Informationsteknik, kontorsutrustning

1.1 In scope This document defines a Recommended Practice for Product Structure validation. The objective is to validate the product structure of data ingested, extracted or re-used by the archive. This document defines a method to uniquely identify each node in the product structure and to uniquely define the structure of each assembly node. 1.2 Out of scope This document will not provide validation properties for documents; CAD or other.

ISO/IEC 29146:2024 defines and establishes a framework for access management (AM) and the secure management of the process to access information and Information and Communications Technologies (ICT) resources, associated with the accountability of a subject within some context. ISO/IEC 29146:2024 provides explanations about related architecture, components and management functions and concepts, terms and definitions applicable to distributed access management. The subjects involved in access management might be uniquely recognized to access information systems, as defined in ISO/IEC 24760.

This standards shall provide specifications applicable to vulnerability handling processes, covering all relevant product categories, to be put in place by manufacturers of the products with digital elements. Those processes shall at least allow to: (a) identify and document vulnerabilities and components contained in the product, including by drawing up a software bill of materials in a commonly used and machinereadable format covering at the very least the top-level dependencies of the product; (b) in relation to the risks posed to the products with digital elements, address and remediate vulnerabilities without delay, including by providing security updates; where technically feasible, new security updates shall be provided separately from functionality updates; (c) apply effective and regular tests and reviews of the security of the product with digital elements; (d) once a security update has been made available, share and publicly disclose information about fixed vulnerabilities, including a description of the vulnerabilities, information allowing users to identify the product with digital elements affected, the impacts of the vulnerabilities, their severity and clear and accessible information helping users to remediate the vulnerabilities; in duly justified cases, where manufacturers consider the security risks of publication to outweigh the security benefits, they may delay making public information regarding a fixed vulnerability until after users have been given the possibility to apply the relevant patch; (e) put in place and enforce a policy on coordinated vulnerability disclosure; (f) take measures to facilitate the sharing of information about potential vulnerabilities in their product with digital elements as well as in third party components contained in that product, including by providing a standardised contact address for the reporting of the vulnerabilities discovered in the product with digital elements; (g) provide for mechanisms to securely distribute updates for products with digital elements to ensure that vulnerabilities are fixed or mitigated in a timely manner, and, where applicable for security updates, in an automatic manner; (h) ensure that, where security updates are available to address identified security issues, they are disseminated without delay and, unless otherwise agreed between manufacturer and business user in relation to a tailor-made product with digital elements, free of charge, accompanied by advisory messages providing users with the relevant information, including on potential action to be taken.

This standard describes the requirements to be satisfied by domain-specific reference architectures that address entities of interest such as software, systems, enterprises, missions, systems of systems, families of systems, products (goods or services), product lines, service lines, technologies and business domains. The proposed standard will be universally applicable to — organizations seeking sustained success through the implementation of architecture practices, — organizations and interested parties seeking to improve communication through a common understanding of the vocabulary and concepts used in reference architectures, — organizations performing conformity assessments against the requirements of reference- architecture-related standards and specifications, — organizations that serve as certification authorities that will benefit from the use of reference architectures, — organizations that need to mandate use of reference architectures, — providers of reference architectures, guidelines, training, education, evaluation or recommendations in architecture practice, — developers of reference-architecture standards, reference models, and related tools/technologies, — users of reference architectures. The application areas of this standard include, but are not limited to, the following: artificial intelligence (AI), machine learning (ML), Internet of Things (IoT), cloud computing, big data, smart cities, smart manufacturing, cybersecurity, digital twin, telecommunications, aerospace, defense, banking, finance, insurance, energy, automotive, logistics, hospitality, healthcare, supply chain, transportation, manufacturing, agriculture, production, and infrastructure. The proposed deliverable is part of the ISO 42000 architecture standards (e.g., 42010, 42020, 42030).

The following is in scope of this document: - business specification for long term archiving and retrieval of CAD 3D explicit geometry (see Clause 5); - essential information of CAD 3D explicit geometry (solids, curves, surfaces, and points) to be preserved (see Clause 6); - data structures detailing the main fundamentals and concepts of CAD 3D explicit geometry (see Clause 7); - verification rules to check CAD 3D explicit geometry for consistency and data quality (see Clause 8); - validation rules to be stored with the CAD 3D explicit geometry in the archive to check essential characteristics after retrieval (see Clause 9). NOTE 1 This document includes the geometrical external shape resulting from CAD 3D domain elements (e.g. 3D Structural components, 3D Tubing, 3D electrical harness, 3D composite, etc.). The following is outside the scope of this document: - the formal definition of validation and verification rules to check 3D explicit geometry for consistency and data quality using a machine-readable syntax; - implicit or parametric geometry; - Geometric Dimensioning and Tolerancing (GD&T), Product and Manufacturing Information (PMI); N0TE 2 For long term archiving of the GD&T and PMI see EN 9300 120, EN 9300 121 and EN 9300 125. - assembly structures and PDM product structures; NOTE 3 For long term archiving of assembly structure see EN 9300 115 and for product structure see EN 9300 2xx series. - model styling and organization of explicit geometry.

This document provides trustworthiness requirements and guidance for data space participants in support of trusted data transactions. Specifically, it defines a set of foundational principles for trusted data transactions, and establishes general requirements and guidance that apply to all phases of a trusted data transaction, and specific requirements for each phase of a trusted data transaction. This document applies to all types of organizations participating in data spaces, regardless of their type or size.

This document specifies concepts used in the field of cloud computing. These concepts expand upon the cloud computing vocabulary defined in ISO/IEC 22123-1 and provide a foundation for other documents that are associated with cloud computing.

This document specifies the cloud computing reference architecture (CCRA).

This document outlines quality models for AI systems and services and is an applicationspecific extension to the standards on SQuaRE. The characteristics and sub-characteristics detailed in the models provide consistent terminology for specifying, measuring and evaluating AI system and service quality. The characteristics and sub-characteristics detailed in the models also provide a set of quality characteristics against which stated quality requirements can be compared for completeness.

This document specifies the syntax and semantics of data objects in the field of electronic fee collection (EFC). The definitions of data types and assignment of semantics are provided in accordance with the abstract syntax notation one (ASN.1) technique, as specified in ISO/IEC 8824-1. This document defines:

—    ASN.1 (data) types within the field of EFC;

—    ASN.1 (data) types of a more general use that are used more specifically in standards related to EFC.

This document does not seek to define ASN.1 (data) types that are primarily related to other fields that operate in conjunction with EFC, such as cooperative intelligent transport systems (C-ITS), the financial sector, etc.

This document specifies the test procedures of electronic fee collection (EFC) roadside equipment (RSE) and on-board equipment (OBE) with regard to the conformance to standards and requirements for type approval and acceptance testing which is within the realm of EFC application specifically. The scope of this document is restricted to systems operating within the radio emission, electromagnetic compatibility (EMC) regulations, traffic, and other regulations of the countries in which they are operated. This document identifies a set of suitable parameters and provides test procedures to enable the proof of a complete EFC system, as well as components of an EFC system, e.g. OBE, related to the defined requirements of an application. The defined parameter and tests are assigned to the following groups of parameters: — functionality; — quality; — referenced pre-tests. An overview of the tests and parameters provided by this document is given in 5.1 and 5.2. This document describes procedures, methods and tools, and a test plan which shows the relation between all tests and the sequence of these tests. It lists all tests that are required to measure the performance of EFC equipment. It describes which EFC equipment is covered by the test procedures; the values of the parameters to be tested are not included. It also describes how the tests are to be performed and which tools and prerequisites are necessary before this series of tests can be undertaken. It is assumed that the security of the system is inherent in the communications and EFC functionality tests, therefore they are not addressed here. All tests in this document provide instructions to evaluate the test results. This document defines only the tests and test procedures, not the benchmark figures that these are to be measured against. The test procedures defined in this document can be used as input, e.g. by scheme owners, for prototype testing, type approvals, tests of installations and periodic inspections. Related to a conceptual model of an EFC system, this document relates only to the equipment of the user and the service provider. Any other entities are outside the scope of document. EFC systems for dedicated short-range communication (DSRC) consist, in principle, of a group of technical components, which in combination fulfil the functions required for the collection of fees by electronic automatic means. These components comprise all, or most, of the following: — OBE within a vehicle; — OBE containing the communications and computing sub-functions; — optional integrated circuit card which may carry electronic money, service rights, and other secured information; — communication between OBE and RSE based on DSRC; — equipment for the fee collection at the RSE containing the communications and computing sub-functions; — equipment for the enforcement at the roadside; — central equipment for the administration and operation of the system. The scope of this document relates solely to OBE and RSE and the DSRC interface between OBE and RSE including its functions to perform the fee collection. All the equipment used for enforcement (e.g. detection, classification, localization, and registration) and central equipment are outside the scope of this document.

This document defines the architecture of electronic fee collection (EFC) system environments, in which a customer with one contract can use a vehicle in a variety of toll domains with a different toll charger (TC) for each domain.

EFC systems conforming to this document can be used for various purposes including road (network) tolling, area tolling, collecting fees for the usage of bridges, tunnels, ferries, for access or for parking. From a technical point of view the considered toll systems can identify vehicles subject to tolling by means of electronic OBE in a vehicle or by other means that are image-based (e.g. automatic number plate recognition, ANPR).

From a process point of view the architectural description focuses on toll determination, toll charging, 

provision of toll service to the user, and the associated enforcement measures. The actual collection of the toll, i.e. collecting payments, is outside of the scope of this document.

The architecture in this document is defined with no more details than required for an overall overview, a common language, an identification of the need for and interactions among other standards, and the drafting of these standards.

This document as a whole provides:

— the enterprise view on the architecture, which is concerned with the purpose, scope and policies 

governing the activities of the specified system within the organization of which it is a part;

— the terms and definitions specific to this standard, in addition to those provided in ISO/FDIS 17573-2;

— a decomposition of the EFC systems environment into its main enterprise objects;

— the roles and responsibilities of the main actors. This document does not impose that all roles perform all indicated responsibilities. It should also be clear that the responsibilities of a role can be shared between two or more actors. Mandating the performance of certain responsibilities is the task of standards derived from this architecture;

— identification of the provided services by means of action diagrams that underline the needed 

standardized exchanges;

— identification of the interoperability interfaces for EFC systems, in specialized standards.

ISO 11616:2017 is intended to provide specific levels of information relevant to the identification of a Medicinal Product or group of Medicinal Products. It defines the data elements, structures and relationships between data elements that are required for the exchange of regulated information, in order to uniquely identify pharmaceutical products. This identification is to be applied throughout the product lifecycle to support pharmacovigilance, regulatory and other activities worldwide. In addition, ISO 11616:2017 is essential to ensure that pharmaceutical product information is assembled in a structured format with transmission between a diverse set of stakeholders for both regulatory and clinical (e.g. e-prescribing, clinical decision support) purposes. This ensures interoperability and compatibility for both the sender and the recipient. ISO 11616:2017 is not intended to be a scientific classification for pharmaceutical products. Rather, it is a formal association of particular data elements categorised in prescribed combinations and uniquely identified when levelling degrees of information are incomplete. This allows for Medicinal Products to be unequivocally identified on a global level. References to other normative IDMP and messaging standards for pharmaceutical product information are included in Clause 2, to be applied in the context of ISO 11616:2017. Medicinal products for veterinary use are out of scope of ISO 11616:2017.

This document provides an information model to define and identify substances within medicinal products or substances used for medicinal purposes, including dietary supplements, foods and cosmetics. The information model can be used in the human and veterinary domain since the principles are transferrable. Other standards and external terminological resources are referenced that are applicable to this document.