US: GTFS real-time - Secure Wireless Internet (ITS)
Description:
This solution is used within Canada and the U.S.. It combines standards associated with US: GTFS real-time with those for I-M: Secure Wireless Internet (ITS). The US: GTFS real-time standards include upper-layer standards required to implement real-time, public, transit-related communications. The I-M: Secure Wireless Internet (ITS) standards include lower-layer standards that support secure communications between two entities, either or both of which may be mobile devices, but they must be stationary or only moving within wireless range of a single wireless access point (e.g., a parked car). Security is based on X.509 or IEEE 1609.2 certificates. A non-mobile (if any) endpoint may connect to the service provider using any Internet connection method.Relevant Regions:
- Canada
- United States
Comm Profile: I-M: Secure Wireless Internet (ITS)
Comm Class: WAN - Wide Area Network
Standards in Profile:
| Level | Standard |
|---|---|
| Access | Wireless Internet Alternatives (NA) |
| Mgmt | Bundle: SNMPv3 MIB |
| Security | Secure Session Alternatives |
| TransNet | Internet Transport Alternatives |
| TransNet | IP Alternatives |
Data Profile: US: GTFS real-time
Standards in Profile:
| Level | Standard |
|---|---|
| Facilities | IETF RFC 4180 CSV Files |
| Facilities | IETF RFC 7159 JSON |
| Facilities | IETF RFC 9110 HTTP Semantics |
| Facilities | IETF RFC 9112 HTTP/1.1 |
| Facilities | ISO 21320-1 ZIP |
| ITS Application Entity | General Transit Feed Specification - Realtime |
Solution Issues Severity: 10
The severity issue score calculation only includes issues associated with standards that are included by default.
Solution Issues:
| Default | Severity | Name | Type | Description |
|---|---|---|---|---|
| False | Low | Overlap of standards (Minor) | Overlap | Multiple standards have been developed to address this information and it is unclear which standard should be used to address this specific information flow. However, as this information transfer is infrastructure-based, agencies can deploy a solution throughout their jurisdiction with minimal downside and can use gateways to connect to other technologies. |
| False | Low | Time synchronization | Performance / Applicability Gap | The standard requires a highly accurate time shared between participants. |
| False | Medium | Overlap of standards | Overlap | Multiple standards have been developed to address this information and it is unclear which standard should be used to address this specific information flow. |
| False | Medium | Uncertainty about trust revocation mechanism | Security Gap | The mechanisms used to prevent bad actors from sending authorized messages is unproven. |
| False | Medium | Unvetted by community | Standardization Gap | The proposed solution uses a suite of standards that is accepted within some communities, but has not necessarily been accepted for use within the context of this information triple. |
| False | High | Regulatory Issue | Standardization Gap | Deployment of this standard is subject to regulatory approval, which is not currently expected to be granted for deployments in the near-term. |
| True | Low | Not a standard (minor) | Standardization Gap | The document is publicly available and widely used but it is not currently a formal standard. |
| True | Medium | Outdated security reference | Security Gap | The standard solution includes an outdated security reference. |
| True | Medium | Performance not fully defined (medium) | ITS Info Gap | The performance rules are not fully defined for this information flow. |
| True | Medium | Secure data access not provided | Security Gap | The solution does not define rules on how the application entity authenticates requests to accept or provide data. |
Solution to Triples
| Source | Flow | Destination |
|---|---|---|
| Transit Vehicle OBE | transit vehicle location data | Transit Management Center |
| Transit Vehicle OBE | transit vehicle schedule performance | Transit Management Center |