iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST EN 18031-3:2024

(Main)

Common security requirements for radio equipment - Part 3: Internet connected radio equipment processing virtual money or monetary value

Common security requirements for radio equipment - Part 3: Internet connected radio equipment processing virtual money or monetary value

Common security requirements for internet connected radio equipment that equipment enables the holder or user to transfer money, monetary value or virtual currency. This document provides technical specifications for radio equipment processing virtual money or monetary value, which apply to electrical or electronic products that are capable to communicate over the internet, regardless of whether these products communicate directly or via any other equipment.

Gemeinsame Sicherheitsanforderungen für mit dem Internet verbundene Funkanlagen, die für die Datenverarbeitung im Zusammenhang mit virtuellen Währungen oder monetären Werten eingesetzt werden

The harmonised standard includes test methods or equivalent approaches and conditions to verify compliance of the radio equipment with the essential requirement set out in Article 3(3), point (f) of Directive 2014/53/EU for the categories and classes specified by Article 1(3) of Delegated Regulation (EU) 2022/.

Exigences de sécurité communes applicables aux équipements radioélectriques connectés à l’internet qui traitent une monnaie virtuelle ou de la valeur monétaire

Exigences de sécurité communes applicables aux équipements radioélectriques connectés à l'internet qui permettent au détenteur ou à l'utilisateur de transférer de l'argent, une valeur monétaire ou une monnaie virtuelle. Le présent document fournit des spécifications techniques pour les équipements radioélectriques qui traitent une monnaie virtuelle ou de la valeur monétaire, qui s'appliquent aux produits électriques ou électroniques capables de communiquer via l'internet, que ces produits communiquent directement ou par l'intermédiaire d'un autre équipement.

Skupne varnostne zahteve za radijsko opremo - 3. del: Z internetom povezana radijska oprema, ki obdeluje virtualni denar ali denarno vrednost

Skupne varnostne zahteve za z internetom povezano radijsko opremo, na podlagi katerih oprema omogoča imetniku ali uporabniku prenos oziroma nakazilo denarja, denarne vrednosti ali virtualnih valut. Ta dokument določa tehnične specifikacije za radijsko opremo, ki obdeluje virtualni denar ali denarno vrednost, ki se uporabljajo za električne ali elektronske izdelke z zmožnostjo komunikacije prek interneta, ne glede na to, ali takšna komunikacija poteka neposredno ali prek druge opreme.

General Information

Status
Published
Public Enquiry End Date
12-Nov-2023
Publication Date
15-Sep-2024
ICS
33.060.01 - Radiocommunications in general
33.060.20 - Receiving and transmitting equipment
35.030 - IT Security
35.240.40 - IT applications in banking
Technical Committee
ITC - Information technology
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
21-Aug-2024
Due Date
26-Oct-2024
Completion Date
16-Sep-2024
Directive
2014/53/EU - Directive 2014/53/EU of The European Parliament and of the Council of 16 April 2014 on the harmonisation of the laws of the Member States relating to the making available on the market of radio equipment and repealing Directive 1999/5/EC
Mandate
M/585 - standardisation request to the European Telecommunications Standards Institute as regards radio equipment in support of Directive 2014/53/EU of the European Parliament and of the Council in conjunction with Commission Delegated Regulation
Ref Project
EN 18031-3:2024 - Common security requirements for radio equipment - Part 3: Internet connected radio equipment processing virtual money or monetary value

Buy Standard

EN 18031-3:2024 - BARVEEN 18031-3:2024 - BARVE
PreviousNext
Standard
EN 18031-3:2024 - BARVE
English language
185 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-oktober-2024
Skupne varnostne zahteve za radijsko opremo - 3. del: Z internetom povezana
radijska oprema, ki obdeluje virtualni denar ali denarno vrednost
Common security requirements for radio equipment - Part 3: Internet connected radio
equipment processing virtual money or monetary value
Gemeinsame Sicherheitsanforderungen für mit dem Internet verbundene Funkanlagen,
die für die Datenverarbeitung im Zusammenhang mit virtuellen Währungen oder
monetären Werten eingesetzt werden
Exigences de sécurité communes applicables aux équipements radioélectriques
connectés à linternet qui traitent une monnaie virtuelle ou de la valeur monétaire
Ta slovenski standard je istoveten z: EN 18031-3:2024
ICS:
33.060.01 Radijske komunikacije na Radiocommunications in
splošno general
35.030 Informacijska varnost IT Security
35.240.40 Uporabniške rešitve IT v IT applications in banking
bančništvu
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD EN 18031-3

NORME EUROPÉENNE
EUROPÄISCHE NORM
August 2024
ICS 33.060.20
English version
Common security requirements for radio equipment - Part
3: Internet connected radio equipment processing virtual
money or monetary value
Exigences de sécurité communes applicables aux Gemeinsame Sicherheitsanforderungen für mit dem
équipements radioélectriques - Partie 3 : Équipements Internet verbundene Funkanlagen, die für die
radioélectriques connectés à l'internet qui traitent une Datenverarbeitung im Zusammenhang mit virtuellen
monnaie virtuelle ou de la valeur monétaire Währungen oder monetären Werten eingesetzt
werden
This European Standard was approved by CEN on 1 August 2024.

CEN and CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for
giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical
references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to
any CEN and CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN and CENELEC member into its own language and notified to the CEN-CENELEC
Management Centre has the same status as the official versions.

CEN and CENELEC members are the national standards bodies and national electrotechnical committees of Austria, Belgium,
Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia,
Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and United Kingdom.

CEN-CENELEC Management Centre:
Rue de la Science 23, B-1040 Brussels
© 2024 CEN/CENELEC All rights of exploitation in any form and by any means
Ref. No. EN 18031-3:2024 E
reserved worldwide for CEN national Members and for
CENELEC Members.
Contents Page
European foreword . 5
Introduction . 6
1 Scope . 7
2 Normative references . 7
3 Terms and definitions . 7
4 Abbreviations . 12
5 Application of this document. 13
6 Requirements . 16
6.1 [ACM] Access control mechanism . 16
6.1.1 [ACM-1] Applicability of access control mechanisms . 16
6.1.2 [ACM-2] Appropriate access control mechanisms . 21
6.2 [AUM] Authentication mechanism . 25
6.2.1 [AUM-1] Applicability of authentication mechanisms . 25
6.2.2 [AUM-2] Appropriate authentication mechanisms . 36
6.2.3 [AUM-3] Authenticator validation . 42
6.2.4 [AUM-4] Changing authenticators. 46
6.2.5 [AUM-5] Password strength . 49
6.2.6 [AUM-6] Brute force protection . 57
6.3 [SUM] Secure update mechanism . 61
6.3.1 [SUM-1] Applicability of update mechanisms. 61
6.3.2 [SUM-2] Secure updates . 64
6.3.3 [SUM-3] Automated updates . 68
6.4 [SSM] Secure storage mechanism . 72
6.4.1 [SSM-1] Applicability of secure storage mechanisms . 72
6.4.2 [SSM-2] Appropriate integrity protection for secure storage mechanisms . 76
6.4.3 [SSM-3] Appropriate confidentiality protection for secure storage mechanisms . 81
6.5 [SCM] Secure communication mechanism . 86
6.5.1 [SCM-1] Applicability of secure communication mechanisms . 86
6.5.2 [SCM-2] Appropriate integrity and authenticity protection for secure communication
mechanisms . 91
6.5.3 [SCM-3] Appropriate confidentiality protection for secure communication
mechanisms . 97
6.5.4 [SCM-4] Appropriate replay protection for secure communication mechanisms . 102
6.6 [LGM] Logging Mechanism . 107
6.6.1 [LGM-1] Applicability of logging mechanisms . 107
6.6.2 [LGM-2] Persistent storage of log data . 110
6.6.3 [LGM-3] Minimum number of persistently stored events . 113
6.6.4 [LGM-4] Time-related information of persistently stored dog data. 116
6.7 [CCK] Confidential cryptographic keys . 119
6.7.1 [CCK-1] Appropriate CCKs . 119
6.7.2 [CCK-2] CCK generation mechanisms . 123
6.7.3 [CCK-3] Preventing static default values for preinstalled CCKs . 127
6.8 [GEC] General equipment capabilities . 131
6.8.1 [GEC-1] Up-to-date software and hardware with no publicly known exploitable
vulnerabilities . 131
6.8.2 [GEC-2] Limit exposure of services via related network interfaces . 135
6.8.3 [GEC-3] Configuration of optional services and the related exposed network
interfaces . 139
6.8.4 [GEC-4] Documentation of exposed network interfaces and exposed services via
network interfaces . 143
6.8.5 [GEC-5] No unnecessary external interfaces . 146
6.8.6 [GEC-6] Input validation . 148
6.8.7 [GEC-7] . 153
6.8.8 [GEC-8] Equipment Integrity . 153
6.9 [CRY] Cryptography . 157
6.9.1 [CRY-1] Best practice cryptography . 157
Annex A (informative) Rationale . 162
A.1 General . 162
A.2 Rationale . 162
A.2.1 Family of standards . 162
A.2.2 Security by design . 162
A.2.3 Threat modelling and security risk assessment . 163
A.2.4 Functional sufficiency assessment . 164
A.2.5 Implementation categories . 164
A.2.6 Assets . 165
A.2.7 Mechanisms . 167
A.2.8 Assessment criteria . 167
A.2.8.1 Decision trees . 167
A.2.8.2 Technical documentation . 168
A.2.8.3 Security testing . 169
A.2.9 Interfaces . 169
A.2.9.1 Example: Laptop with a built-in keyboard . 170
A.2.9.2 Example: Equipment with a USB-keyboard . 170
A.2.9.3 Example: User interface over a network . 171
A.2.9.4 Example: USB-printer. 171
A.2.9.5 Example: Network printer . 172
Annex B (informative)  Mapping with EN IEC 62443-4-2:2019 . 173
B.1 General . 173
B.2 Mapping . 173
Annex C (informative)  Mapping with ETSI EN 303 645 (Cyber Security for Consumer Internet
of Things: Baseline Requirements) . 176
C.1 General . 176
C.2 Mapping . 176
Annex D (informative) Mapping with Se
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST EN 12299:2024(Main)
Railway applications - Ride comfort for passengers - Measurement and evaluation
EN 12299:2024

The purpose of this document is to provide methods for quantifying the ride comfort of a passenger in a rail vehicle in response to the track sections it is operated over.
The methods aim to quantify the effects of vehicle body motions on ride comfort and to make the assessment of passenger comfort predictable, repeatable, objective and meaningful.
The methods and comfort scales are validated for people of good health.
This document applies to passengers in rail vehicles operating on heavy rail networks.
This document may also be used as a guide for example on urban rail systems, but their operational routes/environments may make it difficult to comply with the requirements of the test methods.
This document applies to measurements of motions. It also applies to simulated motions. Guidance is provided on:
- which method described within the document should be used for different scenarios;
- typical values for different comfort levels;
- the application of simulation.
This document excludes health and safety issues, non-passenger carrying vehicles, vehicle homologation and safety, limit values, motion sickness, discomfort caused by accelerating and braking, design guidelines and measurement technology.

  • Standard
    83 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 17966:2024(Main)
Fire protection equipment - Carbon dioxide extinguishing systems for use on premises - Design and installation (ISO 6183:2022, modified)
EN 17966:2024

This document specifies requirements and gives recommendations for the design, installation, testing, maintenance and safety of fixed carbon dioxide firefighting systems in buildings, plants or other structures. It is not applicable to extinguishing systems on ships, in aircraft, on vehicles or on mobile fire appliances, or to below ground systems in the mining industry; nor does it apply to carbon dioxide pre-inerting systems.
Design of systems where unclosable opening(s) exceed a specified area and where the opening(s) can be subject to the effect of wind is not specified, although general guidance on the procedure to be followed in such cases is given (see 7.4.3.2).

  • Standard
    77 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 17836:2024(Main)
Fertilizers - Description of the forms of the physical unit
EN 17836:2024

This document specifies the description of the physical unit in organic, organo-mineral and inorganic fertilizers.

  • Standard
    11 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 17936:2024(Main)
Railway applications - Acoustics - Measurement of source terms for environmental noise calculations
EN 17936:2024

The standard addresses the measurement of source terms for environmental noise calculation for rail traffic (including light rail). It is applicable to the measurement of in-service trains on operational tracks.
It is not applicable to type acceptance testing of rolling-stock or tracks.
The following rail traffic noise sources are in the scope:
- Rolling noise ;
- Traction noise ;
- Aerodynamic noise ;
- Impact noise (e.g. rail joints, switch & crossings, wheel flats) ;
- Bridge noise ;
- Squeal noise.
Noise from rail vehicles at standstill is included e.g.: engine idling and auxiliary equipment.
Noise from fixed installations (e.g.: stations, depots, electricity sub-stations) are not in the scope of this standard. Each source shall individually be characterized in terms of its frequency spectrum (up to one-third octave band details), source height and directivity. Rolling noise will then be described in terms of its generating wheel and rail roughness along with the vehicle and track transfer functions. Source terms will be specific to a vehicle and track type. The scope includes measurement procedures and conditions and sampling requirements.

  • Standard
    66 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 10253:2024(Main)
Water quality - Marine algal growth inhibition test with Skeletonema sp. and Phaeodactylum tricornutum (ISO 10253:2024)
EN ISO 10253:2024

ISO 10253:2016 specifies a method for the determination of the inhibition of growth of the unicellular marine algae Skeletonema sp. and Phaeodactylum tricornutum by substances and mixtures contained in sea water or by environmental water samples (effluents, elutriates, etc.).
The method can be used for testing substances that are readily soluble in water and are not significantly degraded or eliminated in any other way from the test medium.

  • Standard
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 62271-211:2024(Main)
High-voltage switchgear and controlgear - Part 211: Direct connection between power transformers and gas-insulated metal-enclosed switchgear for rated voltages above 52 kV (IEC 62271-211:2024)
EN IEC 62271-211:2024

IEC 62271-211:2024 is applicable to single- and three-phase direct connections between gas-insulated metal-enclosed switchgear (GIS) for rated voltages above 52 kV and transformer arrangements to establish electrical and mechanical interchange ability and to determine the limits of supply for the transformer connection. This second edition cancels and replaces the first edition of IEC 62271-211:2014. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) re-numbering of clauses according to IEC 62271-1:2017,
b) Clause 3: updating definition about bushing (3.1), updating some pressure definitions (3.6, 3.7, 3.8, 3.9), rewording definition about proctor density (3.11), new term very-fast-front overvoltage (3.12),
c) Clause 5 (former clause 4): add a subclause 5.1 General, according to IEC 62271-1:2017 and IEC 62271-203:2022,
1) subclause 5.5: new first paragraph, rewording second paragraph,
2) subclause 5.8: modify the term "Rated duration of thermal short-time current" of the bushing,
d) Clause 6 (former Clause 5): restructure and rewording of subclauses:
1) 6.1 (former 5.3): requirements about gas and vacuum tightness of the transformer bushing
2) 6.3 (former 5.2): harmonization with IEC 62271-203:2022 about typical maximum pressure in service for SF6, other gases and gas mixtures,
3) 6.4 (former 5.8), rewording
4) 6.5 (former 5.1), some rewording and modification
5) 6.6 (former 5.4), some rewording, updated references
6) 6.7 (former 5.5), some rewording
7) 6.8 (former 5.6), some rewording
8) 6.9 (former 5.7), slight rewording,
e) Clause 7 (former clause 6) type tests: some rewording and clarifications about references,
f) Clause 8 (former clause 7) routine tests:
1) 8.2 (former 7.2): add a paragraph about SF6-mixtures and other gases than SF6,
2) 8.3 (former 7.3): update reference to relevant on-site test according to IEC 62271‑203:2022,
g) Clause 9 Guide to the selection of switchgear and controlgear (new): informative, to have a reference to IEC 62271-203:2022,
h) Clause 11 (former 10): updated headline and updated reference according to IEC 62271‑1:2017,
i) new Clauses 12 Safety and 13 Environmental aspects: Adding of references to safety and environmental aspects,
j) correction of errors in Corrigendum 2 of IEC 62271-211:2017,
k) modified orientation of Figure 1 to Figure 4 for easier reading of the tables.

  • Standard
    28 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 4165-024:2024(Main)
Aerospace series - Connectors, electrical, rectangular, modular - Operating temperature 175 °C continuous - Part 024: Single module plug - Product standard
EN 4165-024:2024

This document specifies the single module plug used in the family of rectangular electrical connectors, operating temperature 175 °C continuous. The receptacle and accessories corresponding to this plug are specified in EN 4165 002. The cavity of this connector is uncoded, so it can accept polarized modules N, A, B, C and D as specified in EN 4165-002.

  • Standard
    9 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 19103:2024(Main)
Geographic information - Conceptual schema language (ISO 19103:2024)
EN ISO 19103:2024

ISO 19103:2015 provides rules and guidelines for the use of a conceptual schema language within the context of geographic information. The chosen conceptual schema language is the Unified Modeling Language (UML).
ISO 19103.2015 provides a profile of the Unified Modelling Language (UML).
The standardization target type of this standard is UML schemas describing geographic information.

  • Standard
    98 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 17932:2024(Main)
Natural gas vehicles - Requirements for liquefied natural gas vehicle (LNGV) workshops and the management of liquefied natural gas (LNG) vehicles
EN 17932:2024

This document provides requirements for operation of vehicles that use liquefied natural gas (LNG) as a fuel for propulsion, covering various aspects of LNGV workshops including activities, risk management, planning, personnel, layout, systems and operations. It provides requirements regarding the management of LNGV including use, parking, fuelling for commissioning, inspection, installation, repair and maintenance, disposal, transportation and documentation.
This document is applicable to the management of LNG vehicles.

  • Standard
    30 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 14585:2024(Main)
Corrugated metal hose assemblies for pressure applications
EN 14585:2024

This European standard specifies the requirements for design, manufacture and installation of corrugated metal hose assemblies for pressure applications, i.e. maximum allowable pressure PS greater than 0,5 bar.

  • Standard
    87 pages
    English language
    sale 10% off
    e-Library read for
    1 day