ISO/TR 17427-3:2015

TECHNICAL ISO/TR
REPORT 17427-3
First edition
2015-11-01
Intelligent transport systems —
Cooperative ITS —
Part 3:
Concept of operations (ConOps) for
‘core’ systems
Systèmes intelligents de transport — Systèmes intelligents de
transport coopératifs —
Partie 3: Concept des opérations (ConOps) pour les systèmes
‘principaux’
Reference number
©
ISO 2015
© ISO 2015, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2015 – All rights reserved

Contents Page
Foreword .vi
Introduction .viii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 4
5 Using this Technical Report. 5
6 Overview of the role of a ‘Core System’ in C-ITS . 5
6.1 What is a Concept of operations? . 5
6.2 What are the core functions? . 6
6.3 Functional subsystems . 6
6.4 Institutional context . 7
6.5 Specific service features characterizing C-ITS service provision . 8
6.6 C-ITS and communication technologies .10
6.6.1 General.10
6.6.2 VANETs, MANETs and ‘latency’ .10
6.6.3 Hybrid communications .13
6.6.4 Short and medium range communication .15
6.6.5 Long range communication .16
6.6.6 Wide area broadcast .16
6.6.7 Positioning services .16
6.6.8 Digital road map data .17
6.7 Actors involved in C-ITS service provision .17
6.8 C-ITS enabling data .20
6.9 Cooperative ITS applications and services .22
6.9.1 System of systems .23
6.10 C-ITS Privacy and anonymity .23
6.10.1 Privacy overview . . .23
6.10.2 Data messages and privacy .24
6.10.3 Security .25
6.10.4 Data management (including capture, storage and access) .25
7 ‘Core’ systems .26
7.1 Core system overview .26
7.1.1 General.26
7.1.2 Single core systems .27
7.1.3 Multiple core systems .27
7.1.4 Other ‘Central’ systems .27
7.1.5 Facilitate a platform for sharing of information and efficient use of resources .28
7.2 Justification for ‘Core Systems’ .28
7.2.1 Vision, drivers and objectives .28
7.2.2 Key strategic objectives for the deployment of core system support .29
7.2.3 Key technical objectives for the deployment of core system support.29
7.2.4 Principal elements of a core system .30
7.2.5 Proposed features of C-ITS core systems.31
7.2.6 Main mission of the ‘Core System’ .35
7.2.7 Scope of ‘Core System’ services .36
7.2.8 Exclusions from CorSys .36
7.2.9 Probe data storage.36
7.2.10 Roadside equipment (RSE) .37
7.2.11 External support systems (ESS) .37
7.2.12 Communications options .37
7.2.13 Authority/jurisdiction databases .38
7.2.14 Core system stakeholders .39
7.2.15 Core system communications .39
7.2.16 Applications .42
7.2.17 Core system interactions .42
7.2.18 Core system operational goals .43
7.3 ‘Core system’ overview of requirements .44
7.3.1 Definition of a requirement .44
7.3.2 ‘Core System’ requirements identification process .44
7.3.3 Functional components .49
7.4 Background, objectives and scope of a ‘Core System’ .50
7.5 Operational policies and constraints .51
7.5.1 Certification .51
7.5.2 Operations and maintenance .52
7.5.3 Security management .52
7.5.4 Data provision/ownership .52
7.5.5 System performance management .52
7.5.6 Flexibility .53
7.5.7 Core system characteristics and environment .53
7.5.8 Deployment configurations .54
7.5.9 Deployment footprint .54
7.5.10 Subsystems .57
7.5.11 Subsystem descriptions .57
7.6 Modes of operation .62
7.7 User types and other involved personnel .64
7.8 Operational scenarios .65
7.9 Vehicle-originated broadcast .66
7.10 Infrastructure-vehicle-unicast .69
7.11 Support environment .71
7.11.1 Subsystems .72
7.11.2 Personnel .72
7.11.3 Processes .72
7.12 Disadvantages and limitations .72
8 Example use cases .73
8.1 General .73
8.2 Example Use Case (1): User data exchange .74
8.3 Example Use Case (2): Certificate distribution .75
8.4 Example Use Case (3): Certificate revocation list distribution .75
8.5 Example Use Case (4): Misbehaviour action: Certificate revocation list addition .76
8.6 Example Use Case (5): Data subscription .77
8.7 Example Use Case (6): Remote services.78
8.8 Example Use Case (7): Core service status distribution .79
8.9 Example Use Case (8): ‘Core System’ operations .80
8.10 Example Use Case (9): System expansion .80
8.11 Example Use Case (10): Core discovery .81
8.12 Example Use Case (11): Service data backup .82
8.13 Example Use Case (12): Service takeover .82
9 Summary of impacts .83
9.1 Operational impacts .83
9.1.1 Policy .83
9.1.2 System management.84
9.1.3 System operation .85
9.1.4 Service receipt.85
9.2 Organizational impacts .87
9.2.1 Policy .87
9.2.2 System management.88
9.2.3 System operation .89
9.3 Impacts during the deployment phases .89
iv © ISO 2015 – All rights reserved

9.3.1 System management.90
9.4 Measuring the impacts .90
10 Cooperative vehicle and highway systems policy and institutional issues .91
11 Funding and governance .91
Bibliography .94
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the WTO principles in the Technical
Barriers to Trade (TBT) see the following URL: Foreword - Supplementary information
The committee responsible for this document is ISO/TC 204, Intelligent transport systems.
ISO 17427 consists of the following parts under the general title, Intelligent transport systems —
Cooperative ITS:
— Part 2: Framework overview [Technical Report]
— Part 3: Concept of operations (ConOps) for ‘Core’ systems [Technical Report]
— Part 4: Minimum system requirements and behaviour for core systems [Technical Report]
— Part 6: Core systems risk assessment methodology [Technical Report]
— Part 7: Privacy aspects [Technical Report]
— Part 8: Liability aspects [Technical Report]
— Part 9: Compliance and enforcement aspects [Technical Report]
— Part 10: Driver distraction and information display [Technical Report]
The following parts are under preparation:
— Part 1: Roles and responsibilities in the context of co-operative ITS architectures(s)
— Part 5: Common approaches to security [Technical Report]
— Part 11: Compliance and enforcement aspects [Technical Report]
— Part 12: Release processes [Technical Report]
— Part 13: Use case test cases [Technical Report]
— Part 14: Maintenance requirements and processes [Technical Report]
vi © ISO 2015 – All rights reserved

This Technical Report provides an informative ‘Concept of operations for ore systems’ supporting
Cooperative intelligent transport systems (C-ITS). It is intended to be used alongside ISO 17427-1,
ISO/TR 17465-1 and other parts of ISO 17465, and ISO 21217. Detailed specifications for the application
context will be provided by other ISO, CEN and SAE deliverables, and communications specifications
will be provided by ISO, IEEE and ETSI.
Introduction
Intelligent transport systems (ITS) are transport systems in which advanced information, communication,
sensor and control technologies, including the Internet, are applied to increase safety, sustainability,
efficiency, and comfort in the movement of people and goods.
A distinguishing feature of ‘ITS’ is its communication with outside entities.
Some ITSs operate autonomously, for example, ‘adaptive cruise control’ uses radar/lidar/and/or video
to characterize the behaviour of the vehicle in front and adjust its vehicle speed accordingly. Some ITSs
are informative, for example, ‘Variable Message Signs’ at the roadside, or transmitted into the vehicle,
provide information and advice to the driver. Some ITSs are semi-autonomous, in that they are largely
autonomous, but rely on ‘static’ or ‘broadcast’ data, for example, GNSS-based ‘SatNav’ systems operate
autonomously within a vehicle but are dependent on receiving data broadcast from satellites in order to
calculate the location of the vehicle.
Cooperative intelligent transport systems (C-ITS) are a group of ITS technologies where service provision
is enabled by, or enhanced by, the use of ‘live’, present situation related, dynamic data/information from
other entities of similar functionality [for example, from one vehicle to other vehicle(s)], and/or between
different elements of the transport network, including vehicles and infrastructure [for example, from the
vehicle to an infrastructure-managed system or from an infrastructure-managed system to vehicle(s)].
Effectively, these technologies enable vehicles to ‘talk’ to each other and to the infrastructure, and in
so doing will have significant potential to improve the safe, sustainable and efficient operation of the
transport network.
A distinguishing feature of ‘C-ITS’ is that data is used across application/service boundaries. This means
that data collected at one point and/or processed by one application becomes available to be re-used by
other applications, which may be operating in the same, or different physical entities.
The difference between any ‘ITS implementation’ and a ‘C-ITS implementation’ is that C-ITSs are
dependent on the interaction with other vehicles and/or the infrastructure, and the exchange
of dynamic data, to receive data to enable their function, or conversely to provide data to other
vehicles/infrastructure to enable their C-ITSs to function.
C-ITS as an entity, is therefore the functionality that enables such ‘cooperative’ and collaborative
exchange of data, and in some cases, collaborative control, or even decision making, that will enable
applications to provide their services to one or more actors (3.1).
ISO/TR 17465-1 provides a summary definition of C-ITS as a “subset paradigm of overall ITS that
communicates and shares information between ITS-stations to give advice or facilitate actions with
the objective of improving safety, sustainability, efficiency and comfort beyond the scope of stand-
alone systems”.
ISO 17427-1 will provide descriptions of the roles and responsibilities of actors involved in the provision
and use of C-ITS.
ISO/TR 17427-2 provides a framework overview which characterize the components of a Cooperative-
ITS (C-ITS), its context and relevance for ITS service provision, and provides references to Standards
deliverables where specific aspects of C-ITS are defined.
This Technical Report concerns the high-level generic requirements for the “Concept of operations” for
a ‘Core System’ (CorSys) (3.10) to support C-ITS in a connected vehicle-highway system paradigm. It is
agnostic in respect of technology and operates with whatever (and probably multiple) communications
technologies and hardware technologies that can support its functionalities.
The benefits of Intelligent Co-operative Systems (C-ITS) stem from the increased information that is
available from the vehicle and its environment and from other vehicles. The same set of information
can be used to extend the functionality of the in-vehicle safety systems and through vehicle-to-
viii © ISO 2015 – All rights reserved

infrastructure communications for more efficient traffic control and management. The benefits include
the following:
— improved safety;
— increased road network capacity;
— reduced congestion and pollution;
— shorter and more predictable journey times;
— improved traffic safety for all road users;
— lower vehicle operating costs;
— more efficient logistics;
— improved management and control of the road network (both urban and inter-urban);
— increased efficiency of the public transport systems;
— better and more efficient response to hazards, incidents and accidents.
(source: EC project CVIS)
It is important to understand that C-ITS is not an end in itself, but a combination of techniques, protocols,
systems and sub-systems to enable ‘cooperative’/collaborative service provision in a connected vehicle-
highway system paradigm.
Other parts in this family of C-ITS standards will define specific aspects of technology and behaviour,
and the roles and responsibilities within the context of C-ITS.
This Technical Report is a ‘living document’ and as our experience with C-ITS develops, it is intended that
it will be updated from time to time, as and when we see opportunities to improve this Technical Report.
TECHNICAL REPORT ISO/TR 17427-3:2015(E)
Intelligent transport systems — Cooperative ITS —
Part 3:
Concept of operations (ConOps) for ‘core’ systems
1 Scope
This Technical Report provides the high-level generic requirements for the “Concept of operations”
for a ‘Core System’ (CorSys) (3.10) to support C-ITS service delivery. It is intended as an input to the
planning and development elaboration of core functions that will support the deployment of cooperative
intelligent transport systems (C-ITS) in a connected vehicle-highway paradigm
The objective of this Technical Report is to raise awareness of and consideration of such issues and to
give pointers, where appropriate, to standards existing that provide specifications for all or some of
these aspects. This Technical Report does not provide specifications for solutions of these issues.
This Technical Report is agnostic in respect of technology and operates with whatever (and probably
multiple) communications technologies and hardware technologies that can support its functionalities.
2 Normative references
There are no normative references.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1
actor
party participating in a system, within this Technical Report participating in C-ITS (3.6) service
provision/receipt
3.2
application
‘app’
software application to provide functionality to realize C-ITS (3.6)
3.3
application service
service provided by a service provider accessing data from the IVS vehicle in the case of C-ITS (3.6),
via a wireless communications network, or provided on-board the vehicle as the result of software
(and potentially also hardware and firmware) installed by a service provider or to a service
provider’s instruction
3.4
back office
central system (‘centre’/CorSys) for commercial applications (3.2)
Note 1 to entry: The terms ‘back office’ and ‘Centre’ are used interchangeably throughout this Technical Report.
‘Centre’ is a traditionally transport-focused term, evoking management centres to support transport needs, while
back office generally refers to commercial applications (3.2). From the perspective of this ConOps, their functions
are considered to be similar.
3.5
bounded secure managed domain
BSMD
secure ITS-station entity capable to conduct secure peer-to-peer communications (3.8) between entities
(ITS-stations) that are themselves capable of being secured and remotely managed
Note 1 to entry: The bounded nature is derived from the requirement for ITS-stations to be able to communicate
amongst themselves, i.e. peer-to-peer, as well as with devices that are not secured (referred to as ‘other ITS-
stations’),and realizing that to achieve this in a secure manner often requires distribution and storage of security-
related material that needs to be protected within the boundaries of the ITS-stations, leads to the secured nature
of the entity - as there is great flexibility to achieve desired communication goals, there is a requirement that
this flexibility be managed; within C-ITS (3.6) and ISO 21217 such ITS-stations are defined as operating within
bounded secured managed domains (BSMD), or outside of the BSMD.
3.6
cooperative ITS
C-ITS
group of ITS technologies where service provision is enabled, or enhanced by, cooperating to provide
the use of ‘live’, present situation related, data/information from other entities of similar functionality,
for example, from one vehicle to other vehicle(s), and/or between different elements of the transport
network, including vehicles and infrastructure, for example, from the vehicle to an infrastructure
managed system or from an infrastructure managed system to vehicle(s)
3.7
centre
central system
traditionally transport-focused term, evoking management centres (3.7) to support transport needs
and/or providing/supporting application service(s) (3.3) managed through a central facility; from the
perspective of the CorSys similar to ‘back office’
3.8
communication
communications
wireless (and in some cases, wireline) networks that facilitate data exchange, including roadside ITS-
stations where appropriate
3.9
Concept of operations
ConOps
document describing the characteristics of a proposed system from the viewpoint of an individual who
will use that system
Note 1 to entry: It is used to communicate the quantitative and qualitative system characteristics to all
stakeholders.
3.10
core system
CorSys
combination of enabling technologies and services that will provide the foundation for the support of
a distributed, diverse set of applications (3.2)/application transactions which work in conjunction with
external support systems (3.24) such as certificate authorities
Note 1 to entry: The system boundary for the CorSys is not defined in terms of devices or agencies or vendors, but by
the open, standardized interface specifications that govern the behaviour of all interactions between CorSys users.
3.11
data store
permanent storehouse of data (files, databases, text documents, etc.)
2 © ISO 2015 – All rights reserved

3.12
end user
citizen or legal entity who exercises or benefits from the services of the transport system
3.13
equipped person(s)
persons with mobile phones, tablets or similar communications (3.8) devices that provide data collection
and processing capacity to perform in the C-ITS (3.6) context
3.14
equipped vehicle(s)
vehicles equipped with the device(s) that provide the role of an ITS-station in the C-ITS (3.6) context
3.15
global navigation satellite system
GNSS
several networks of satellites that transmit radio signals containing time and distance data that can be
picked up by a receiver, allowing the user to identify the location of its receiver anywhere around the globe
3.16
home agent
‘IPv6 router’ with which mobiles register their current Care-of Address (RFC 3753)
3.17
in-vehicle system
IVS
hardware, firmware and software on board a vehicle that provides a platform to support C-ITS (3.6)
service provision, including that of the ITS-station (ISO 21217), its facilities layer, data pantry and
on-board ‘apps’
3.18
intelligent transport system
ITS
transport systems in which advanced information, communication (3.8), sensor and control technologies,
including the Internet, are applied to increase safety, sustainability, efficiency, and comfort
3.19
ITS application
functionality that either completely provides what is required by an ITS service (3.21) or works in
conjunction with other ITS applications (3.2) to provide one or more ITS services
3.20
ITS-s border router
ITS-S router with additional functionality that provides connectivity to other ITS communication (3.8)
nodes over external networks
3.21
ITS service
functionality provided to surface transport system users
3.22
ITS-station
ITS-s
entity in a communication (3.8) network [comprised of application (3.2), facilities, networking and
access layer components] that is capable of executing ITS-S application processes (sometimes within
a bounded, secured, managed domain), comprised of an ITS-S facilities layer, ITS-S networking and
transport layer, ITS-S access layer, ITS-S management entity and ITS-S security entity, which adheres
to a minimum set of security principles and procedures so as to establish a level of trust between itself
and other similar ITS stations with which it communicates
3.23
jurisdiction
government, road or traffic authority which owns the regulatory applications (3.2)
EXAMPLE Country, state, city council, road authority, government department (customs, treasury,
transport), etc.
3.24
support system(s)
facilities that assist in C-ITS (3.6) service provision, including security credentials certificate and
registration authorities, that allow devices and systems to establish trust relationships
3.25
wireline
traditional permanent ‘wired’ connection (although may in reality include microwave and other
wireless connections)
4 Abbreviated terms
2G second-generation cellular phone technology, e.g. GSM
3G third-generation mobile phone technology, e.g. UMTS
4G fourth-generation mobile phone technology, e.g. E-UTRAN (sometimes known as LTE)
BSMD bounded secure managed domain
C-ITS cooperative intelligent transport systems, cooperative ITS
CALM Communications Access for Land Mobiles
ConOps concept of operations
CorSys core system
CVIS Cooperative Vehicle Infrastructure Systems
DoT Department of Transport
ESS External System Support
E-UTRAN Evolved UMTS Terrestrial Radio Access Network
GNSS global navigation satellite systems
GSM Global System for Mobile Communication (2G mobile communications)
IPv6 Internet Protocol version 6
ITS intelligent transport systems
ITS-s ITS-station
IVS in-vehicle system
PII personal identification information
RSE roadside equipment
SatNav Satellite Navigation (see 3.15)
4 © ISO 2015 – All rights reserved

TMC transport management centres
V2I vehicle to/from infrastructure
V2V vehicle to vehicle
VANET vehicular ad hoc network
VMS variable message sign
UML Unified Modelling Language (ISO/IEC 19501)
5 Using this Technical Report
This Technical Report is intended to assist parties instantiating a CorSys, becoming involved as an actor
in a C-ITS (3.6) that involves the use of a CorSys, or becoming involved with the development or use of
such a CorSys.
This Technical Report provides guidance on the aspects to be considered in developing a ‘Concept
of operations’ (ConOps) for a CorSys for C-ITS support. As such, the advice in this Technical Report is
generic and not instantiation specific to any one jurisdiction (3.23) or implementation.
This Technical Report is intended to provide a framework and guidance to enable the development of
an instantiation specific Conops specification after taking into account the aspects specified herein
together with the location specific situation (technical and political) and conditions.
6 Overview of the role of a ‘Core System’ in C-ITS
6.1 What is a Concept of operations?
A ‘Concept of operations’ is a user-oriented document that describes system characteristics for a
proposed system from the users’ viewpoint. This ‘Concept of operations’ describes C-ITS stakeholders,
their roles and responsibilities in a connected vehicle-highway system paradigm, an overview of the
emerging system design, and provides a high-level description of how such systems may operate.
A concept of operations document describes the systems’ objectives, user needs, the functions, the actors
(3.1) and stakeholders involved, and the enactment of roles and responsibilities. (ISO 17427-1 contains
an explanation of roles and responsibilities.) A concept of operations is one of the early phases of the
Systems Engineering approach. Systems Engineering is an interdisciplinary approach used to enable
the realization of successful systems. It focuses on defining customer needs and required functionality
early in the development cycle, and then proceeding with design synthesis and system validation.
In respect of C-ITS, additional information can be obtained from one of the “standard” architectures
[3]
such as the US ‘Connected Vehicle Reference Implementation Architecture’, or the ‘European
[12]
ITS Framework (FRAME) Architecture’, or in the architecture document supporting a specific
implementation.
It is important to understand that this ‘Concept of operations’ is focused on, and relates to the
provision of, CorSys requirements that are necessary in order to facilitate and enable C-ITS assisted
service provision. This deliverable does not consider in any depth the whole C-ITS perspective in
a connected vehicle-highway systems paradigm (ISO/TR 17427-2 and ISO 17427-1 contains more
detailed consideration of such aspects). This Technical Report is focused on the ‘core’ system aspects
required to support C-ITS in a connected vehicle-highway system paradigm. This ‘Core system Concept
of operations’ does not provide a concept of operations for any particular application service(s) (3.3), but
for the background facilitation and infrastructure support required for such service provision.
Much of the source material for this deliverable has been obtained from the US DoT RITA “connected
Vehicle” initiative [Connected Vehicle Technology. US DoT; Connected Vehicle Reference Implementation
Architecture. (CVRIA); Core System- System Architecture Document (service architecture document),
US DoT; Core System- System Requirements Specification (SyRS)]; from relevant Australian publications
(Cooperative ITS (3.6): Concept of operations for C-ITS core functions – Draft Report. ARRB; Cooperative
ITS Regulatory Policy Issues. National Transport Commission, Australia) and from the European Project
CVIS. See Bibliography for further detail. The permission of these bodies to freely use their material is
gratefully appreciated and their source acknowledged.
6.2 What are the core functions?
The ‘core’ functions are functions that enable the trusted and secure data exchange necessary to
enable a platform for C-ITS applications (3.2) in a connected vehicle-highway system paradigm.
These ‘core’ functions can be seen as a collection of operational and institutional functions, such as
the exchange of security certificates, storage and redistribution of application data, and exchange of
system management information like subscriptions to C-ITS applications. These core functions require
policies and management structures to be in place as a basis from which to operate. An example of a
policy requirement is a policy on whether core functions are required for all C-ITS applications, or only
for some. Also, ensuring correct implementation of system components and correct functioning of the
system requires some form of compliance insurance, such as accreditation, certifi
...