Security requirements address both hardware and software aspects.
This document addresses the security requirements for:
— the transfer of TARV data from an IVS to an application service provider across a wireless communications interface;
— the receipt of instructions from an application service provider to a TARV IVS;
— the communications aspects of handling of software updates for the IVS over wireless communications.
This document defines the requirements for telematics applications for regulated commercial vehicles for:
a) threat, vulnerability and risk analysis;
b) security services and architecture;
c) identity management;
d) security architecture and management;
e) identity-trust and privacy management;
f) security-access control;
g) security-confidentiality services.
This document provides:
— general specifications for the security of TARV;
— specifications for the security of TARV transactions and data within an ITS-station "bounded secure managed domain" (BSMD);
— specifications for the security of TARV transactions and data transacted with a predetermined address outside of a BSMD.
IVS security requirements are dealt with by the prime service provider and application service provider (See ISO 15638-1).
Application service provision security is dealt with by the application service provider (and could be the subject of a separate TARV standards deliverable).