ISO/TS 5616:2024

Technical
Specification
ISO/TS 5616
First edition
Intelligent transport systems —
2024-12
Secure interfaces governance
— Minimum requirements and
governance procedures
Systèmes de transport intelligents — Gouvernance à l'aide
d'interfaces sécurisées — Exigences minimales et procédures de
gouvernance
Reference number
© ISO 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
3.1 General terms used in this document .2
3.2 Recommended definitions for certificate policy (Annex A) .4
3.3 Recommended definitions for security policy (Annex A) .5
4 Abbreviated terms . 6
4.1 General abbreviated terms used in this document .6
4.2 Recommended abbreviated terms for certificate policy .6
4.3 Recommended abbreviated terms for security policy.7
5 Summary of requirements in order to claim conformance with this document . 8
5.1 General governance principles .8
5.2 Conformance to this document (ISO 5616) .8
5.3 Permission of the owner of the data.8
5.4 Access to onboard data .8
5.5 Data available for full functional lifetime.9
5.6 ITS data security and access .9
5.7 ITS data management .9
5.8 ITS communications profiles .9
5.9 ITS communication media . .9
6 Governance method . 9
7 Operation of the general management committee .10
8 Procedures concerning “application domains” (e.g. service groups) .11
8.1 Procedures to establish a new application domain (e.g. service group) .11
8.2 Roles and actors for each application domain/service grouping .11
8.2.1 General principles .11
8.2.2 Example instantiation .11
9 Application domain policy decision making .12
9.1 Context . 12
9.2 Determination of policy . 13
9.2.1 Policy making requirements. 13
9.2.2 High level operational process description . 13
9.2.3 Defining operational model and bylaws . 13
9.2.4 Access controls .14
9.2.5 Election and ejection criteria and procedures .14
9.2.6 Data and actions required .14
9.2.7 Policy examples .14
Annex A (informative) Principles of governance .15
Annex B (informative) Pro forma tables of contents and templates .20
Bibliography .38

iii
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO document should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent
rights in respect thereof. As of the date of publication of this document, ISO had not received notice of (a)
patent(s) which may be required to implement this document. However, implementers are cautioned that
this may not represent the latest information, which may be obtained from the patent database available at
www.iso.org/patents. ISO shall not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 204, Intelligent transport systems.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.

iv
Introduction
This document provides specifications for the minimum requirements for a governance process for using
"ITS Trusted Devices" for ITS data management and access via secure interfaces.
The paradigm presented in this document can be used for any ITS interface, but it is particularly focused on
meeting some of the unique characteristics of the interface between a vehicle and external entities, such as
roadside units and other vehicles.
While many technical specifications and standards have already been developed on the use of ITS devices
for ITS data management and access (and on which this document relies), combinations of such documents
need to be used consistently and the whole system needs to be consistently governed. This document
concerns the adoption and use of combinations of existing approved technical specifications or standards in
combination with governance processes. It does not introduce new technical specifications. While it enables
government policies to be consistently supported, it does not specify those policies.
For the purposes of this document, the term "governance" encompasses the use and combination of systems
that direct and control ITS data entities, including the structure and processes for decision making,
accountability, control and behaviour. ITS data governance influences how an organization’s objectives
are set and achieved, and how risk is monitored and addressed in terms of the acquisition, use, retention,
sharing and elimination of ITS data. ITS data governance also prescribes a system and a process, rather than
a single activity; successful implementation of a good governance strategy therefore requires a systematic
approach that incorporates strategic planning, risk management and performance management.
The purpose of this document is to specify the use and combination of (largely already existent) standards
and specifications for the governance of data across ITS secure interfaces, and to present organizational
concepts to support such governance measures in accordance with the principles of ISO/TC 204 policy
documents concerning ITS data governance policy. This involves the components of a so called "trust model"
[e.g. PKI (public key infrastructure) services] as well as the entities running them, i.e. the trusted third
parties for the trust and privacy management on which operational entities rely, and which allow them to be
run in a secure and reliable way.
Governance in an international context and covering a wide range of use-case paradigms with different
needs necessitates a multi-layer governance model, with general governance and specification of high-level
options that are useable by all and maintain consistency. Regional requirements can be introduced to this
level to meet the needs of regional government.
These operational aspects need be overt and clear to all and provide the principal policy requirements
and options to maintain cybersecure interoperability. They can be found in accordance with the
principles of ISO/TC 204 policy documents concerning ITS data governance policy and form the principle
recommendations and minimum requirements for governance of ITS data management and access. However,
many aspects refer to and provide links to published government policy deliverables, so while they can be
referenced in ISO/TC 204 ITS data policy documents, they are not suitable for inclusion in an ISO standards
deliverable. This document is focused on the generic minimum interoperability requirements and general
procedures for governance to maintain consistency for ITS data management and access.
To complicate issues, there is no monolithic model that can be applied in exactly the same way in all
regions of the world. Yet, consistent governance needs to operate consistently within the differing policy
requirements of governments around the world, within a framework where governments can agree on
common interoperable policies, whilst achieving their own objectives and requirements.
A second regional level of governance determines the options allowed within a region for each defined
application domain (e.g. service group).
This lower level of governance is at the operational level, determining the choice of the options allowed in
order to meet the application needs.
Application domains/service groups can operate solely within one region, or can operate in multiple regions
or globally, in which case they can have to specify different and multiple operational specifications to meet
different regional requirements.

v
These aspects need to be in accordance with the principles of ISO/TC 204 policy documents concerning
ITS data governance policy that detail general principles of governance and the aspects that have to be
considered in such policymaking. However, the options specified are taken at this operational level, ratified
by the regional governance management committee (RGMC), and not by this document.
To visually summarize such a governance paradigm, Figure 1 shows a conceptual governance reference
architecture, as elaborated in accordance with the principles of ISO/TC 204 policy documents concerning
ITS data governance policy.
Figure 1 — Conceptual governance reference architecture
This document provides the minimum requirements to be met in order to achieve interoperability and
consistent governance, while enabling governments to implement their policy decisions.
This document specifies a generic framework to enable a consistent governance process for using "ITS
Trusted Devices" for ITS data management and access using secure interfaces, but is not concerned with
and does not determine the policy decisions that the governance process potentially make, nor the wireless
media nor media protocols used to conduct communications.

vi
Technical Specification ISO/TS 5616:2024(en)
Intelligent transport systems — Secure interfaces governance
— Minimum requirements and governance procedures
1 Scope
This document specifies the minimum governance procedure requirements for ITS data management and
access using secure interfaces (and, particularly, secure vehicle interfaces) in order to meet objectives in
accordance with the principles of ISO/TC 204 policy documents concerning ITS data governance policy.
NOTE 1 Where an ITS data management and access paradigm is already in existence, this document proposes only
to provide a suitable checklist for any assessment of its competency. This document does not propose that existing
arrangements that are acceptably competent be changed.
NOTE 2 This document does not affect proprietary original equipment manufacturer (OEM) communications using
ExVe (see ISO 20077-1), but does provide means for its complementary coexistence.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO 15031-2, Road vehicles — Communication between vehicle and external equipment for emissions-related
diagnostics — Part 2: Guidance on terms, definitions, abbreviations and acronyms
ISO 18541-1,, Road vehicles — Standardized access to automotive repair and maintenance information (RMI) —
Part 1: General information and use case definition
ISO 18541-2, Road vehicles — Standardized access to automotive repair and maintenance information (RMI) —
Part 2: Technical requirements
ISO 18541-3, Road vehicles — Standardized access to automotive repair and maintenance information (RMI) —
Part 3: Functional user interface requirements
ISO 18541-4, Road vehicles — Standardized access to automotive repair and maintenance information (RMI) —
Part 4: Conformance test
ISO 20077-1, Road Vehicles — Extended vehicle (ExVe) methodology — Part 1: General information
ISO 21177, Intelligent transport systems — ITS station security services for secure session establishment and
authentication between trusted devices
ISO/TS 21184, Cooperative intelligent transport systems (C-ITS) — Global transport data management (GTDM)
framework
ISO/TS 21185, Intelligent transport systems — Communication profiles for secure connections between
trusted devices
ISO 21217,, Intelligent transport systems — Station and communication architecture
ISO/IEC 27000, Information technology — Security techniques — Information security management systems —
Overview and vocabulary
ETSI/TS 103 097, Intelligent Transport Systems (ITS); Security; Security header and certificate formats; Release 2

3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1 General terms used in this document
3.1.1
access
right to and ability to obtain data in a defined and limited context
3.1.2
actor
participant, person or organization who does something relevant in the system
3.1.3
domain
specified sphere of activity
3.1.4
extended vehicle
ExVe
physical road vehicle with external software and hardware extensions for some of its
features
Note 1 to entry: These extensions are developed, implemented and managed by the vehicle manufacturer who is fully
responsible for the communication among the various parts of the extended vehicle, especially between the internal
and external software and hardware components.
3.1.5
governance
concept referring to the actions and processes by which stable practices and organizations arise and persist
Note 1 to entry: The term "governance" encompasses the use and combination of systems that direct and control ITS
data entities, including the structure and processes for decision making, accountability, control and behaviour. ITS data
governance influences how an organization’s objectives are set and achieved, how risk is monitored and addressed in
terms of the acquisition, use, retention, sharing and elimination of ITS data. It prescribes a system and a process, not
a single activity. Successful implementation of a good governance strategy therefore requires a systematic approach
that incorporates strategic planning, risk management and performance management.
3.1.6
governance management committee
GMC
high-level body comprised of RGMC representatives responsible for the governance of ITS Data management
and access that determine global policy and regional variations
3.1.7
information security
preservation of confidentiality, integrity and availability of information
[SOURCE: ISO/IEC 27000:2017, 3.28]
3.1.8
infrastructure
system of facilities, equipment and applications needed for the operation of an organization that provides
ITS services that use fixed ITS trusted devices

3.1.9
ITS data
data associated with transport systems that is transferred, often wirelessly, from one system to another
and/or used within a system in order to provide an ITS service
3.1.10
ITS trusted device
device which cooperates with another device in a trusted way, i.e. exchange of information with optional
explicit bi-directional protection
Note 1 to entry: See ISO 21217 for further information.
3.1.11
ITS-station
instance of an ITS trusted device operating as a functional entity, comprised of an ITS-S facilities layer, ITS-S
networking and transport layer, ITS-S access layer, ITS-S management entity, ITS-S security entity and ITS-S
applications entity providing ITS services
Note 1 to entry: From an abstract point of view, the term “ITS station” refers to a set of functionalities. The term is
often used to refer to an instantiation of these functionalities in a physical unit. Often the appropriate interpretation is
obvious from the context. The proper name of the physical instantiation of an ITS-S is ITS station unit (ITS-SU)
3.1.12
paradigm
model, or a very clear and typical example, of a system, situation or environment
3.1.13
public key infrastructure
PKI
set of roles, policies, hardware, software and procedures to create, manage, distribute, use, store and
revoke digital certificates and manage public-key encryption
Note 1 to entry: This is an arrangement that binds public keys with respective identities of entities (like
people and organizations).
Note 1 to entry: The binding is established through a process of registration and issuance of certificates at and by a
certificate authority (CA).
3.1.14
regional governance management committee
RGMC
body responsible for governance of ITS data management and access in a defined geographic region
3.1.15
role
position or purpose that someone or something has in an organization, society or relationship
3.1.16
secure interface
cybersecure bidirectional communication connection (wired or wireless) between two entities known as
"ITS-stations"
Note 1 to entry: "ITS-stations" are defined in 3.1.13 and in ISO 21217.
3.1.17
secure vehicle interface
secure interface in which at least one of the parties is a connection to a vehicle
3.1.18
subject
natural person, device, system, unit or legal entity identified in a certificate as the subject, i.e. either the
subscriber or a device under the control and operation of the subscriber

3.1.19
subscriber
natural person or legal entity (applicant) to which a certificate is issued and that is legally bound by a
subscriber agreement or terms of use agreement
3.2 Recommended definitions for certificate policy (Annex A)
3.2.1
applicant
natural person or legal entity that applies for (or seeks renewal of) a certificate
Note 1 to entry: Once the initial certificate is created (initialization), the applicant is referred to as the "subscriber".
Note 2 to entry: For certificates issued to end-entities, the subscriber (certificate applicant) is the entity that controls
or operates/maintains the end-entity to which the certificate is issued, even if the end-entity is sending the actual
certificate request.
3.2.2
authorization authority
AA
legal and/or operational entity managing authorization
Note 1 to entry: Within this document, the term "authorization authority" can also refer to the specific function of the
AA (authorization authority).
3.2.3
certification authority
CA
legal and/or operational entity managing certification
Note 1 to entry: The root certification authority, enrolment authority and authorization authority are cumulatively
referred to as the "certification authority" (CA).
3.2.4
crypto-agility
capability of the ITS-data "trust model" entities to adapt the certificate policy to changing environments or
to new future requirements, e.g. by a change of cryptographic algorithms and key length over time
3.2.5
cryptographic module
secure hardware-based element within which keys are generated and/or stored, random numbers are
generated, and data are signed or encrypted
3.2.6
enrolment authority
authority in the ITS PKI (public key infrastructure) structure that authenticates an ITS-S and grants it
access to ITS communication which can be made pseudonymous by authorizing access to relevant AAs
(authorization authorities) to grant authorization for specific services
3.2.7
ITS-data trust model
model responsible for establishing a relationship of trust between ITS trusted devices
Note 1 to entry: It is implemented through the use of a PKI (public key infrastructure) composed of root CAs
(certification authorities), the ITD-POC (ITS data point of contact), TLM (trust list manager), EAs (enrolment
authorities), AAs (authorization authorities) and a secure network.
3.2.8
PKI participants
public key infrastructure participants
entities of the ITS-data trust model, i.e. the TLM (trust list manager), root CAs (certification authorities), EAs
(enrolment authorities), AAs (authorization authorities) and C-ITS (central ITS) stations

3.2.9
re-keying
subcomponent used to describe certain elements relating to a subscriber or other participant generating a
new key pair and applying for the issuance of a new certificate that certifies the new public key
3.2.10
repository
entity used for storing the certificates and information on certificates provided by the entities of the ITS-
data trust model
3.2.11
root certification authority
root CA
legal and/or operational entity managing root certification
Note 1 to entry: Within this document, the term "root certification authority" can also refer to the specific function of
the root CA.
3.2.12
subject
natural person, device, system, unit or legal entity identified in a certificate as the subject, i.e. either the
subscriber or a device under the control and operation of the subscriber
3.2.13
subscriber
natural person or legal entity to which a certificate is issued and that is legally bound by a subscriber or
terms of use agreement
3.2.14
subscriber agreement
agreement between the CA (certification authority) and the applicant/subscriber that specifies the rights
and responsibilities of the parties
3.3 Recommended definitions for security policy (Annex A)
3.3.1
availability
property of being accessible and usable on demand by an authorized entity
[SOURCE: ISO/IEC 27000:2018, 3.7]
3.3.2
confidential information
information that is not to be made available or disclosed to unauthorized individuals, entities or processes
3.3.3
information security incident
single or a series of unwanted or unexpected information security events that have a significant probability
of compromising business operations and threatening information security
[SOURCE: ISO/IEC 27000:2018, 3.31]
3.3.5
integrity
property of accuracy and completeness (ISO 27000)
[SOURCE: ISO/IEC 27000:2018, 3.36]
3.3.6
ITS trusted device infrastructure
system of facilities, equipment and applications needed for the operation of an organization that provides
services related to fixed ITS trusted devices

3.3.7
ITS rusted device stakeholders
individual, group or organization with a role and responsibility in the ITS trusted device network
3.3.8
local dynamic map
LDM
in-vehicle ITS trusted device station’s dynamically updated repository of data relating to local driving
conditions
Note 1 to entry: The LDM includes information received from on-board sensors and from Cooperative Awareness
Messages (CAMs) and Descentralized Evironmental Notification Messages (DENMs). See ETSI/TR 102 893.
3.3.9
protocol control
assets which select an appropriate message transfer protocol for an outgoing message request and send the
message to the lower layers of the protocol stack in a format that can be processed by those layers
Note 1 to entry: Incoming messages are converted into a format that can be handled within the ITS trusted device and
passed to the relevant functional asset for further processing. See ETSI/TR 102 893.
4 Abbreviated terms
4.1 General abbreviated terms used in this document
C-ITS cooperative ITS
CMS credential management system
CS commissioning secretary
EC European Commission
EU European Union
GDPR General Data Protection Regulation
GMC governance management committee
ITS intelligent transport system(s)
ITS-S ITS-station
ITS-SU ITS-station unit
NAFTA North America Free Trade Agreement
OEM original equipment manufacturer
PKI public key infrastructure
PMC policy management committee
RGMC regional governance management committee
SCMS security credential management system
4.2 Recommended abbreviated terms for certificate policy
The following abbreviated terms are not necessarily used in this document but are recommended for use
when elaborating certificate policy. See Annex B.

AA authorization authority
AT authorization ticket
CA certification authority
CP certificate policy
CPA certificate policy authority
CPS certificate practice statement
CRL certificate revocation list
CTL certificate trust list
EA enrolment authority
EC enrolment credential
ECIES elliptic curve integrated encryption scheme
EE end-entity (i.e. ITS trusted device)
GDPR General Data Protection Regulation
HSM hardware security module
ITD-POC ITS data point of contact
PKI public key infrastructure
RA registration authority
SCMS security credential management system
sub-CA EA (enrolment authority) and AA (authorization authority)
TLM trust list manager
4.3 Recommended abbreviated terms for security policy
The following abbreviated terms are not necessarily used in this document but are recommended for use
when elaborating security policy. See Annex B.
CAM cooperative awareness message
CP certificate policy
DENM decentralized environmental notification message
ISMS information security management system
IVIM infrastructure-to-vehicle information message
SCMS security credential management system
SPATEM signal phase and timing extended message
SREM signal request extended message
SSEM signal request status extended message

5 Summary of requirements in order to claim conformance with this document
5.1 General governance principles
See Annex A for information on the general context of governance principles. Note that informative Annex A
contains no specific conformance requirements.
5.2 Conformance to this document (ISO 5616)
General conformance to this document may only be claimed if all of the requirements referenced in
Clauses 5-9 are met.
A system may claim conformance to clearly identified specific parts of this document so long as that/those
parts are clearly identified in the claim, and the claim is overtly and clearly restricted to those specific parts.
5.3 Permission of the owner of the data
Data access requires the permission of the owner of the data. Governance procedures at the application
domain/service group level shall ensure that such permission is sought, and is provided freely, without
duress or loss of other services if not given.
Any application that requires access to ITS data shall implement overt measures to request that the
permission of the owner of the data to access and use that data is sought, and that such consent is provided
freely, without duress, detriment or loss of other services if not given.
NOTE This requirement is as found in the GDPR in the European Union and similar data privacy and protection
measures elsewhere.
The owners of an application shall provide evidence of their measures in this respect to the PMC (policy
management committee). The RGMC (regional governance management committee) shall be asked to
approve the PMC’s means to do this.
5.4 Access to onboard data
Except where affected by national or regional regulations, conformance to the following existing documents
is also required to enable consistent governance and operation of access to onboard data requirements as
specified therein.
— ISO 15031-2, Road vehicles — Communication between vehicle and external equipment for emissions-related
diagnostics — Part 2: Guidance on terms, definitions, abbreviations and acronyms;
— ISO 18541-1, Road vehicles — Standardized access to automotive repair and maintenance information (RMI)
— Part 1: General information and use case definition;
— ISO 18541-2, Road vehicles — Standardized access to automotive repair and maintenance information (RMI)
— Part 2: Technical requirements;
— ISO 18541-3, Road vehicles — Standardized access to automotive repair and maintenance information (RMI)
— Part 3: Functional user interface requirements;
— ISO 18541-4, Road vehicles — Standardized access to automotive repair and maintenance information (RMI)
— Part 4: Conformance test;
— ISO 20077-1, Road Vehicles — Extended vehicle (ExVe) methodology — Part 1: General information;
— ISO 21177, Intelligent transport systems — ITS station security services for secure session establishment and
authentication between trusted devices (see 5.5);
— ISO/TS 21184, Cooperative intelligent transport systems (C-ITS) — Global transport data management
(GTDM) framework (see 5.6);
— ISO/TS 21185, Intelligent transport systems — Communication profiles for secure connections between
trusted devices (see 5.7);
— ISO 21217, Intelligent transport systems — Station and communication architecture;
— ISO/IEC 27000, Information technology — Security techniques — Information security management systems
— Overview and vocabulary.
5.5 Data available for full functional lifetime
Data made available shall be made available for the full functional lifetime of the entity providing the data,
i.e. there shall be no arbitrary cut-off date. In the case of a software system or physical hardware, data shall
be available until that system is formally decommissioned by its owner. In the case of a vehicle, data shall be
until that vehicle is scrapped.
5.6 ITS data security and access
Regardless of the communications medium used to pass ITS data from one party to another, protocols and
security shall conform to ISO 21177.
5.7 ITS data management
Regardless of the communications medium used to pass ITS data wirelessly from one party to another, data
management and presentation shall conform to ISO/TS 21184.
5.8 ITS communications profiles
Regardless of the communications medium used to pass ITS data wirelessly from one party to another,
protocols and security shall conform to ISO/TS 21185.
5.9 ITS communication media
The governance committee do not choose which wireless communications media are used (that is
determined by the application domain/service group governance, or may be determined by legislation), but
if a medium is selected, it needs to be used consistently across application domains using the same medium.
Wired interfaces shall conform to normal wired communications and internet protocols.
While it is for the application domains/service groups to determine which communication media are
appropriate for their application, they shall only adopt/select/use media for which there is a publicly
available formally standardized (ISO/CEN/ETSI/ITU/UNECE, etc.) specification/standard that is suitable
for use in combination with documents specified in 5.1 – 5.7.
While it is for the application domains/service groups to determine which communication media are
appropriate for their application, they shall declare and submit their selection to the RGMC who shall inspect
and ratify that it meets these criteria.
6 Governance method
6.1 The governance management committee (GMC) shall consider and approve or replace the techniques
and protocols determined below at the earliest opportunity.
6.2 At the regional general management committee (RGMC) level, the chief executive shall monitor the
operation of the systems using the secure interface and the operation of the security credential management
system (SCMS), etc., and shall liaise with involved actors to identify and remedy any operational problems
and issues.
6.3 The chief executive shall provide regular reports to the RGMC highlighting issues encountered in
the operational measures of activities using the secure interface and the operation of the SCMS (security
credential management system), etc., summarizing how the issue(s) have been addressed and reconciled. If
any issues arise that cannot be reconciled, the chief executive shall report the issue to the RGMC, and, unless
trivial, shall call a RGMC meeting to address the issue. At its discretion the RGMC may elevate an issue to the
GMC through its chairperson.
6.4 On receiving the reports of the chief executive, if any regional governance committee member is
not satisfied with the reconciliation of an issue, the regional governance committee member may request
a meeting of the RGMC to discuss the issue and its reconciliation. If two or more regional governance
committee members request such a RGMC meeting, the chief executive shall organize and hold such an
RGMC meeting.
6.5 Similarly, at the international GMC level, if any governance committee member is not satisfied with the
reconciliation of an issue, the governance committee member may request a meeting of the GMC to discuss
the issue and its reconciliation.
7 Operation of the general management committee
7.1 For an overview of the architectural relationship between committees, see Figure 1.
7.2 It is anticipated that the GMC will elect a chairperson from its membership.
7.3 The GMC shall meet periodically, as appropriate, and shall determine international common protocols
and practices.
NOTE The GMC can be an existing body such as UNECE WP1 or WP29 (and follow the existing “contracting party”
agreements arrangements) or can be a body created for this specific purpose. An RGMC is likely to be organized to
meet the needs of a region’s political structure(s).
7.4 It is anticipated that the RGMC which has day to day issues to manage (such as certificate management,
registries, etc.) shall appoint a chief executive officer (CEO), or equivalent management role. The means of
financing the CEO and costs of operation of the RGMC shall be determined locally.
EXAMPLE The CEO can be a secondee of the regulator or an advertised position, or the whole task of managing
the RGMC can be assigned to a commercial operation created by interested actors in the region, etc.
7.5 The chief executive should make, and be accountable for, day to day decisions.
7.6 The regulator representative and the C-ITS security credential management system (SCMS) shall
be appointees of those organizations, but the other committee positions shall be open to challenge and
appointment of the challenger or the re-election of the sitting member by the remainder of the RGMC. The
Regulator shall, however, have a right to reject any candidate.
7.7 Regional governance principles shall take into consideration the regulations and the published policies of
a regional authority (such as the European Commission, US DoT, NAFTA, Politbureau Standing Committee, etc.).
7.8 Governance policies shall, wherever possible, take into consideration standards and specifications
approved by ballot of participating member states through a recognized standardization organization.
7.9 Only where standards and specifications approved by ballot of participating member states through
a recognized standardization organization are not available can specifications and industry practices
approved only by participating parties be considered and adopted. In this event, at the earliest opportunity,
the approval of the use of the specification by ballot of participating member states through a recognized
standardization organization shall be sought.

8 Procedures concerning “application domains” (e.g. service groups)
8.1 Procedures to establish a new application domain (e.g. service group)
The GMC and/or RGMC shall determine and make public the procedures to establish a new application
domain (e.g. service group).
8.2 Roles and actors for each application domain/service grouping
8.2.1 General principles
The GMC and/or RGMC shall determine the expected actors for each application domain/service group, and
the high-level roles for each actor, and shall seek participation from the identified actor groups to form the
policy management committee (PMC) for that application domain/service group.
Qualification for membership and participation of a PMC shall initially be determined by the RGMC, and
then reviewed between the RGMC and appointed members of the PMC, but shall generally fairly reflect the
balance of the participants in the application domain. Once formed, the PMC shall review its membership
from time to time and request the RGMC/GMC to add (or delete) representation of additional actors.
8.2.2 Example instantiation
An example of how this can be deployed in Europe is shown in Figure 2.
Figure 2 — Example: possible instantiation in Europe
NOTE 1 This document does not choose/select which wireless (or wired) communications media are used. T
...