SIST EN ISO 18541-2:2021

SLOVENSKI STANDARD
01-september-2021
Nadomešča:
SIST EN ISO 18541-2:2015
Cestna vozila - Standardiziran dostop do informacij o popravilih in vzdrževanju
avtomobilov (RMI) - 2. del: Tehnične zahteve (ISO 18541-2:2021)
Road vehicles - Standardized access to automotive repair and maintenance information
(RMI) - Part 2: Technical requirements (ISO 18541-2:2021)
Straßenfahrzeuge - Standardisierter Zugang zu Reparatur- und Wartungsinformationen
(RMI) - Teil 2: Technische Anforderungen (ISO 18541-2:2021)
Véhicules routiers - Normalisation de l'accès aux informations relatives à la réparation et
à la maintenance pour l'automobile (RMI) - Partie 2: Exigences techniques (ISO 18541-
2:2021)
Ta slovenski standard je istoveten z: EN ISO 18541-2:2021
ICS:
43.040.15 Avtomobilska informatika. Car informatics. On board
Vgrajeni računalniški sistemi computer systems
43.180 Diagnostična, vdrževalna in Diagnostic, maintenance and
preskusna oprema test equipment
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EN ISO 18541-2
EUROPEAN STANDARD
NORME EUROPÉENNE
June 2021
EUROPÄISCHE NORM
ICS 43.180; 43.040.15 Supersedes EN ISO 18541-2:2014
English Version
Road vehicles - Standardized access to automotive repair
and maintenance information (RMI) - Part 2: Technical
requirements (ISO 18541-2:2021)
Véhicules routiers - Normalisation de l'accès aux Straßenfahrzeuge - Standardisierter Zugang zu
informations relatives à la réparation et à la Reparatur- und Wartungsinformationen (RMI) - Teil 2:
maintenance pour l'automobile (RMI) - Partie 2 : Technische Anforderungen (ISO 18541-2:2021)
Exigences techniques (ISO 18541-2:2021)
This European Standard was approved by CEN on 1 June 2021.

CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this
European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references
concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN
member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management
Centre has the same status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2021 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN ISO 18541-2:2021 E
worldwide for CEN national Members.

Contents Page
European foreword . 3

European foreword
This document (EN ISO 18541-2:2021) has been prepared by Technical Committee ISO/TC 22 "Road
vehicles" in collaboration with Technical Committee CEN/TC 301 “Road vehicles” the secretariat of
which is held by AFNOR.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by December 2021, and conflicting national standards
shall be withdrawn at the latest by December 2021.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
This document supersedes EN ISO 18541-2:2014.
This document has been prepared under a mandate given to CEN by the European Commission and the
European Free Trade Association.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the
United Kingdom.
Endorsement notice
The text of ISO 18541-2:2021 has been approved by CEN as EN ISO 18541-2:2021 without any
modification.
INTERNATIONAL ISO
STANDARD 18541-2
Second edition
2021-06
Road vehicles — Standardized access
to automotive repair and maintenance
information (RMI) —
Part 2:
Technical requirements
Véhicules routiers — Normalisation de l'accès aux informations
relatives à la réparation et à la maintenance pour l'automobile
(RMI) —
Partie 2: Exigences techniques
Reference number
ISO 18541-2:2021(E)
©
ISO 2021
ISO 18541-2:2021(E)
© ISO 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved

ISO 18541-2:2021(E)
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 2
5 Requirements overview and principles . 2
5.1 Basic principles for requirements definition . 2
5.2 Requirements clustering . 3
6 Requirements cluster 1 — Access-related data administration .6
6.1 [TREQ-1] General access-related data administration . 6
6.2 [TREQ-2], [TREQ-3] Administration of IO and IO employee data by the VM . 6
6.2.1 [TREQ-2] Administration of IO data by the VM . 6
6.2.2 [TREQ-3] Administration of IO employee data by the VM . 7
6.3 [TREQ-4] Administration of payment data by the VM . 7
6.4 [TREQ-5] Administration of access event data by the VM . 8
6.5 [TREQ-6] Administration of access event data to security-related RMI by the VM. 8
7 Requirements cluster 2 — IT architecture . 9
7.1 [TREQ-7] Conceptual architecture . 9
7.2 [TREQ-8] Implementation principles .10
8 Requirements cluster 3 — External interfaces .14
8.1 [TREQ-9] Vehicle communication interface (VCI) .14
8.2 [TREQ-10] Trust centre (certificate management) .17
8.3 [TREQ-11] Parts ordering for security-related features .17
8.4 [TREQ-12] Partnered accessory provider systems .18
9 Requirements cluster 4 — Technical infrastructure .18
9.1 [TREQ-13] Type of device.18
9.2 [TREQ-14] PC requirements .18
9.3 [TREQ-15] Operating systems .19
9.4 [TREQ-16] Web browsers .19
9.5 [TREQ-17] Presentation formats for information packages .19
9.6 [TREQ-18] Internet connection .20
9.7 [TREQ-19] Performance of the VM RMI system .20
10 Requirements cluster 5 — Co-existence of VM software on IO client .20
10.1 [TREQ-20] Requirements for installing VM-specific software on the IO client .20
10.2 [TREQ-21] Requirements for updating of installed VM data and applications on
the IO client .21
10.3 [TREQ-22] Requirements for the operation of VM-specific software on the IO client .22
10.4 [TREQ-23] Requirements for the uninstalling of VM-specific software on the IO client .22
10.5 [TREQ-24] Requirements for restoring in case of an abnormal termination of the
VM-specific software on the IO client .23
11 Requirements cluster 6 — Operations .23
11.1 [TREQ-25] VM RMI system availability time.23
11.2 [TREQ-26] Support for the usage of the VM RMI system .24
11.3 [TREQ-27] Operation of the IO PC.24
12 Requirements cluster 7 — [TREQ-28] Functional user interface .25
Annex A (normative) Requirements for access to security-related RMI according to SERMI
scheme .26
ISO 18541-2:2021(E)
Bibliography .31
iv © ISO 2021 – All rights reserved

ISO 18541-2:2021(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/
iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 22, Road vehicles, Subcommittee SC 31,
Data communication, in collaboration with the European Committee for Standardization (CEN)
Technical Committee CEN/TC 301, Road vehicles, in accordance with the Agreement on technical
cooperation between ISO and CEN (Vienna Agreement).
This second edition cancels and replaces the first edition (ISO 18541-2:2014), which has been technically
revised.
The main changes compared to the previous edition are as follows:
— security-related RMI according to SERMI scheme moved to Annex A;
— previous Annex A "PC specification" has been removed; the corresponding subclauses 9.2 and 9.3
were updated accordingly;
— Figures 2, 3 and 4 were updated (security-related RMI has been deleted);
— correction of errors and improvement of formulations in the entire document.
A list of all parts in the ISO 18541 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html.
ISO 18541-2:2021(E)
Introduction
The ISO 18541 series includes the requirements to be fulfilled by repair and maintenance information
(RMI) systems as applied by the European Commission — Enterprise and Industry Directorate-General,
[6]
Consumer goods — Automotive industry EC mandate M/421, dated Brussels, 21 January 2008.
This mandate relates to the EC type-approval system for vehicles falling into the scopes of Directives
[9] [7]
70/156/EEC (replaced by 2007/46/EC ), 2002/24/EC [replaced by (EU) 168/2013 ] and 2003/37/
[8]
EC [replaced by (EU) 167/2013 ] and, in particular, to requirements for access to vehicle repair and
maintenance information by independent operators.
The purpose of the EC Mandate M/421 is to develop a standard or set of standards which specify the
requirements to provide standardized access to automotive repair and maintenance information (RMI)
for independent operators.
The ISO 18541 series only covers access to automotive repair and maintenance information for
[15] [14]
light passenger and commercial vehicles [see (EC) No 715/2007 , (EC) No 692/2008 and (EU)
[11] [13] [12]
No 566/2011 ] and heavy-duty vehicles [see (EC) No 595/2009 , (EU) No 582/2011 and
[10] [9]
(EU) No 64/2012 ] based on Directive 2007/46/EC and for two-or three-wheel vehicles and
[7]
quadricycles based on regulation (EU) 168/2013 .
The information included in the ISO 18541 series derives from the legislative requirements on European
level in the field of RMI and related security requirements and can be referenced by legislation in other
countries.
vi © ISO 2021 – All rights reserved

INTERNATIONAL STANDARD ISO 18541-2:2021(E)
Road vehicles — Standardized access to automotive repair
and maintenance information (RMI) —
Part 2:
Technical requirements
1 Scope
This document includes technical requirements which are related to automotive repair and maintenance
information (RMI) systems in order to standardize access to RMI for independent operators.
This document specifies the minimum set of technical requirements related to a vehicle manufacturer's
RMI system. These requirements will reflect the deriving needs from the use cases as specified in
ISO 18541-1.
Furthermore, this document defines requirements for granting access to security-related RMI in
Annex A following the SERMI scheme.
This document is applicable to light passenger and commercial vehicles as defined in regulation
[15]
(EC) 715/2007 Article 2 .
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 18541-1, Road vehicles — Standardized access to automotive RMI — Part 1: General information and
use case definition
ISO 18541-3, Road vehicles — Standardized access to automotive repair and maintenance information
(RMI) — Part 3: Functional user interface requirements
ISO 22900-2, Road vehicles — Modular vehicle communication interface (MVCI) — Part 2: Diagnostic
protocol data unit application programming interface (D-PDU API)
SAE J2534-1, Recommended Practice for Pass-Thru Vehicle Programming
SAE J2534-2, Optional Pass-Thru Features
1)
SERMI scheme — Scheme for accreditation, approval and authorization to access security-related repair
and maintenance information
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 18541-1 apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
1) Available at https:// www .vehiclesermi .eu/ .
ISO 18541-2:2021(E)
4 Abbreviated terms
API application programming interface
CSP certificate status protocol
DB database
DLC data link cable
DLL dynamic link library
D-PDU diagnostic – protocol data unit
DVD optical disc storage media format
ECU electronic control unit
FAQ frequently asked questions
IO independent operator
IT information technology
LAN local area network
MVCI modular vehicle communication interface
NAT network address translation
OBD on-board diagnostics
OCSP online certificate status protocol
PC personal computer
PKCS public key certificate status
RMI repair and maintenance information
SERMI forum for access to security-related vehicle repair and maintenance information
TREQ- technical requirement
TC trust centre
USB universal serial bus
VAT No. value added tax number
VM vehicle manufacturer
WWH-OBD World-wide harmonized on-board diagnostics
5 Requirements overview and principles
5.1 Basic principles for requirements definition
Basic principles have been established as a guideline to define the requirements.
— BP1: the requirements stated in this document shall not specify any implementation details.
2 © ISO 2021 – All rights reserved

ISO 18541-2:2021(E)
— BP2: requirements shall be expressed in terms of performance rather than design or descriptive
characteristics. This approach leaves maximum freedom to technical development.
— BP3: a requirement is identified by a TREQ-xx, where ‘xx’ is the requirement number. Each
requirement consists of a “Main title”, “Requirement definition”, “Requirement description”,
“Explanatory/example” and “Classification”.
— BP4: The requirements in clusters 4 and 5 in this document have been formulated with the aim of
minimizing the number of IO clients (PC, laptop, etc.) required to access different VM RMI systems.
5.2 Requirements clustering
Figure 1 illustrates the technical requirements clusters. Figure 1 shall provide an overview about all
technical requirements clusters and the specific technical requirements. Each technical requirement
is identified by the mnemonic “TREQ-” and an alpha-numeric number. The name of the technical
requirement is descriptive for the area.
Figure 1 — Overview about the technical requirements clusters
Table 1 provides an overview of the main categories of standardized access to automotive RMI
requirements. A requirement category shall have at least one requirement.
ISO 18541-2:2021(E)
Table 1 — Main requirements clusters
# - Main title of Technical requirements
Brief description
cluster [TREQ] reference
1 – Access-related Describes the main data types to be administered by the VM [TREQ-1] General access-relat-
data administra- RMI system and the requirements for the appropriate man- ed data administration
tion agement procedures in order to comply with the standardized
[TREQ-2] Administration of IO
access to RMI.
data by the VM
RMI requirements related to cluster access-related data admin-
[TREQ-3] Administration of
istration are:
IO employee data by the VM
— requirements for the administration of IO data by the VM;
[TREQ-4] Administration of
payment data by the VM
— requirements for the administration IO employee data by
the VM;
[TREQ-5] Administration of
access event data by the VM
— requirements for the administration of payment data by
the VM; [TREQ-6] Administration of
access event data to securi-
— requirements for the administration of access event data
ty-related RMI by the VM
by the VM;
— requirements for the administration of access event data
to security-related RMI by the VM.
2 – IT Describes requirements for the main IT components and inter- [TREQ-7] Conceptual archi-
architecture faces at the different IT architectural levels. tecture
RMI requirements related to cluster IT architecture are: [TREQ-8] Implementation
principles
— requirements for the conceptual architecture;
— requirements for the implementation principles.
3 – External inter- Describes the requirements for communication interfaces other [TREQ-9] Vehicle communica-
faces than the user interface. tion interface (VCI)
RMI requirements related to cluster external interfaces are: [TREQ-10] Trust centre (cer-
tificate management)
— requirements for the vehicle communication interface
(VCI);
[TREQ-11] Parts ordering for
security-related features
— requirements for the trust centre (certificate
[TREQ-12] Partnered accessory
management);
provider systems
— requirements for the parts ordering for security-related
features;
— requirements for the partnered accessory provider
systems.
4 © ISO 2021 – All rights reserved

ISO 18541-2:2021(E)
Table 1 (continued)
# - Main title of Technical requirements
Brief description
cluster [TREQ] reference
4 – Technical in- Compatibility conditions, minimum requirements for components [TREQ-13] Type of device
frastructure and Internet connection parameters to give an acceptable per-
[TREQ-14] PC requirements
formance. This cluster intends to define minimal development
guiding rules that shall be followed by the VM in order to ensure
[TREQ-15] Operating systems
compatibility between VM RMI systems. Compatibility issues
[TREQ-16] Web browsers
that may occur shall be managed by the Forum SERMI.
[TREQ-17] Presentation for-
This requirements cluster specifies the technical infrastructure
mats for information packages
recommendations which are:
[TREQ-18] Internet connection
— requirements related to type of device;
[TREQ-19] Performance of the
— requirements related to PC requirements;
VM RMI system
— requirements related to operating systems, runtime
languages, libraries;
— requirements related to Web browsers;
— requirements related to presentation formats for
information packages;
— requirements related to Internet connection;
— requirements related to performance of the VM RMI
system.
5 – Coexistence of This requirements cluster specifies the coexistence of VM soft- [TREQ-20] Requirements for
VM software on IO ware on the IO client: installing VM-specific software
client on the IO client
— requirements for installing VM-specific software on the
IO client;
[TREQ-21] Requirements for
updating of installed VM data
— requirements for updating VM-specific software on the IO
and applications on the IO client
client;
[TREQ-22] Requirements for
— requirements for the operation of VM-specific software the operation of VM-specific
on the IO client; software on the IO client
[TREQ-23] Requirements for
— requirements for the uninstalling of VM-specific software
the uninstalling of VM-specific
on the IO client;
software on the IO client
— requirements for restoring in case of an abnormal
[TREQ-24] Requirements for
termination of the VM-specific software on the IO client.
restoring in case of an abnormal
termination of the VM-specific
The VM software shall be developed according to acknowledged
software on the IO client
quality criteria for the coexistence of VM applications installed
on the client side.
6 – Operations This requirements cluster specifies the RMI requirements related [TREQ-25] VM RMI system
to the cluster operations which are: availability time
— requirements related to the VM RMI system availability
[TREQ-26] Support for the
time;
usage of the VM RMI system
[TREQ-27] Operation of the
— requirements related to the support for the usage of the
IO PC
VM RMI system;
— requirements related to the operation of the IO PC.
7 – Functional user This requirement cluster includes the reference to the ISO 18541- [TREQ-28] Requirements clus-
interface 3 functional user interface of the VM RMI system. ter 7 – Functional user interface
ISO 18541-2:2021(E)
6 Requirements cluster 1 — Access-related data administration
6.1 [TREQ-1] General access-related data administration
Table 2 defines the requirements for the general access-related data administration.
Table 2 — [TREQ-1] General access-related data administration
REQ # TREQ-1
Main title General access-related data administration
Requirement The VM allows access to the RMI system depending on the storage of some data:
definition
— for user registration;
— agreement to terms and conditions;
— any other data required by local legislation;
— for user login and access data recovery;
— for invoicing;
— for physical delivery of material if needed;
— for logging of any access to security-related RMI;
— for logging of any access to ECU replacing/update (in case of liability issues);
— to be able to disable a user, see ISO 18541-1 use case UC 1.5 "request to delete the
registration of an IO employee".
Brief descrip- The VM shall administer data on users, on payment, on access events to security-related RMI
tion and on access events to general RMI content. It is important to be aware of any data or privacy
protection legislation when administering this data.
Classification Mandatory
6.2 [TREQ-2], [TREQ-3] Administration of IO and IO employee data by the VM
6.2.1 [TREQ-2] Administration of IO data by the VM
Table 3 defines the requirements for the administration of IO data by the VM.
6 © ISO 2021 – All rights reserved

ISO 18541-2:2021(E)
Table 3 — [TREQ-2] Administration of IO data by the VM
REQ # TREQ-2
Main title Requirements for the administration of IO data by the VM
Requirement IO data shall be administered by the VM to enable user access, access data reset and to facilitate
definition written communication with the IO.
Brief descrip- The following list of IO data shall be administered by the VM:
tion
— IO name;
— IO postal address;
— country;
— postal address for invoicing if different from IO postal address;
— inter-community VAT No.;
— first name, family name of the IO legal representative;
— e-mail address for communication with the IO legal representative in all aspects of the
VM RMI system usage;
— preferred language;
— user ID and password of the IO legal representative (the user ID must be unique in the VM
system).
Classification Mandatory
6.2.2 [TREQ-3] Administration of IO employee data by the VM
Table 4 defines the requirements for the administration of IO employee data by the VM.
Table 4 — [TREQ-3] Administration of IO employee data by the VM
REQ # TREQ-3
Main title Requirements for the administration of IO employee data by the VM
Requirement IO employee data shall be administered by the VM to enable user access, access data reset and
definition to facilitate written communication with the IO employee.
Brief descrip- The following list of user data shall be administered by the VM:
tion
— IO name;
— e-mail address for communication with the employee in all aspects of the VM RMI system
usage;
— preferred language;
— user ID and password of the IO employee (the user ID must be unique in the VM system);
— optionally credentials requested by the VM if the IO employee wants to request access to
security-related RMI;
— optionally the access level granted for security-related RMI.
Classification Mandatory
6.3 [TREQ-4] Administration of payment data by the VM
Table 5 defines the requirements for the administration of payment data by the VM.
ISO 18541-2:2021(E)
Table 5 — [TREQ-4] Administration of payment data by the VM
REQ # TREQ-4
Main title Requirements for the administration of payment data by the VM
Requirement User data shall be administered by the VM to allow the VM to invoice the user.
definition
Brief descrip- The following user data shall be administered by the VM for the purposes of invoicing for use
tion of the VM RMI system:
— type of subscription;
— method of payment;
— subscription period;
— invoicing address;
— inter-community VAT No.
Classification Mandatory
6.4 [TREQ-5] Administration of access event data by the VM
Table 6 defines the requirements for the administration of access event data by the VM.
Table 6 — [TREQ-5] Administration of access event data by the VM
REQ # TREQ-5
Main title Requirements for the administration of access event data by the VM
Requirement Access event data shall be administered by the VM to monitor use of the VM RMI system and
definition take appropriate action if necessary.
Brief descrip- The following access event data shall be administered by the VM:
tion
— user ID;
— log on and off times;
— period of non-use.
Classification Mandatory
6.5 [TREQ-6] Administration of access event data to security-related RMI by the VM
Table 7 defines the requirements for the administration of access event data to security-related RMI by
the VM.
Table 7 — [TREQ-6] Administration of access event data to security-related RMI by the VM
REQ # TREQ-6
Main title Requirements for the administration of access event data to security-related RMI by the VM
Requirement Access event data to security-related RMI shall be administered by the VM to support enquiries
definition in case of liability issues.
Brief descrip- The following access event data shall be administered by the VM:
tion
— user ID;
— log on and off times;
— type of security-related RMI accessed;
— VIN of the related vehicle;
— affected ECU (if possible).
8 © ISO 2021 – All rights reserved

ISO 18541-2:2021(E)
Table 7 (continued)
REQ # TREQ-6
Classification Mandatory
7 Requirements cluster 2 — IT architecture
7.1 [TREQ-7] Conceptual architecture
Table 8 defines the requirements for the conceptual architecture.
Table 8 — [TREQ-7] Conceptual architecture
REQ # TREQ-7
Main title Requirements for the conceptual architecture
Requirement The implementation of the RMI system shall be according to a standardized conceptual archi-
definition tecture.
Brief descrip- The standardized conceptual architecture is described in Figure 2.
tion
The IO is responsible for the provision of client hardware (PC, laptop, etc.) and a VCI according
to the detailed requirements in Clause 8.
The VM is responsible for the availability of the RMI system and the authorized/purchased
software and data components.
The VM shall facilitate the successful download to the IO client, once the IO has registered,
logged-in and prompted the download.
Classification Mandatory
Figure 2 shows all IT systems potentially involved in the execution of the repair and maintenance use
cases defined in ISO 18541-1.
— The RMI applications will be implemented as distributed software on a client device at the location
of the independent operator (independent operator system) and a server in the VM premises (vehicle
manufacturer/RMI system). The software distribution may follow different patterns depending on
the overall design decision taken by the application builders to achieve an optimum performance
(see 7.2).
— Client and server communicate via Internet.
— The RMI application may communicate with other applications for the execution of single use cases.
— The user is offered access to repair and maintenance information via the client device with standard
navigation, communication and display facilities.
— The vehicle acts as an IT system communicating with the other systems for use cases like updating
and replacing modules or integrated diagnostics.
— For the communication with the VM RMI applications, for the purposes of diagnostics and
reprogramming, two alternatives are possible:
— alternative '1': the vehicle is connected via a pluggable, standardized, non-proprietary vehicle
communication interface;
— alternative '2': the vehicle is connected via an in-build wireless, standardized, non-proprietary
vehicle communication interface;
— both alternatives shall either support ISO 22900-2 or the SAE J2534 series (or all three)
standards.
ISO 18541-2:2021(E)
Key
1 wired/wireless connection between “vehicle” and “independent operator system” with VCI protocol module
2 alternative means of connection as defined in TREQ-8 between “vehicle” and “independent operator system”
without VCI protocol module
Figure 2 — Conceptual architecture for access to vehicle RMI
7.2 [TREQ-8] Implementation principles
Table 9 defines the requirements for the implementation principles.
Table 9 — [TREQ-8] Implementation principles
REQ # TREQ-8
Main title Requirements for implementation principles
Requirement The implementation of the VM RMI architecture may vary as long as it remains within the
definition conceptual architecture.
10 © ISO 2021 – All rights reserved

ISO 18541-2:2021(E)
Table 9 (continued)
REQ # TREQ-8
Brief descrip- The VM will decide on the option for implementation to follow:
tion
— 'thin' client;
— 'thick' client, or
— any other implementation strategies following state-of-the-art software technology.
There are minimum requirements for the software infrastructure to be supported by the im-
plemented application. See the requirements of cluster 4 in Clause 9 for a detailed specification.
Figure 3 shows an example for 'thick' client architecture.
Figure 4 shows an example for 'thin' client architecture.
Classification Mandatory
Figure 3 illustrates an example for the implementation of a VM RMI application following a so-
called “thick client” software distribution pattern. Substantial parts of the application software
are downloaded to the client system and executed there. Some use cases are executed completely in
the client system; others are executed in cooperation between the client and the server application
software parts.
ISO 18541-2:2021(E)
Key
1 wired/wireless connection between “vehicle” and “independent operator system” with VCI protocol module
2 alternative means of connection as defined in TREQ-8 between “vehicle” and “independent operator system”
without VCI protocol module
Figure 3 — Example for thick client architecture
Figure 4 illustrates an example for the implementation of a VM RMI application following a so-called
“thin client” software distribution pattern. The application software resides only on the server and
is not downloaded to the client. In the client system only modules for web-based navigation, display
12 © ISO 2021 – All rights reserved

ISO 18541-2:2021(E)
and communication with the server, the vehicle, the certificate hardware and the trust centre are
implemented. All use cases are executed using the server application software.
Key
1 wired/wireless connection between “vehicle” and “independent operator system” with VCI protocol module
2 alternative means of connection as defined in TREQ-8 between “vehicle” and “independent operator system”
without VCI protocol module
Figure 4 — Example for thin client architecture
ISO 18541-2:2021(E)
8 Requirements cluster 3 — External interfaces
8.1 [TREQ-9] Vehicle communication interface (VCI)
Table 10 defines the requirements for the vehicle communication interface.
Table 10 — [TREQ-9] Vehicle communication interface (VCI)
REQ # TREQ-9
Main title Requirements for the vehicle communication interface (VCI)
Requirement The vehicle shall be connected to the diagnostics or programming application via a vehicle
definition communication interface (VCI) either compliant to the modular vehicle communication interface
(MVCI) according to ISO 22900-2 (D-PDU API), or SAE J2534 pass-thru according to SAE J2534–1
and SAE J2534–2 for diagnosis according to use case 6.3 and updating and replacing modules
according to use cases in cluster 7 of ISO 18541-1:2021.
The diagnostic and programming application may be integrated in the RMI system or run
separately.
Brief descrip- The VM RMI website shall inform the user about the VCI standards supported under the rele-
tion vant use cases.
When the VM RMI system supports ISO 22900-2 then the VM RMI system will support the D-PDU
API as specified in ISO 22900-2 (D-PDU API), so that different MVCI providers can communicate
via this API with the VM RMI system application for updating and replacing modules and inte-
grated diagnostics. A software driver for the specific MVCI shall be provided by the MVCI tool
manufacturer and shall be installed in the IO PC in addition to the VM RMI system software.
Figure 5 illustrates the ISO 22900-2 structure, components and interfaces.
When the VM RMI system supports the SAE J2534 series of pass-thru standards then the VM
RMI system will support the pass-thru API as specified in the SAE J2534–1 and SAE J2534–2
recommended practice, so that different pass-thru VCI providers can communicate via this
API with the VM RMI system application for updating and replacing modules and integrated
diagnostics. A software driver for the specific SAE J2534 series pass-thru VCI shall be provided
by the pass-thru device tool manufacturer and shall be installed in the IO PC in addition to the
VM RMI system software. Figure 6 illustrates the SAE J2534 series structure, components and
interfaces.
There may be many MVCI/pass-thru VCI providers for the vehicles and RMI system of one VM.
It is up to the IO to make a provider choice.
NOTE It is the VCI tool manufacturer's decision which vehicle communication protocols are
implemented in the VCI.
In addition to the above interfaces Ethernet, serial cable or LAN interface and alternative media
like CD, DVD or memory stick may also be used for infotainment systems (e.g. navigation sys-
tems, telephone) but on the condition that no proprietary communication software (e.g. drivers
or plugins) and hardware is required.
Classification Mandatory
Figure 5 illustrates the ECU programming/diagnostic runtime system as part of the VM's RMI system
with support for the ISO 22900-2 MVCI D-PDU API-compatible VCI.
The ECU programming/diagnostic runtime system consists of:
— at least one application, e.g. ECU programming;
TM2)
— an ISO 22900-2 MVCI D-PDU API compatible Microsoft Windows DLL provided by the VCI tool
manufacturer;
2) Microsof
...