US: NTCIP Transportation Sensors - SNMPv1/TLS
Description:
This solution is used within the U.S.. It combines standards associated with US: NTCIP Transportation Sensors with those for I-F: SNMPv1/TLS. The US: NTCIP Transportation Sensors standards include upper-layer standards required to implement center-to-field transportation sensors (e.g., vehicle detectors) communications (e.g., real-time). The I-F: SNMPv1/TLS standards include lower-layer standards that define one way to retrofit basic security into SNMPv1 implementations (mainly in the US); however, this only secures the communications link and does not provide end-application security and is not recommended for new deployments.
Comm Profile: I-F: SNMPv1/TLS
Standards in Profile:
Level | Doc # | Standard | Description |
Access
|
|
Field SubNet Alternatives
|
A set of alternative standards that defines various SubNet Layer alternatives for use in center-to-field and field-to-field connections.
|
Facilities
|
NTCIP 2301
|
Bundle: NTCIP AP-STMF
|
This standard specifies the standards required for the Facilities Layer for most center-to-field communications using the SNMPv1 GET-SET paradigm.
|
Mgmt
|
|
Bundle: SNMPv1 MIB
|
A bundle of standards (RFCs) used to manage an Internet device that supports SNMPv1. SNMPv1 is deprecated as it does not provide any security, which exposes the entire C-ITS environment to well-known vulnerabilities.
|
Security
|
IETF RFC 8446
|
IETF RFC 8446 TLS
|
This standard (RFC) specifies Version 1.3 of the Transport Layer Security (TLS) protocol. The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.
|
TransNet
|
IETF RFC 9293
|
IETF RFC 9293 TCP
|
This document specifies the Transmission Control Protocol (TCP). TCP is an important transport-layer protocol in the Internet protocol stack, and it has continuously evolved over decades of use and growth of the Internet. Over this time, a number of changes have been made to TCP as it was specified in RFC 793, though these have only been documented in a piecemeal fashion. This document collects and brings those changes together with the protocol specification from RFC 793. This document obsoletes RFC 793, as well as RFCs 879, 2873, 6093, 6429, 6528, and 6691 that updated parts of RFC 793. It updates RFCs 1011 and 1122, and it should be considered as a replacement for the portions of those documents dealing with TCP requirements. It also updates RFC 5961 by adding a small clarification in reset handling while in the SYN-RECEIVED state. The TCP header control bits from RFC 793 have also been updated based on RFC 3168.
|
TransNet
|
|
IP Alternatives
|
A set of alternative standards that allows for the selection of IPv4 or IPv6.
|
Data Profile: US: NTCIP Transportation Sensors
Standards in Profile:
Level | Doc # | Standard | Description |
Facilities
|
NTCIP 1209
|
NTCIP Transportation Sensor Objects
|
This standard defines SNMP objects (data elements) to monitor and control transportation system sensors that measure real-time vehicular traffic information.
|
ITS Application Entity
|
NTCIP 1209
|
NTCIP Transportation Sensor Objects
|
This standard defines SNMP objects (data elements) to monitor and control transportation system sensors that measure real-time vehicular traffic information.
|
Mgmt
|
NTCIP 1201
|
NTCIP Global Objects
|
This standard defines SNMP objects (data elements) used by a wide range of field devices like time and versioning information.
|
Readiness Description:
One significant or possibly a couple minor issues. For existing deployments, the chosen solution likely has identified security or management issues not addressed by the communications solution. Deployers should consider additional security measures, such as communications link and physical security as part of these solutions. They should also review the management issues to see if they are relevant to their deployment and would require mitigation. For new deployments, the deployment efforts should consider a path to addressing these issues as a part of their design activities. The solution does not by itself provide a fully secure implementation without additional work.
Last Updated 4/19/2024