US: NTCIP Signal System Masters - SNMPv3/TLS
Description
This solution is used within the U.S.. It combines standards associated with US: NTCIP Signal System Masters with those for I–F: SNMPv3/TLS. The US: NTCIP Signal System Masters standards include upper–layer standards required to implement center–to–field signal–system master communications. The I–F: SNMPv3/TLS standards include lower–layer standards that support secure center–to–field and field–to–field communications using simple network management protocol (SNMPv3); implementations are strongly encouraged to use the TLS for SNMP security option for this solution to ensure adequate security.
Includes Standards
| Level | DocNum | FullName | Description |
|---|---|---|---|
| Mgmt | NTCIP 1201 | NTCIP Global Object (GO) Definitions | This standard defines SNMP objects (data elements) used by a wide range of field devices like time and versioning information. |
| Mgmt | IETF RFC 3411 | An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks | This standard (RFC) defines the basic architecture for SNMPv3 and includes the definition of information objects for managing the SNMP entity's architecture. |
| Mgmt | IETF RFC 3412 | Message Processing and Dispatching for the Simple Network Management Protocol (SNMP) | This standard (RFC) contains a MIB that assists in managing the message processing and dispatching subsystem of an SNMP entity. |
| Mgmt | IETF RFC 3413 | Simple Network Management Protocol (SNMP) Applications | This standard (RFC) includes MIBs that allow for the configuration and management of remote Targets, Notifications, and Proxys. |
| Mgmt | IETF RFC 3414 | User–based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) | This standard (RFC) contains a MIB that assists in configuring and managing the user–based security model. |
| Mgmt | IETF RFC 3415 | View–based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP) | This standard (RFC) contains a MIB that supports the configuration and management of the View–based access control model of SNMP. |
| Mgmt | IETF RFC 3416 | Version 2 of the Protocol Operations for the Simple Network Management Protocol (SNMP) | This standard (RFC) defines the message structure and protocol operations used by SNMPv3. |
| Mgmt | IETF RFC 3418 | Management Information Base (MIB) for the Simple Network Management Protocol (SNMP) | This standard (RFC) defines the MIB to configure and manage an SNMP entity. |
| Mgmt | IETF RFC 4293 | Management Information Base for the Internet Protocol (IP) | This standard (RFC) defines the MIB that manages an IP entity. |
| Security | IETF RFC 6353 | Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP) | This standard (RFC) defines how to use the TLS authentication service to provide authentication within the access control mechanism of SNMP. |
| ITS Application Entity | NTCIP 1202 | NTCIP Object Definitions for ASC | This standard defines SNMP objects (data elements) for a center to control a traffic signal and its interface with connected vehicles. |
| ITS Application Entity | NTCIP 1210 | NTCIP Objects for Signal System Masters | This standard defines SNMP objects (data elements) for monitoring and controlling signal system master controllers. |
| Facilities | NTCIP 1202 | NTCIP Object Definitions for ASC | This standard defines SNMP objects (data elements) for a center to control a traffic signal and its interface with connected vehicles. |
| Facilities | NTCIP 1210 | NTCIP Objects for Signal System Masters | This standard defines SNMP objects (data elements) for monitoring and controlling signal system master controllers. |
| Facilities | IETF RFC 3411 | An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks | This standard (RFC) defines the basic architecture for SNMPv3 and includes the definition of information objects for managing the SNMP entity's architecture. |
| Facilities | IETF RFC 3412 | Message Processing and Dispatching for the Simple Network Management Protocol (SNMP) | This standard (RFC) contains a MIB that assists in managing the message processing and dispatching subsystem of an SNMP entity. |
| Facilities | IETF RFC 3413 | Simple Network Management Protocol (SNMP) Applications | This standard (RFC) includes MIBs that allow for the configuration and management of remote Targets, Notifications, and Proxys. |
| Facilities | IETF RFC 3414 | User–based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) | This standard (RFC) contains a MIB that assists in configuring and managing the user–based security model. |
| Facilities | IETF RFC 3415 | View–based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP) | This standard (RFC) contains a MIB that supports the configuration and management of the View–based access control model of SNMP. |
| Facilities | IETF RFC 3416 | Version 2 of the Protocol Operations for the Simple Network Management Protocol (SNMP) | This standard (RFC) defines the message structure and protocol operations used by SNMPv3. |
| TransNet | IETF RFC 2460 | Internet Protocol, Version 6 (IPv6) Specification | This standard (RFC) specifies version 6 of the Internet Protocol (IPv6), also sometimes referred to as IP Next Generation or IPng. |
| TransNet | IETF RFC 4291 | IP Version 6 Addressing Architecture | This standard (RFC) defines the addressing architecture of the IP Version 6 (IPv6) protocol. It includes the IPv6 addressing model, text representations of IPv6 addresses, definition of IPv6 unicast addresses, anycast addresses, and multicast addresses, and an IPv6 node's required addresses. |
| TransNet | IETF RFC 4443 | Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification | This standard (RFC) defines the control messages to manage IPv6. |
| TransNet | IETF RFC 793 | Transmission Control Protocol | This standard (RFC) defines the main connection–oriented Transport Layer protocol used on Internet–based networks. |
| Access | NTCIP 2104 | NTCIP SP–Ethernet | This standard defines the Access Layer for center–to–field communications where the local connection is some variant of Ethernet. |
Readiness: High–Moderate
Readiness Description
One significant or possibly a couple minor issues. For existing deployments, the chosen solution likely has identified security or management issues not addressed by the communications solution. Deployers should consider additional security measures, such as communications link and physical security as part of these solutions. They should also review the management issues to see if they are relevant to their deployment and would require mitigation. For new deployments, the deployment efforts should consider a path to addressing these issues as a part of their design activities. The solution does not by itself provide a fully secure implementation without additional work.