Device Class 2 Areas

Detailed controls for Class 2 ITSRE, CVRSE and Vehicle OBE

Device Class 2:

• Confidentiality: Moderate
• Integrity: Moderate
• Availability: Moderate

Devices of this class must meet controls from NIST 800-53 and ISO/IEC 15408 in the following areas:

• Access Control
• Audit and Accountability
• Configuration Management
• Contingency Planning
• Identification and Authentication
• Incident Response
• Media Protection
• Physical and Environmental Protection
• Privacy
• Risk Assessment
• System and Communications Protection
• System and Information Integrity
• System and Services Acquisition

In addition, organizations that develop, operate or maintain devices of this class must meet controls from NIST 800-53 and ISO/IEC 15408 the areas above and the following additional areas:

• Awareness and Training
• Maintenance
• Personnel Security
• Planning
• Security Assessment and Authorization

Compared To Class 1 devices, devices Of this Class will have additional requirements In the areas of:

• Access Control
• Media Protection
• Physical and Environmental Protection
• System and Communications Protection

For example, an Emergency Vehicle OBE requesting signal pre-emption using an aftermarket device (i.e., not C-ITS or connected vehicle technology) such as in PS03.2.