TUF - Secure Internet (ITS)
Description:
This solution is used within Australia, Canada, the E.U. and the U.S.. It combines standards associated with TUF with those for I-I: Secure Internet (ITS). The TUF standards include upper-layer standards required to install and update application software. The I-I: Secure Internet (ITS) standards include lower-layer standards that support secure communications between ITS equipment using X.509 or IEEE 1609.2 security certificates.Relevant Regions:
- Australia
- Canada
- European Union
- United States
Comm Profile: I-I: Secure Internet (ITS)
Comm Class: WAN - Wide Area Network
Standards in Profile:
| Level | Standard |
|---|---|
| Access | Internet Subnet Alternatives |
| Mgmt | Bundle: SNMPv3 MIB |
| Security | Secure Session Alternatives |
| TransNet | Internet Transport Alternatives |
| TransNet | IP Alternatives |
Data Profile: TUF
Standards in Profile:
| Level | Standard |
|---|---|
| Facilities | The Update Framework |
| ITS Application Entity | Not Needed |
| Security | The Update Framework |
Solution Issues Severity: 15
The severity issue score calculation only includes issues associated with standards that are included by default.
Solution Issues:
| Default | Severity | Name | Type | Description |
|---|---|---|---|---|
| False | Medium | Uncertainty about trust revocation mechanism | Security Gap | The mechanisms used to prevent bad actors from sending authorized messages is unproven. |
| False | Medium | Unvetted by community | Standardization Gap | The proposed solution uses a suite of standards that is accepted within some communities, but has not necessarily been accepted for use within the context of this information triple. |
| True | Low | Not a standard (minor) | Standardization Gap | The document is publicly available and widely used but it is not currently a formal standard. |
| True | Medium | Outdated security reference | Security Gap | The standard solution includes an outdated security reference. |
| True | Medium | Unvetted by community | Standardization Gap | The proposed solution uses a suite of standards that is accepted within some communities, but has not necessarily been accepted for use within the context of this information triple. |
| True | High | Draft not available (Critical) | Standardization Gap | The standards development organization has established a work item for the subject standard but a draft is not available for this critical feature to enable the interface. The draft may be missing due to the work item being new or simply a lack of activity on the work item. |
Solution to Triples
| Source | Flow | Destination |
|---|---|---|
| Center | RSE application install/upgrade | Connected Vehicle Roadside Equipment |
| Center | field equipment software install/upgrade | Field |