M/598 - ANPR

This document specifies:
—    the interfaces between electronic fee collection (EFC) back-office systems for vehicle-related transport services, e.g. road user charging, parking and access control;
—    an exchange of information between the back-office system of the two roles of service provision and toll charging, e.g.:
—   charging-related data (toll declarations, billing details, payment claims, payment announcements),
—   administrative data (trust objects, EFC context data, etc.), and
—   confirmation data;
—    transfer mechanisms and supporting functions;
—    information objects, data syntax and semantics.
This document is applicable for any vehicle-related toll service and any technology used for charging.
The data types and associated coding related to the data elements described in Clause 6 are specified in Annex A, using the abstract syntax notation one (ASN.1) according to ISO/IEC 8824-1.
This document specifies basic protocol mechanisms over which implementations can specify and perform complex transfers (transactions).
This document does not specify, amongst others:
—    any communication between TC or TSP with any other involved party;
—    any communication between elements of the TC and the TSP that is not part of the back-office communication;
—    interfaces for EFC systems for public transport;
—    any complex transfers (transactions), i.e. sequences of inter-related ADUs that can possibly involve several APDU exchanges;
—    processes regarding payments and exchanges of fiscal, commercial or legal accounting documents;
—    definitions of service communication channels, protocols and service primitives to transfer the APDU.

This document specifies:
—    the interfaces between electronic fee collection (EFC) back-office systems for vehicle-related transport services, e.g. road user charging, parking and access control;
—    an exchange of information between the back-office system of the two roles of service provision and toll charging, e.g.:
—   charging-related data (toll declarations, billing details, payment claims, payment announcements),
—   administrative data (trust objects, EFC context data, etc.), and
—   confirmation data;
—    transfer mechanisms and supporting functions;
—    information objects, data syntax and semantics.
This document is applicable for any vehicle-related toll service and any technology used for charging.
The data types and associated coding related to the data elements described in Clause 6 are specified in Annex A, using the abstract syntax notation one (ASN.1) according to ISO/IEC 8824-1.
This document specifies basic protocol mechanisms over which implementations can specify and perform complex transfers (transactions).
This document does not specify, amongst others:
—    any communication between TC or TSP with any other involved party;
—    any communication between elements of the TC and the TSP that is not part of the back-office communication;
—    interfaces for EFC systems for public transport;
—    any complex transfers (transactions), i.e. sequences of inter-related ADUs that can possibly involve several APDU exchanges;
—    processes regarding payments and exchanges of fiscal, commercial or legal accounting documents;
—    definitions of service communication channels, protocols and service primitives to transfer the APDU.

ISO/TS 17574:2017 provides guidelines for preparation and evaluation of security requirements specifications, referred to as Protection Profiles (PP) in ISO/IEC 15408 (all parts) and in ISO/IEC TR 15446.
By Protection Profile (PP), it means a set of security requirements for a category of products or systems that meet specific needs. A typical example would be a PP for On-Board Equipment (OBE) to be used in an EFC system. However, the guidelines in this document are superseded if a Protection Profile already exists for the subsystem in consideration.

ISO/TS 17574:2017 provides guidelines for preparation and evaluation of security requirements specifications, referred to as Protection Profiles (PP) in ISO/IEC 15408 (all parts) and in ISO/IEC TR 15446.
By Protection Profile (PP), it means a set of security requirements for a category of products or systems that meet specific needs. A typical example would be a PP for On-Board Equipment (OBE) to be used in an EFC system. However, the guidelines in this document are superseded if a Protection Profile already exists for the subsystem in consideration.