Security requirements address both hardware and software aspects.

This document addresses the security requirements for:

— the transfer of TARV data from an IVS to an application service provider across a wireless communications interface;

— the receipt of instructions from an application service provider to a TARV IVS;

— the communications aspects of handling of software updates for the IVS over wireless communications.

This document defines the requirements for telematics applications for regulated commercial vehicles for:

a) threat, vulnerability and risk analysis;

b) security services and architecture;

c) identity management;

d) security architecture and management;

e) identity-trust and privacy management;

f) security-access control;

g) security-confidentiality services.

This document provides:

— general specifications for the security of TARV;

— specifications for the security of TARV transactions and data within an ITS-station "bounded secure managed domain" (BSMD);

— specifications for the security of TARV transactions and data transacted with a predetermined address outside of a BSMD.

IVS security requirements are dealt with by the prime service provider and application service provider (See ISO 15638-1).

Application service provision security is dealt with by the application service provider (and could be the subject of a separate TARV standards deliverable).