ISO/TS 15638-4:2020

Security requirements address both hardware and software aspects. This document addresses the security requirements for: — the transfer of TARV data from an IVS to an application service provider across a wireless communications interface; — the receipt of instructions from an application service provider to a TARV IVS; — the communications aspects of handling of software updates for the IVS over wireless communications. This document defines the requirements for telematics applications for regulated commercial vehicles for: a) threat, vulnerability and risk analysis; b) security services and architecture; c) identity management; d) security architecture and management; e) identity-trust and privacy management; f) security-access control; g) security-confidentiality services. This document provides: — general specifications for the security of TARV; — specifications for the security of TARV transactions and data within an ITS-station "bounded secure managed domain" (BSMD); — specifications for the security of TARV transactions and data transacted with a predetermined address outside of a BSMD. IVS security requirements are dealt with by the prime service provider and application service provider (See ISO 15638-1). Application service provision security is dealt with by the application service provider (and could be the subject of a separate TARV standards deliverable).