EN 50436-6:2015
Current
The latest, up-to-date edition.
Alcohol interlocks - Test methods and performance requirements - Part 6: Data security
06-03-2015
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 General
5 Alcohol interlock classes
6 Security objectives
7 Security requirements
Annex A (informative) - Security problem definition
Annex B (informative) - Rationales
Annex C (informative) - Security testing
Annex D (informative) - Use of this standard
Bibliography
1.1GeneralThis European Standard specifies security requirements for the protection and handling of event records which are stored in the data memory of breath alcohol controlled alcohol interlocks and which may be downloaded, processed and transferred to supervising persons or organizations.This European Standard is a supplement to EN 50436-1. It is to be decided by the respective jurisdiction whether the present standard has to be applied in addition to EN 50436-1.This European standard may also be used as a supplement to EN 50436-2 if a jurisdiction or a vehicle fleet operator decides that the data security in his preventive application has to have the same high level of requirements as for alcohol interlocks used in drink-driving-offender programmes.This European Standard is mainly directed to test houses, manufacturers of alcohol interlocks, legislating authorities and organizations which handle and use the alcohol interlock event records.In this European Standard, the alcohol interlock consists basically of handset and control unit. Optional accessory devices (e.g. cameras or GPS systems generating data related to event data of the alcohol interlock, as well as accessory devices handling or transferring data for a drink-driving-offender programme) authorized by the manufacturer as being part of the alcohol interlock system and which are intended to be used in the vehicle during operation are also to be considered part of the alcohol interlock, where applicable.The service application communicates with the alcohol interlock and sends out the event records to a register, either directly or alternatively indirectly through a broker.The scheme is depicted in Figure 1. It also shows which parts are within the scope of this European Standard and which are outside of the scope.NOTEIn this, and all other figures, the direction of the arrows indicates the flow of event records.This European Standard applies to-the alcohol interlock,-the service application.This European Standard does not apply to-data security of the broker,-data security of the register,-storage of downloaded data,-requirements for organizational processes, for example defining rights of access to the data.1.2Conformance claimThis European Standard conforms according to the Common Criteria for Information Technology Security Evaluation as Protection Profile to:-Common Criteria, Version 3.1, Revision 4, as defined by CCp1, CCp2, CCp3 and CEMe,-Common Criteria - Part 2 as Common Criteria - Part 2 conformant,-Common Criteria - Part 3 as Common Criteria - Part 3 conformant.NOTE 1An earlier revision of CCp1 is published as ISO/IEC 15408 1.NOTE 2An earlier revision of CCp2 is published as ISO/IEC 15408 2.NOTE 3An earlier revision of CCp3 is published as ISO/IEC 15408 3.NOTE 4An earlier revision of CEMe is published as ISO/IEC 18045.This European Standard is not based on any other Protection Profile.This European Standard conforms to the evaluation assurance level EAL3 + ALC_FLR.2 (for explanation see 7.4).Protection profiles or security targets that conform to this Protection Profile shall apply "Strict Protection-Profile-Conformance".For more information, see CCp1, Annex B5.
Committee |
CLC/BTTF 116-2
|
DevelopmentNote |
Supersedes PREN 50436-6. (03/2015)
|
DocumentType |
Standard
|
PublisherName |
European Committee for Standards - Electrical
|
Status |
Current
|
Supersedes |
Standards | Relationship |
BS EN 50436-6:2015 | Identical |
I.S. EN 50436-6:2015 | Identical |
NBN EN 50436-6 : 2015 | Identical |
PN EN 50436-6 : 2015 | Identical |
NF EN 50436-6 : 2015 | Identical |
NEN EN 50436-6 : 2015 | Identical |
CEI EN 50436-6 : 2016 | Identical |
DIN EN 50436-6 : 2015 | Identical |
SN EN 50436-6:2015 | Identical |
VDE 0406-6 : 2015 | Identical |
UNE-EN 50436-6:2015 | Identical |
PNE-prEN 50436-6 | Identical |
15/30325751 DC : 0 | BS EN 50436-3 - ALCHOLIC INTERLOCKS - TEST METHODS AND PERFORMANCE REQUIREMENTS - PART 3: GUIDANCE FOR AUTHORITIES, DECISION MAKERS, PURCHASERS AND USERS |
BS EN 50436-3:2016 | Alcohol interlocks. Test methods and performance requirements Guidance for authorities, decision makers, purchasers and users |
I.S. EN 50436-3:2016 | ALCOHOL INTERLOCKS - TEST METHODS AND PERFORMANCE REQUIREMENTS - PART 3: GUIDANCE FOR AUTHORITIES, DECISION MAKERS, PURCHASERS AND USERS |
PREN 50436-3 : DRAFT 2015 | ALCOHOL INTERLOCKS - TEST METHODS AND PERFORMANCE REQUIREMENTS - PART 3: GUIDANCE FOR AUTHORITIES, DECISION MAKERS, PURCHASERS AND USERS |
CAN/CSA-Z627-16 | Breath alcohol ignition interlock devices |
EN 50436-3:2016 | Alcohol interlocks - Test methods and performance requirements - Part 3: Guidance for authorities, decision makers, purchasers and users |
ISO/IEC 15408-2:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components |
ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
EN 50436-2 : 2014 AMD 1 2015 | ALCOHOL INTERLOCKS - TEST METHODS AND PERFORMANCE REQUIREMENTS - PART 2: INSTRUMENTS HAVING A MOUTHPIECE AND MEASURING BREATH ALCOHOL FOR GENERAL PREVENTIVE USE |
ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
EN 50436-1 : 2014 COR 2016 | ALCOHOL INTERLOCKS - TEST METHODS AND PERFORMANCE REQUIREMENTS - PART 1: INSTRUMENTS FOR DRINK-DRIVING-OFFENDER PROGRAMS |
ISO/IEC 15408-1:2009 | Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model |
ISO/IEC 18045:2008 | Information technology — Security techniques — Methodology for IT security evaluation |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.