System (ISIS) Architecture
CEN/TS 17875:2022

This document describes the architecture of a secure process flow between a source ITS system and a destination ITS system to provide an ‘incident support information system’ (ISIS) to emergency responders by accessing (with the agreement of the vehicle owners/keepers) data from a crashed vehicle and/or other vehicles, or drones, in the vicinity of the incident.

  • Technical specification
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 14906:2023(Main)
Electronic fee collection - Application interface definition for dedicated short-range communication (ISO 14906:2022)
EN ISO 14906:2023

This document specifies the application interface in the context of electronic fee collection (EFC) systems using dedicated short-range communication (DSRC).
The EFC application interface is the EFC application process interface to the DSRC application layer, as can be seen in Figure 1. This document comprises specifications of:
—    EFC attributes (i.e. EFC application information) that can also be used for other applications and/or interfaces;
—    the addressing procedures of EFC attributes and (hardware) components (e.g. integrated circuit(s) card);
—    EFC application functions, i.e. further qualification of actions by definitions of the concerned services, assignment of associated ActionType values, and content and meaning of action parameters;
—    the EFC transaction model, which defines the common elements and steps of any EFC transaction;
—    the behaviour of the interface so as to ensure interoperability on an EFC-DSRC application interface level.
This is an interface standard, adhering to the open systems interconnection (OSI) philosophy (see ISO/IEC 7498-1), and it is as such not primarily concerned with the implementation choices to be realized at either side of the interface.
This document provides security-specific functionality as place holders (data and functions) to enable the implementation of secure EFC transactions. Yet the specification of the security policy (including specific security algorithms and key management) remains at the discretion and under the control of the EFC operator, and hence is outside the scope of this document.

  • Standard
    131 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    130 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 12896-10:2023(Main)
Public transport - Reference data model - Part 10: Alternative Modes
EN 12896-10:2022

This part of the EN12896-X series (Transmodel-Part 10) takes into account the conceptual data model for the 'new modes' (vehicle pooling, vehicle sharing, taxis, vehicle rental) elaborated within CEN TS 17413 (Models and Definitions for New Modes) and is dedicated to be amended and re- published as a reference data model for the alternative modes of transport (Part 10 of the Public Transport Reference Data Model).
This new publication takes into account the revision of the conceptual model (published as CEN TS 17413) by the project team TC278 PT0303 working on the implementation of the 'new modes' model (NeTEx-Part5).
EN12896-10, supplementing the series of EN12896-X, establishes the semantic reference for the alternative modes data domain and thus facilitates the integration of these modes into the overall mobility environment, in particular into multimodal travel services (e.g. trip planning systems).

  • Standard
    258 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    258 pages
    English language
    sale 10% off
    e-Library read for
    1 day