SIST-TS CEN/TS 18053-1:2024

SLOVENSKI STANDARD
01-november-2024
Digitalna skrbniška veriga za dokaze CBRNE - 1. del: Pregled in koncepti
Digital Chain of Custody for CBRNE Evidence - Part 1: Overview and Concepts
Digitale Beweiskette für CBRNE-Beweise - Teil 1: Überblick und Konzepte
Ta slovenski standard je istoveten z: CEN/TS 18053-1:2024
ICS:
13.300 Varstvo pred nevarnimi Protection against dangerous
izdelki goods
35.240.99 Uporabniške rešitve IT na IT applications in other fields
drugih področjih
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

CEN/TS 18053-1
TECHNICAL SPECIFICATION
SPÉCIFICATION TECHNIQUE
September 2024
TECHNISCHE SPEZIFIKATION
ICS 13.300; 35.240.99
English Version
Digital Chain of Custody for CBRNE Evidence - Part 1:
Overview and Concepts
Digitale Beweiskette für CBRNE-Beweise - Teil 1:
Überblick und Konzepte
This Technical Specification (CEN/TS) was approved by CEN on 26 May 2024 for provisional application.

The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to
submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard.

CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS
available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in
parallel to the CEN/TS) until the final decision about the possible conversion of the CEN/TS into an EN is reached.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2024 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TS 18053-1:2024 E
worldwide for CEN national Members.

Contents Page
European foreword . 3
Introduction . 4
1 Scope . 5
2 Normative references . 5
3 Terms and definitions . 5
4 Symbols and abbreviated terms . 8
5 General Guidance . 9
5.1 General. 9
5.2 Background context . 9
5.3 Roles and responsibilities . 10
5.3.1 General. 10
5.3.2 Roles and responsibilities of the stakeholders . 11
5.3.3 Change of responsibilities at the CTP . 11
5.4 Custody transfer within the dCoC process . 12
5.4.1 General. 12
5.4.2 The Mission Command Team viewpoint . 12
5.4.3 The custody transfer schema. 13
5.4.4 The metadata components . 14
5.5 Digital custody metadata . 14
5.6 Token-based authentication . 15
6 Context of the Custody Transfer Lifecycle . 16
6.1 General. 16
6.2 The custody transfer lifecycle . 16
6.3 Stakeholders and custody transfer points within the dCoC . 18
6.3.1 General. 18
6.3.2 Mission Command Team . 18
6.3.3 Reconnaissance Team . 19
6.3.4 Sampling Team . 19
6.3.5 Carrier Team . 20
6.3.6 Laboratory Team . 21
6.3.7 External System . 22
6.4 Traceability in Digital Chain of Custody . 22
6.5 The metamodel of the CTP dendrogram . 24
Annex A (informative) Macro representation of the dCoC process . 27
Annex B (informative) Dendrogram with multiple custody transfer nodes . 29
Bibliography . 31
European foreword
This document (CEN/TS 18053-1:2024) has been prepared by Technical Committee CEN/TC 391
“Societal and citizen security”, the secretariat of which is held by AFNOR.
Any feedback and questions on this document should be directed to the users’ national standards body.
A complete listing of these bodies can be found on the CEN website.
According to the CEN/CENELEC Internal Regulations, the national standards organisations of the
following countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and the
United Kingdom.
Introduction
In situations involving chemical, biological, radiological, nuclear, and explosive (CBRNE) incidents caused
by natural or accidental events or deliberate actions like terrorism or warfare, it can be crucial to
accurately identify CBRNE agents by collecting and transporting samples to a laboratory. A digital chain
of custody system might contribute to ensuring the traceability and security of CBRNE evidence items
throughout the process. This process involves various stakeholders, emphasizing the significance of
maintaining the integrity of the chain of custody and documenting all actions, particularly at Custody
Transfer Points (CTPs), for easy auditing of the involved stakeholders.
In any digital Chain of Custody (dCoC) process, it is essential to identify stakeholders with specific roles
or participation in the dCoC process. These stakeholders may include the Mission Commander Team, the
Reconnaissance Team, the Sampling Team, the Carrier Team, and the Laboratory Team. The data
governance workflow aims to offer guidance on executing a secure digital transfer and identifying the
stakeholders involved as contributors to the evidentiary materials at each stage of the process. The
guidelines emphasize the importance of incorporating digital custody metadata (DCM) into the dCoC
process to ensure the integrity and non-repudiation of digital evidence items and to trace the custodian.
By including DCM, the dCoC process can provide comprehensive and accurate documentation of all steps
involved in the custody, control, transfer, and auditing of the digital evidence items, thereby increasing
transparency and accountability.
This document addresses services and final outputs concerning dCoC for CBRNE evidence items. The
concepts and terminology presented in this document are utilized by the definitions in ISO 22095 Chain
of Custody – General terminology and models. Additional definitions of concepts relevant to the CTP data
governance process specification and custody transfer of metadata structures considered by the digital
evidence log are also provided. Many of the terms and definitions listed here are also mentioned in the
EN 17173 European CBRNE glossary; although not mandatory, reading these two standards is suggested
to get familiarised with the terms and definitions listed for the chain of custody in the area of CBRNE.
The guidelines can be applied to other supply chains (e.g. food chains, retail logistics, etc.). The dCoC for
CBRNE digital evidence items represents a paradigmatic context to address data governance
considerations for evidentiary purposes in a highly demanding framework.
This document is intended to be used with Part 2 in order to ensure the implementation of the custody
transfer data governance process. Part 2 provides the technical details regarding the implementation of
the data structure for the DCM in each CTP in the dCoC.
NOTE 1 It is important to emphasize that across the European Union, there are several regulatory and legislative
procedures to handle the chain of custody for CBRNE incidents, so it is essential to take these considerations into
account. The use of the guidelines can vary based on the digital evidence procedures adopted in each member state
of the European Union.
NOTE 2 If the digital log for each custody transfer (i.e. who owns the custody at each transfer point) is not
preserved, the evidence submitted in the court might be challenged and ruled inadmissible.
1 Scope
This document provides an overview of the concept of Custody Transfer Point (CTP) within the digital
Chain of Custody (dCoC) process, including the identification and audit of the custody ownership and
metadata governance to ensure the integrity of the data at each CTP. The document also provides:
• Definitions of the concepts within the dCoC process related to the digital evidence log for each
custody transfer (i.e. who owns the custody at each transfer point);
• General guidelines for the data governance process within the CTP lifecycle, including identification
of the role of the stakeholders;
• Digital metadata management policies and compliance with good practices for non-repudiation of
the reported data regarding the ownership of digital evidence items within the custody transfer
lifecycle.
This is part one of two documents for the provision of Digital Custody Metadata (DCM) for managing data
related to the custody of digital evidence items. Part 2 complements this document by providing detailed
guidance on the steps in the data governance process within each CTP lifecycle.
The document aims to provide guidance to both technical and non-technical personnel, including
individuals accountable for compliance with statutory and regulatory requirements and industry
standards. It is designed to be helpful for a broad range of professionals, regardless of their technical
expertise, ensuring that all stakeholders involved in implementing the document's recommendations can
understand and follow them effectively.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— IEC Electropedia: available at https://www.electropedia.org/
— ISO Online browsing platform: available at https://www.iso.org/obp
3.1
audit
process for obtaining relevant information about an object of conformity assessment and evaluating it
objectively to determine the extent to which specified requirements are fulfilled
[SOURCE: ISO 22095:2020, 3.5.6]
...