Security requirements address both hardware and software aspects.
This document addresses the security requirements for:
— the transfer of TARV data from an IVS to an application service provider across a wireless communications interface,
— the receipt of instructions from an application service provider to a TARV IVS,
— the communications aspects of handling of software updates for the IVS over wireless communications.
This document defines the requirements for telematics applications for regulated commercial vehicles for:
a) threat, vulnerability and risk analysis,
b) security services and architecture,
c) identity management,
d) security architecture and management,
e) identity-trust and privacy management,
f) security-access control,
g) security-confidentiality services.
This document provides:
— general specifications for the security of TARV,
— specifications for the security of TARV transactions and data within an ITS-station "bounded secure managed domain" (BSMD),
— specifications for the security of TARV transactions and data transacted with a predetermined address outside of a BSMD.
IVS security requirements are dealt with by the prime service provider and application service provider (See ISO 15638-1).
Application service provision security is dealt with by the application service provider (and could be the subject of a separate TARV standards deliverable).