< < CVO13 : CVO14 : CVO15 > >

CVO14: CV Driver Security Authentication

This service package provides the ability for Fleet and Freight Management to detect when an unauthorized commercial vehicle driver attempts to drive their vehicle based on stored driver identity information. If an unauthorized driver has been detected, Fleet and Freight Management can activate commands to safely disable the commercial vehicle. Alarms can also be sent to emergency management to inform them of a potential commercial vehicle hijacking or theft and potential hazardous situation. In addition, Emergency Management can request Fleet and Freight Management to disable a specific vehicle in their fleet.

Relevant Regions: Australia, Canada, European Union, and United States

Enterprise

Development Stage Roles and Relationships

Installation Stage Roles and Relationships

Operations and Maintenance Stage Roles and Relationships
(hide)

Source Destination Role/Relationship
Basic Commercial Vehicle Maintainer Basic Commercial Vehicle Maintains
Basic Commercial Vehicle Manager Basic Commercial Vehicle Manages
Basic Commercial Vehicle Owner Basic Commercial Vehicle Maintainer System Maintenance Agreement
Basic Commercial Vehicle Owner Basic Commercial Vehicle Manager Operations Agreement
Basic Commercial Vehicle Supplier Basic Commercial Vehicle Owner Warranty
Commercial Vehicle Check Equipment Maintainer Commercial Vehicle Check Equipment Maintains
Commercial Vehicle Check Equipment Manager Commercial Vehicle Check Equipment Manages
Commercial Vehicle Check Equipment Owner Commercial Vehicle Check Equipment Maintainer System Maintenance Agreement
Commercial Vehicle Check Equipment Owner Commercial Vehicle Check Equipment Manager Operations Agreement
Commercial Vehicle Check Equipment Supplier Commercial Vehicle Check Equipment Owner Warranty
Commercial Vehicle Driver Commercial Vehicle OBE Operates
Commercial Vehicle Driver Driver Identification Card Operates
Commercial Vehicle OBE Maintainer Commercial Vehicle OBE Maintains
Commercial Vehicle OBE Manager Commercial Vehicle Driver System Usage Agreement
Commercial Vehicle OBE Manager Commercial Vehicle OBE Manages
Commercial Vehicle OBE Owner Basic Commercial Vehicle Maintainer Maintenance Data Exchange Agreement
Commercial Vehicle OBE Owner Basic Commercial Vehicle Owner Expectation of Data Provision
Commercial Vehicle OBE Owner Basic Commercial Vehicle User Service Usage Agreement
Commercial Vehicle OBE Owner Commercial Vehicle Check Equipment Maintainer Maintenance Data Exchange Agreement
Commercial Vehicle OBE Owner Commercial Vehicle Check Equipment Owner Expectation of Data Provision
Commercial Vehicle OBE Owner Commercial Vehicle Check Equipment User Service Usage Agreement
Commercial Vehicle OBE Owner Commercial Vehicle OBE Maintainer System Maintenance Agreement
Commercial Vehicle OBE Owner Commercial Vehicle OBE Manager Operations Agreement
Commercial Vehicle OBE Owner Fleet and Freight Management Center Maintainer Maintenance Data Exchange Agreement
Commercial Vehicle OBE Owner Fleet and Freight Management Center Owner Expectation of Data Provision
Commercial Vehicle OBE Owner Fleet and Freight Management Center User Service Usage Agreement
Commercial Vehicle OBE Owner Fleet-Freight Manager Application Usage Agreement
Commercial Vehicle OBE Owner Fleet-Freight Manager Vehicle Operating Agreement
Commercial Vehicle OBE Supplier Commercial Vehicle OBE Owner Warranty
Driver Identification Card Maintainer Driver Identification Card Maintains
Driver Identification Card Manager Commercial Vehicle Driver System Usage Agreement
Driver Identification Card Manager Driver Identification Card Manages
Driver Identification Card Owner Commercial Vehicle Check Equipment Maintainer Maintenance Data Exchange Agreement
Driver Identification Card Owner Commercial Vehicle Check Equipment Owner Information Provision and Action Agreement
Driver Identification Card Owner Commercial Vehicle Check Equipment User Service Usage Agreement
Driver Identification Card Owner Commercial Vehicle Driver Application Usage Agreement
Driver Identification Card Owner Commercial Vehicle OBE Maintainer Maintenance Data Exchange Agreement
Driver Identification Card Owner Commercial Vehicle OBE Owner Information Provision and Action Agreement
Driver Identification Card Owner Commercial Vehicle OBE User Service Usage Agreement
Driver Identification Card Owner Driver Identification Card Maintainer System Maintenance Agreement
Driver Identification Card Owner Driver Identification Card Manager Operations Agreement
Driver Identification Card Owner Fleet and Freight Management Center Maintainer Maintenance Data Exchange Agreement
Driver Identification Card Owner Fleet and Freight Management Center Owner Information Provision and Action Agreement
Driver Identification Card Owner Fleet and Freight Management Center User Service Usage Agreement
Driver Identification Card Owner Fleet-Freight Manager Application Usage Agreement
Driver Identification Card Supplier Driver Identification Card Owner Warranty
Emergency Management Center Maintainer Emergency Management Center Maintains
Emergency Management Center Manager Emergency Management Center Manages
Emergency Management Center Manager Emergency System Operator System Usage Agreement
Emergency Management Center Owner Emergency Management Center Maintainer System Maintenance Agreement
Emergency Management Center Owner Emergency Management Center Manager Operations Agreement
Emergency Management Center Owner Fleet and Freight Management Center Maintainer Maintenance Data Exchange Agreement
Emergency Management Center Owner Fleet and Freight Management Center Owner Information Exchange Agreement
Emergency Management Center Owner Fleet and Freight Management Center User Service Usage Agreement
Emergency Management Center Owner Fleet-Freight Manager Application Usage Agreement
Emergency Management Center Supplier Emergency Management Center Owner Warranty
Emergency System Operator Emergency Management Center Operates
Fleet and Freight Management Center Maintainer Fleet and Freight Management Center Maintains
Fleet and Freight Management Center Manager Fleet and Freight Management Center Manages
Fleet and Freight Management Center Manager Fleet-Freight Manager System Usage Agreement
Fleet and Freight Management Center Owner Commercial Vehicle Driver Application Usage Agreement
Fleet and Freight Management Center Owner Commercial Vehicle OBE Maintainer Maintenance Data Exchange Agreement
Fleet and Freight Management Center Owner Commercial Vehicle OBE Owner Information Provision Agreement
Fleet and Freight Management Center Owner Commercial Vehicle OBE User Service Usage Agreement
Fleet and Freight Management Center Owner Emergency Management Center Maintainer Maintenance Data Exchange Agreement
Fleet and Freight Management Center Owner Emergency Management Center Owner Information Exchange Agreement
Fleet and Freight Management Center Owner Emergency Management Center User Service Usage Agreement
Fleet and Freight Management Center Owner Emergency System Operator Application Usage Agreement
Fleet and Freight Management Center Owner Fleet and Freight Management Center Maintainer System Maintenance Agreement
Fleet and Freight Management Center Owner Fleet and Freight Management Center Manager Operations Agreement
Fleet and Freight Management Center Supplier Fleet and Freight Management Center Owner Warranty
Fleet-Freight Manager Fleet and Freight Management Center Operates

Functional

This service package includes the following Functional View PSpecs:

Physical Object Functional Object PSpec Number PSpec Name
Commercial Vehicle Check Equipment CVCE Safety and Security Inspection 2.3.1 Produce Commercial Vehicle Driver Message at Roadside
2.3.3.1 Provide Commercial Vehicle Checkstation Communications
2.3.3.2 Provide Commercial Vehicle Inspector Handheld Terminal Interface
2.3.3.3 Administer Commercial Vehicle Roadside Safety Database
2.3.3.4 Carry-out Commercial Vehicle Roadside Safety Screening
2.3.3.5 Carry-out Commercial Vehicle Roadside Inspection
2.3.4 Detect and Classify Commercial Vehicles and Freight Equipment
2.3.5 Provide Commercial Vehicle Roadside Operator Interface
2.3.6 Provide Commercial Vehicle Reports
Commercial Vehicle OBE CV On-board Driver Authentication 2.4.1 Communicate Commercial Vehicle On-board Data to Roadside
2.4.3 Analyze Commercial Vehicle On-board Data
2.4.4 Provide Commercial Vehicle Driver Interface
2.4.7 Manage CV On-board Data
2.4.9 Authenticate Commercial Vehicle Driver
CV On-Board Trip Monitoring 2.1.4 Provide Commercial Vehicle Driver Routing Interface
2.2.2 Provide Vehicle Static Route
2.2.3 Provide CV Driver Electronic Credential and Tax Filing Interface
2.2.4 Provide Commercial Vehicle Driver Communications
2.4.4 Provide Commercial Vehicle Driver Interface
2.4.5 Communicate Commercial Vehicle On-board Data to Vehicle Manager
2.4.6 Provide Commercial Vehicle On-board Data Store Interface
2.4.8 Correlate Commercial Vehicle Route
Emergency Management Center Emergency Commercial Vehicle Response 5.1.1.1 Coordinate Emergency Inputs
5.1.1.2 Identify Commercial Vehicle Emergencies
Fleet and Freight Management Center Fleet Driver Authentication 2.1.1.7 Monitor Assignment Identities
2.1.5 Manage Driver Instruction Store
2.1.6 Manage Commercial Vehicle Incidents

Physical

The physical diagram can be viewed in SVG or PNG format and the current format is SVG.
SVG Diagram
PNG Diagram


Display Legend in SVG or PNG

Includes Physical Objects:

Physical Object Class Description
Basic Commercial Vehicle Vehicle The 'Basic Commercial Vehicle' represents the commercial vehicle that hosts the on-board equipment that provides ITS capabilities. It includes the heavy vehicle databus and all other interface points between on-board systems and the rest of the commercial vehicle. This vehicle is used to transport goods, is operated by a professional driver and typically administered as part of a larger fleet. Commercial Vehicle classification applies to all goods transport vehicles ranging from small panel vans used in local pick-up and delivery services to large, multi-axle tractor-trailer rigs operating on long haul routes.
Commercial Vehicle Check Equipment Field 'Commercial Vehicle Check Equipment' supports automated vehicle identification at mainline speeds for credential checking, roadside safety inspections, and weigh-in-motion using two-way data exchange. These capabilities include providing warnings to the commercial vehicle drivers, their fleet managers, and proper authorities of any safety problems that have been identified, accessing and examining historical safety data, and automatically deciding whether to allow the vehicle to pass or require it to stop with operator manual override. Commercial Vehicle Check Equipment also provides supplemental inspection services such as expedited brake inspections, the use of operator hand-held devices, mobile screening sites, on-board safety database access, and the enrollment of vehicles and carriers in the electronic clearance program.
Commercial Vehicle Driver Vehicle The 'Commercial Vehicle Driver' represents the people that operate vehicles transporting goods, including both long haul trucks and local pick-up and delivery vans. This physical object is complementary to the Driver physical object in that it represents those interactions which are unique to Commercial Vehicle Operations. Information flowing from the Commercial Vehicle Driver includes those system inputs specific to Commercial Vehicle Operations.
Commercial Vehicle OBE Vehicle The Commercial Vehicle On-Board Equipment (OBE) resides in a commercial vehicle and provides the sensory, processing, storage, and communications functions necessary to support safe and efficient commercial vehicle operations. It provides two-way communications between the commercial vehicle drivers, their fleet managers, attached freight equipment, and roadside officials. A separate 'Vehicle OBE' physical object supports vehicle safety and driver information capabilities that apply to all vehicles, including commercial vehicles. The Commercial Vehicle OBE supplements these general ITS capabilities with capabilities that are specific to commercial vehicles.
Driver Identification Card Vehicle 'Driver Identification Card' represents the card or device that enables the transfer of electronic identification information for a driver. This may include license information, biometrics, and other data to identify the driver. Typically the card will be issued by a government agency (e.g. a state driver licensing agency).
Emergency Management Center Center The 'Emergency Management Center' represents systems that support incident management, disaster response and evacuation, security monitoring, and other security and public safety-oriented ITS applications. It includes the functions associated with fixed and mobile public safety communications centers including public safety call taker and dispatch centers operated by police (including transit police), fire, and emergency medical services. It includes the functions associated with Emergency Operations Centers that are activated at local, regional, state, and federal levels for emergencies and the portable and transportable systems that support Incident Command System operations at an incident. This Center also represents systems associated with towing and recovery, freeway service patrols, HAZMAT response teams, and mayday service providers.

It manages sensor and surveillance equipment used to enhance transportation security of the roadway infrastructure (including bridges, tunnels, interchanges, and other key roadway segments) and the public transportation system (including transit vehicles, public areas such as transit stops and stations, facilities such as transit yards, and transit infrastructure such as rail, bridges, tunnels, or bus guideways). It provides security/surveillance services to improve traveler security in public areas not a part of the public transportation system.

It monitors alerts, advisories, and other threat information and prepares for and responds to identified emergencies. It coordinates emergency response involving multiple agencies with peer centers. It stores, coordinates, and utilizes emergency response and evacuation plans to facilitate this coordinated response. Emergency situation information including damage assessments, response status, evacuation information, and resource information are shared The Emergency Management Center also provides a focal point for coordination of the emergency and evacuation information that is provided to the traveling public, including wide-area alerts when immediate public notification is warranted.

It tracks and manages emergency vehicle fleets using real-time road network status and routing information from the other centers to aid in selecting the emergency vehicle(s) and routes, and works with other relevant centers to tailor traffic control to support emergency vehicle ingress and egress, implementation of special traffic restrictions and closures, evacuation traffic control plans, and other special strategies that adapt the transportation system to better meet the unique demands of an emergency.
Emergency System Operator Center 'Emergency System Operator' represents the public safety personnel that monitor emergency requests, (including those from the E911 Operator) and set up pre-defined responses to be executed by an emergency management system. The operator may also override predefined responses where it is observed that they are not achieving the desired result. This also includes dispatchers who manage an emergency fleet (police, fire, ambulance, HAZMAT, etc.) or higher order emergency managers who provide response coordination during emergencies.
Fleet and Freight Management Center Center The 'Fleet and Freight Management Center' provides the capability for commercial drivers and fleet-freight managers to receive real-time routing information and access databases containing vehicle and/or freight equipment locations as well as carrier, vehicle, freight equipment and driver information. The 'Fleet and Freight Management Center' also provides the capability for fleet managers to monitor the safety and security of their commercial vehicle drivers and fleet.
Fleet-Freight Manager Center The 'Fleet-Freight Manager' represents the people that are responsible for the dispatching and management of Commercial Vehicle fleets (e.g. traditional Fleet Managers) and Freight Equipment assets. It may be many people in a large tracking organization or a single person (owner driver) in the case of single vehicle fleets. The Fleet-Freight Manager provides instructions and coordination for Commercial Vehicles and Freight Equipment and receives the status of the vehicles and freight equipment in the fleet that they manage.

Includes Functional Objects:

Functional Object Description Physical Object
CV On-board Driver Authentication 'CV On-board Driver Authentication' monitors the identity of the commercial vehicle driver and compares it with the planned drivers for the commercial vehicle. Any change in driver is sent to the Fleet and Freight Management Center. Notification of any unexpected drivers will also be sent to the Fleet and Freight Management Center which, in turn, may send a disable vehicle command to cause the vehicle to stop. On receipt of a disable vehicle message from the Fleet and Freight Management Center or on detection of an unauthorized driver, the commercial vehicle will be safely disabled. Commercial Vehicle OBE
CV On-Board Trip Monitoring 'CV On-Board Trip Monitoring' provides the capabilities to support fleet management with automatic vehicle location and automated mileage and fuel reporting and auditing. In addition, this equipment is used to monitor the planned route and notify the Fleet and Freight Management Center of any deviations. Commercial Vehicle OBE
CVCE Safety and Security Inspection 'CVCE Safety and Security Inspection' supports the roadside safety inspection process, including wireless roadside inspections that are conducted remotely. It reads on-board safety data at mainline speeds to rapidly check the vehicle and driver and accesses historical and current safety data after identifying vehicles at mainline speeds or while stopped at the roadside. The capabilities to process safety data and issue pull-in messages or provide warnings to the driver, carrier, and enforcement agencies are also provided. It includes hand held or automatic devices to rapidly inspect the vehicle and driver, including driver logs. Results of screening and summary safety inspection data are stored and maintained.

Since a vehicle may cross jurisdictional boundaries during a trip, it supports the concept of a last clearance event record carried on the vehicle tag. The last clearance event record reflects the results of the roadside verification action. For example, if the vehicle is pulled over in State A and undergoes credential, weight, and safety checks, the results of the clearance process are written to the vehicle s tag. If the vehicle continues the trip and passes a roadside station in State B, the State B station has access to the results of the previous pull-in because it can read the last clearance event record written by the State A roadside station. It associates high-risk cargo with the container/chassis, manifest, carrier, vehicle and driver transporting it.
Commercial Vehicle Check Equipment
Emergency Commercial Vehicle Response 'Emergency Commercial Vehicle Response' identifies and initiates a response to commercial vehicle and freight equipment related emergencies. These emergencies may include incidents involving hazardous materials as well as the detection of non-permitted transport of security sensitive hazmat. It identifies the location of the vehicle, the nature of the incident, the route information, and information concerning the freight itself. The information supports the determination of the response and identifies the responding agencies to notify. Emergency Management Center
Fleet Driver Authentication 'Fleet Driver Authentication' collects and stores driver identification records including driver issued PINS and/or individual driver biometric measurements. It manages the storage of driver PINs, data from a driver identification card, and/or biometric measurements for authorized drivers on individual commercial vehicles.

Based on information reported by the commercial vehicle, it will determine if the driver is authorized, and notify the Commercial Vehicle Manager when an unauthorized driver is detected. The Commercial Vehicle Manager may override the disable vehicle action. When an unauthorized driver is detected and the system is not overridden, it will issue a message to the commercial vehicle to safely disable the vehicle. If an unauthorized driver is detected, it will send the Emergency Management Center an alert that includes: incident location, current location of the CV, Vehicle ID, Carrier ID, Driver ID, CV Credentials information, and cargo manifest (if known).
Fleet and Freight Management Center

Includes Information Flows:

Information Flow Description
commercial vehicle disable This flow safely disables a specific commercial vehicle.
commercial vehicle disable status This flow provides the status of the disable flag in the commercial vehicle.
commercial vehicle identities Identification information for the Commercial Vehicle (e.g., license plate number or USDOT number), Freight Equipment (e.g., container, chassis, or trailer identification), Carrier, and Driver.
commercial vehicle incident notification Information about a Commercial Vehicle or Freight Equipment breach, non-permitted security sensitive hazmat detected at the roadside, route deviation, or Commercial Vehicle Driver / Commercial Vehicle / Freight Equipment assignment mismatches which includes the location of the Commercial Vehicle and appropriate identities. May carry information that enables incident reporting to responders, and also includes the type of vehicle and cargo concerned.
commercial vehicle incident response information This flow provides data containing an acknowledgement of the commercial vehicle incident notification and provides post-incident instructions.
cv driver credential Driver information (e.g., identity, biometrics, address, date of birth, endorsements, restrictions) stored on a driver's license or other official identification card used to identify a driver of commercial vehicles.
disable commercial vehicle A request that a specific commercial vehicle should be safely disabled.
driver identity characteristics The physical or visible characteristics of a commercial vehicle driver that can be measured to uniquely identify a driver. Could be an Identification Card with a Personal Identification Number, biometrics, or visual verification by an operator.
emergency operations input Emergency operator input supporting call taking, dispatch, emergency operations, security monitoring, and other operations and communications center operator functions.
emergency operations status Presentation of information to the operator including emergency operations data, supporting a range of emergency operating positions including call taker, dispatch, emergency operations, security monitoring, and various other operations and communications center operator positions.
expected driver identity characteristics Driver identification information e.g., encrypted PIN codes issued to drivers, encrypted driver biometric parameters.
fleet manager inquiry This flow represents the tactile or auditory interface with ITS equipment containing an inquiry from fleet manager requesting data from commercial vehicle management system.
fleet status This flow represents the visual or auditory interface with ITS equipment containing fleet status information including enrollment status, safety status including inspection summaries, detailed inspection reports, and safety ratings, routing information, current vehicle information, and emergency information.
safe vehicle disable Control signal disabling or enabling commercial vehicle.
trip log Driver's daily log, vehicle location, mileage, and trip activity (includes screening, inspection and border clearance event data as well as fare payments). The request flow is not explicitly shown.

Goals and Objectives

Associated Planning Factors and Goals

Planning Factor Goal
C. Increase the security of the transportation system for motorized and nonmotorized users; Improve security

Associated Objective Categories

Objective Category
Security: Crime
Security: Terrorism, Natural Disasters, and Hazardous Material Incidents

Associated Objectives and Performance Measures

Objective Performance Measure
Enhance tracking and monitoring of sensitive Hazmat shipments Number of Hazmat shipments tracked in real-time
Reduce security risks to motorists and travelers Number of critical sites with security surveillance
Reduce security risks to motorists and travelers Number of security incidents on roadways


 
Since the mapping between objectives and service packages is not always straight-forward and often situation-dependent, these mappings should only be used as a starting point. Users should do their own analysis to identify the best service packages for their region.

Needs and Requirements

Need Functional Object Requirement
01 Fleet and Freight Management need to be able to determine when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel. CV On-board Driver Authentication 01 The commercial vehicle shall receive and store driver assignments and associated driver identity characteristic keys from the commercial vehicle fleet management center.
02 The commercial vehicle shall detect when an unauthorized commercial vehicle driver attempts to drive their vehicle based on stored driver identity information; passing the information on to the commercial vehicle fleet management center.
04 The commercial vehicle shall inform the commercial vehicle fleet management center when an unauthorized commercial vehicle driver attempts to drive their vehicle based on stored driver identity information.
05 The commercial vehicle shall send stored driver and vehicle identities and to roadside equipment.
CVCE Safety and Security Inspection 04 The roadside check facility equipment shall request and input electronic safety data from the commercial vehicle's electronic tag data. This includes identities, driver logs, on-board safety data, safety inspection records, commercial vehicle breach information, as well as freight equipment information.
07 The roadside check facility equipment shall read expected driver identity characteristics (e.g., PIN codes and biometric data) from the commercial vehicle equipment to support safety and security checking.
08 The roadside safety and security equipment shall read the driver identification card provided by the commercial vehicle driver and support cross-check of the identification data with driver records.
Fleet Driver Authentication 01 The center shall send driver assignment data to the fleet of commercial vehicles including unique identification information that is used to authenticate a driver. This may include biometric parameters for a driver or an encoded Personal Identification Number (PIN) used to identify a driver.
02 The center shall receive the identities of the commercial vehicle drivers as they attempt to access a commercial vehicle.
02 Fleet and Freight Management need to be able to warn the appropriate emergency management when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel. CV On-Board Trip Monitoring 03 The commercial vehicle shall provide warnings to the driver when the vehicle's location has deviated from its planned route.
Emergency Commercial Vehicle Response 02 The center shall receive emergency notification information from commercial vehicles, commercial vehicle check stations, or commercial fleet operators and present the possible incident information to the emergency system operator. This may include detection of non-permitted transport of security sensitive hazmat, hazardous cargo spills, etc.
Fleet Driver Authentication 03 The center shall send an alarm to the appropriate emergency management center when an unauthorized access has been attempted on a commercial vehicle.
03 Fleet and Freight Management need to be able to remotely disable a commercial vehicle when an unauthorized driver is detected. CV On-board Driver Authentication 03 The commercial vehicle shall activate commands to safely disable the commercial vehicle when an unauthorized driver is detected; either in a stand-alone fashion or in response to inputs from the commercial vehicle fleet management center.
CVCE Safety and Security Inspection 11 The roadside check facility equipment shall monitor the safety of commercial vehicles that have been remotely disabled, based on mismatched identities, or other situations as directed by commercial vehicle fleet management and the appropriate emergency management center.
Emergency Commercial Vehicle Response 05 The center shall provide the capability to request Fleet and Freight Management to disable a specific vehicle in their fleet.
Fleet Driver Authentication 04 The center shall send a command to the commercial vehicle to disable the vehicle when an unauthorized access has been attempted - this may be initiated within the center or based on inputs from the emergency management center.

Related Sources

Document Name Version Publication Date
ITS User Services Document 1/1/2005


Security

In order to participate in this service package, each physical object should meet or exceed the following security levels.

Physical Object Security
Physical Object Confidentiality Integrity Availability Security Class
Basic Commercial Vehicle  
Commercial Vehicle Check Equipment High High Moderate Class 4
Commercial Vehicle OBE High High Moderate Class 4
Driver Identification Card High Moderate Moderate Class 4
Emergency Management Center High High High Class 5
Fleet and Freight Management Center High High High Class 5



In order to participate in this service package, each information flow triple should meet or exceed the following security levels.

Information Flow Security
Source Destination Information Flow Confidentiality Integrity Availability
Basis Basis Basis
Commercial Vehicle Driver Commercial Vehicle OBE driver identity characteristics High Moderate High
This flow is all PII, and it can be a lot of PII about one individual. Rated HIGH because potentially this is a solid blueprint of an individual's identity. Incorrect data here may enable fraud or identity compromises. Needs to work all of the time or the vehicle may not properly operate.
Commercial Vehicle OBE Basic Commercial Vehicle safe vehicle disable High High High
Considering the parallel to a vehicle key, this enables or disables access to the vehicle, which if intercepted could be decoded or replayed to steal the vehicle. Similarly if unavailable the vehicle could not be used. Tempting to choose MODERATE because this affects one vehicle at a time, but the impact to that vehicle is catastrophic, so we choose HIGH. Considering the parallel to a vehicle key, this enables or disables access to the vehicle, which if intercepted could be decoded or replayed to steal the vehicle. Similarly if unavailable the vehicle could not be used. Tempting to choose MODERATE because this affects one vehicle at a time, but the impact to that vehicle is catastrophic, so we choose HIGH. Considering the parallel to a vehicle key, this enables or disables access to the vehicle, which if intercepted could be decoded or replayed to steal the vehicle. Similarly if unavailable the vehicle could not be used. Tempting to choose MODERATE because this affects one vehicle at a time, but the impact to that vehicle is catastrophic, so we choose HIGH.
Commercial Vehicle OBE Commercial Vehicle Check Equipment commercial vehicle disable status Low Moderate Low
Should not pose any privacy or competitive challenges if this were observed. Could argue that it should be advertised. Used as part of security procedures for a commercial vehicle, so needs to be accurate lest inappapropriate measures be taken. If this flow is not active there will be other mechanisms to check it that should cause only minimal delay. The status of this should be easily testable.
Commercial Vehicle OBE Commercial Vehicle Check Equipment commercial vehicle identities Moderate Moderate Moderate
Includes vehicle and or driver PII, which should be disclosed only to the intended recipient or the driver/vehicle may be inappropriately tracked or monitored. Data should be timely and correct to support application needs, but not catastrophic if it is temporarily wrong or unavailable. Data should be timely and correct to support application needs, but not catastrophic if it is temporarily wrong or unavailable.
Commercial Vehicle OBE Commercial Vehicle Check Equipment expected driver identity characteristics High Moderate Moderate
This flow is all PII, and it can be a lot of PII about one individual. Rated HIGH because potentially this is a solid blueprint of an individual's identity. Incorrect data here may enable fraud or identity compromises. MODERATE because the impact is limited to a per-vehicle basis, and because there should be a backup mechanism. Could be HIGH if clearance or movement is tied to the receipt of this information and/or there is no backup mechanism.
Commercial Vehicle OBE Fleet and Freight Management Center commercial vehicle identities Moderate Moderate Moderate
Includes vehicle and or driver PII, which should be disclosed only to the intended recipient or the driver/vehicle may be inappropriately tracked or monitored. Data should be timely and correct to support application needs, but not catastrophic if it is temporarily wrong or unavailable. Data should be timely and correct to support application needs, but not catastrophic if it is temporarily wrong or unavailable.
Commercial Vehicle OBE Fleet and Freight Management Center trip log Moderate Moderate Moderate
Contains post-actual vehicle positioning and operations data, that if reviewed en masse with similar data from other operators, could compromise business interests. Needs to be timely and accurate to support commercial vehicle operations and regulations. Needs to be timely and accurate to support commercial vehicle operations and regulations.
Driver Identification Card Commercial Vehicle Check Equipment cv driver credential High Moderate Moderate
Credentials contain PII and proprietary information. This is private and competitive. If revealed, could provide leverage over carrier and/or vehicle. Incorrect or unavailable credentials information could delay clearance, could result in incorrect assessment of penalties. MODERATE because the impact should be limited to a single vehicle per instance. Incorrect or unavailable credentials information could delay clearance, could result in incorrect assessment of penalties. MODERATE because the impact should be limited to a single vehicle per instance.
Driver Identification Card Commercial Vehicle OBE cv driver credential High Moderate Moderate
Credentials contain PII and proprietary information. This is private and competitive. If revealed, could provide leverage over carrier and/or vehicle. Incorrect or unavailable credentials information could delay clearance, could result in incorrect assessment of penalties. MODERATE because the impact should be limited to a single vehicle per instance. Incorrect or unavailable credentials information could delay clearance, could result in incorrect assessment of penalties. MODERATE because the impact should be limited to a single vehicle per instance.
Driver Identification Card Fleet and Freight Management Center cv driver credential High Moderate Moderate
Credentials contain PII and proprietary information. This is private and competitive. If revealed, could provide leverage over carrier and/or vehicle. Incorrect or unavailable credentials information could delay clearance, could result in incorrect assessment of penalties. MODERATE because the impact should be limited to a single vehicle per instance. Incorrect or unavailable credentials information could delay clearance, could result in incorrect assessment of penalties. MODERATE because the impact should be limited to a single vehicle per instance.
Emergency Management Center Emergency System Operator emergency operations status Moderate High High
Emergency system controls should not be casually viewable as they impact the availability of emergency services, which if known could be leveraged for illegal activity. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system.
Emergency Management Center Fleet and Freight Management Center commercial vehicle incident response information Moderate High Moderate
This data contains information regarding the commercial vehicle incident response. This could include personal information regarding persons involved in the incident. It could also include sensitive information regarding cargo contents or route deviations that might imply legal issues. Even a minor discrepancy in this data could have a significant effect, for instance if a HAZMAT is involved. Data describing commercial vehicle incidents must be timely or emergency assets may be improperly tasked, which has a significant cost. Could be HIGH.
Emergency Management Center Fleet and Freight Management Center disable commercial vehicle High High High
Disabling commands should 1) not be viewable for reverse engineering, and 2) because observation of which vehicles are to be disabled may provide a competitive advantage or assist criminal activity. In some environments this may be MODERATE. This command directly affects the operation of a commercial vehicle. While it may be only one vehicle, the impact of disabling even one commercial vehicle could be severe depending on what that vehicle is carrying and where it is located. In some environments this may be MODERATE. This command directly affects the operation of a commercial vehicle. While it may be only one vehicle, the impact of disabling even one commercial vehicle could be severe depending on what that vehicle is carrying and where it is located. In some environments this may be MODERATE.
Emergency System Operator Emergency Management Center emergency operations input Moderate High High
Emergency system controls should not be casually viewable as they impact the availability of emergency services, which if known could be leveraged for illegal activity. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system.
Fleet and Freight Management Center Commercial Vehicle OBE commercial vehicle disable Low Moderate Low
Should not pose any privacy or competitive challenges if this were observed. Could argue that it should be advertised. Used as part of security procedures for a commercial vehicle, so needs to be accurate lest inappapropriate measures be taken. If this flow is not active there will be other mechanisms to check it that should cause only minimal delay. The status of this should be easily testable.
Fleet and Freight Management Center Commercial Vehicle OBE expected driver identity characteristics High Moderate Moderate
This flow is all PII, and it can be a lot of PII about one individual. Rated HIGH because potentially this is a solid blueprint of an individual's identity. Incorrect data here may enable fraud or identity compromises. MODERATE because the impact is limited to a per-vehicle basis, and because there should be a backup mechanism. Could be HIGH if clearance or movement is tied to the receipt of this information and/or there is no backup mechanism.
Fleet and Freight Management Center Emergency Management Center commercial vehicle incident notification Moderate High Moderate
This data contains all of the information regarding the commercial vehicle incident. This could include personal information regarding persons involved in the incident. It could also include sensitive information regarding cargo contents or route deviations that might imply legal issues. Even a minor discrepancy in this data could have a significant effect, for instance if a HAZMAT is involved. Data describing commercial vehicle incidents must be timely or emergency assets may be improperly tasked, which has a significant cost. Could be HIGH.
Fleet and Freight Management Center Fleet-Freight Manager fleet status Moderate High High
Commercial Vehicle Operations human interfaces should not be casually viewable for competitive and physical security reasons. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system.
Fleet-Freight Manager Fleet and Freight Management Center fleet manager inquiry Moderate High High
Commercial Vehicle Operations human interfaces should not be casually viewable for competitive and physical security reasons. Data needs to be correct and available as it relates to CVO. Data needs to be correct and available as it relates to CVO.

Standards

Currently, there are no standards associated with the physical objects in this service package. For standards related to interfaces, see the specific information flow triple pages.





System Requirements

System Requirement Need
001 The system shall receive emergency notification information from commercial vehicles, commercial vehicle check stations, or commercial fleet operators and present the possible incident information to the emergency system operator. This may include detection of non-permitted transport of security sensitive hazmat, hazardous cargo spills, etc. 02 Fleet and Freight Management need to be able to warn the appropriate emergency management when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel.
002 The system shall provide the capability to request Fleet and Freight Management to disable a specific vehicle in their fleet. 03 Fleet and Freight Management need to be able to remotely disable a commercial vehicle when an unauthorized driver is detected.
003 The system shall send driver assignment data to the fleet of commercial vehicles including unique identification information that is used to authenticate a driver. This may include biometric parameters for a driver or an encoded Personal Identification Number (PIN) used to identify a driver. 01 Fleet and Freight Management need to be able to determine when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel.
004 The system shall receive the identities of the commercial vehicle drivers as they attempt to access a commercial vehicle. 01 Fleet and Freight Management need to be able to determine when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel.
005 The system shall send an alarm to the appropriate emergency management center when an unauthorized access has been attempted on a commercial vehicle. 02 Fleet and Freight Management need to be able to warn the appropriate emergency management when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel.
006 The system shall send a command to the commercial vehicle to disable the vehicle when an unauthorized access has been attempted - this may be initiated within the center or based on inputs from the emergency management center. 03 Fleet and Freight Management need to be able to remotely disable a commercial vehicle when an unauthorized driver is detected.
007 The system shall request and input electronic safety data from the commercial vehicle's electronic tag data. This includes identities, driver logs, on-board safety data, safety inspection records, commercial vehicle breach information, as well as freight equipment information. 01 Fleet and Freight Management need to be able to determine when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel.
008 The system shall read expected driver identity characteristics (e.g., PIN codes and biometric data) from the commercial vehicle equipment to support safety and security checking. 01 Fleet and Freight Management need to be able to determine when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel.
009 The system shall monitor the safety of commercial vehicles that have been remotely disabled, based on mismatched identities, or other situations as directed by commercial vehicle fleet management and the appropriate emergency management center. 03 Fleet and Freight Management need to be able to remotely disable a commercial vehicle when an unauthorized driver is detected.
010 The system shall receive and store driver assignments and associated driver identity characteristic keys from the commercial vehicle fleet management center. 01 Fleet and Freight Management need to be able to determine when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel.
011 The system shall detect when an unauthorized commercial vehicle driver attempts to drive their vehicle based on stored driver identity information; passing the information on to the commercial vehicle fleet management center. 01 Fleet and Freight Management need to be able to determine when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel.
012 The system shall activate commands to safely disable the commercial vehicle when an unauthorized driver is detected; either in a stand-alone fashion or in response to inputs from the commercial vehicle fleet management center. 03 Fleet and Freight Management need to be able to remotely disable a commercial vehicle when an unauthorized driver is detected.
013 The system shall inform the commercial vehicle fleet management center when an unauthorized commercial vehicle driver attempts to drive their vehicle based on stored driver identity information. 01 Fleet and Freight Management need to be able to determine when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel.
014 The system shall send stored driver and vehicle identities and to roadside equipment. 01 Fleet and Freight Management need to be able to determine when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel.
015 The system shall provide warnings to the driver when the vehicle's location has deviated from its planned route. 02 Fleet and Freight Management need to be able to warn the appropriate emergency management when an unauthorized driver attempts to operate one of its commercial vehicles in order to be able to prevent theft or harm to its property and personnel.