US: NTCIP Generic Device - SNMPv3/TLS
Description:
This solution is used within Canada and the U.S.. It combines standards associated with US: NTCIP Generic Device with those for I-F: SNMPv3/TLS. The US: NTCIP Generic Device standards include upper-layer standards required to implement center-to-field communications for any device functionality. The I-F: SNMPv3/TLS standards include lower-layer standards that support secure center-to-field and field-to-field communications using simple network management protocol (SNMPv3); implementations are strongly encouraged to use the TLS for SNMP security option for this solution to ensure adequate security.Relevant Regions:
- Canada
- United States
Comm Profile: I-F: SNMPv3/TLS
Comm Class: MAN - Metropolitan Area Network
Standards in Profile:
| Level | Standard |
|---|---|
| Access | Field SubNet Alternatives |
| Facilities | Bundle: ISO 15784-2 |
| Mgmt | Bundle: SNMPv3 MIB |
| Security | IETF RFC 6353 TLS for SNMP |
| Security | IETF RFC 9456 TLS Updates for SNMP |
| TransNet | Internet Transport Alternatives |
| TransNet | IP Alternatives |
Data Profile: US: NTCIP Generic Device
Standards in Profile:
| Level | Standard |
|---|---|
| Facilities | NTCIP Field Device Alternatives |
| ITS Application Entity | NTCIP Field Device Alternatives |
| Mgmt | NTCIP 1201 Global Objects |
Solution Issues Severity: 5
The severity issue score calculation only includes issues associated with standards that are included by default.
Solution Issues:
| Default | Severity | Name | Type | Description |
|---|---|---|---|---|
| True | Low | Update data to SNMPv3 | Standardization Gap | Data has been defined for SNMPv1, but needs to be updated to SNMPv3 format. |
| True | Low | Use TLS for SNMP Option | Security Gap | The standard allows for multiple security mechanisms. The only defined mechanism that meets the requirements for C-ITS is the one based on TLS. |
| True | Medium | Out of date (medium) | Standardization Gap | The standard includes normative references to other standards that have been subject to significant changes that can impact interoperability or security of systems and the industry has not specified if and how these updates should be implemented for deployments of this standard. |