ISO/TS 23374-2:2023

Style Definition
...
Style Definition
...

Style Definition
...
Style Definition
...
Style Definition
...
ISO /DTS 23374-2:####(X:2023(E)
Style Definition
...
ISO TC 204/WG 18
Style Definition
...
Style Definition
...
Date: 2022-11-232023-05
Style Definition
...
Secretariat: ANSI
Style Definition
...
Style Definition
Intelligent transport systems — Automated valet parking systems (AVPS) — Part 2: Security
...
integration for type 3 AVP
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
DTSWD/CD/DIS/FDIS
...
Style Definition
...
Style Definition
...
stage
Style Definition
...
Style Definition
...

Style Definition
...
Style Definition
Warning for WDs and CDs .
Style Definition
...
This document is not an ISO International Standard. It is distributed for review and comment. It is subject to
Style Definition
...
change without notice and may not be referred to as an International Standard.
Style Definition
...
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of
Style Definition
...
which they are aware and to provide supporting documentation.
Style Definition
...

Style Definition
...

Style Definition
...

Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Style Definition
...
Formatted
...
Formatted
...
Formatted
...
Formatted
...
© ISO #### – All rights reserved Formatted
...
Formatted
...
Formatted
...
Formatted
...

---------------------- Page: 1 ----------------------
© ISO 20XX

---------------------- Page: 2 ----------------------
ISO/TS 23374-2:####(X)
© ISO 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part
Formatted: Font: 11 pt, Font color: Blue
of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or
Formatted: Border: Box: (Single solid line, Blue, 0.5 pt
mechanical, including photocopying, or posting on the internet or an intranet, without prior written
Line width)
permission. Permission can be requested from either ISO at the address below or ISO’s member body
in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Formatted: Font: 11 pt, Font color: Blue, English (United
Kingdom)
Email: copyright@iso.org
Website: www.iso.orgwww.iso.org
Formatted: Font: 11 pt, Font color: Blue
Formatted: Font: 11 pt, Font color: Blue
Published in Switzerland

iv © ISO #### – All rights reserved

---------------------- Page: 3 ----------------------
ISO /TS 23374-2:####(X)
Formatted: Space Before: 48 pt, Don't adjust space
Contents
between Latin and Asian text, Don't adjust space
between Asian text and numbers
Foreword . v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 3
5 General . 4
5.1 Basic operation model of AVPS . 4
5.1.1 Basic functionalities . 4
5.1.2 Basic operation flow . 4
5.1.3 Example functional allocation of logical architecture in AVPS . 5
5.2 Security lifecycle . 7
6 Security requirements . 9
6.1 Security requirements on AVPS . 9
6.2 Security requirements on AVPS Communication . 9
6.2.1 General . 9
6.2.2 Confidentiality . 9
6.2.3 Integrity . 10
6.2.4 Availability . 10
6.2.5 Authentication . 10
Annex A (normativeinformative) Communication sequences . 11
A.1 General . 11
A.2 Communication sequences which trigger a state transition . 11
A.2.1 Check-in sequence . 11
A.2.2 Check-out sequence . 13
A.2.3 Handover sequence . 15
A.2.4 Handback sequence . 16
A.2.5 Sleep sequence . 17
A.2.6 Wake-up sequence . 18
A.2.7 Mission assignment sequence . 19
A.2.8 Mission accomplished sequence . 20
A.2.9 Destination and route . 21
A.2.10 Destination reached . 24
A.3 Data elements related to automated vehicle operation . 25
A.3.1 R sub-system cyclic message . 25
A.3.2 V sub-system cyclic message . 27
A.3.3 Suspend condition codes . 29
A.4 Communication sequences related to system participant management . 30
A.4.1 Communication interface compliance check sequence . 30
A.4.2 Operation stop command . 31
A.5 Communication sequences linked to on-demand user requests . 32
A.5.1 Availability request . 32
A.5.2 Retrieval request . 35
Annex B (normativeinformative) Examples of secure communication protocol using PKI . 36
B.1 Transport Layer Security (TLS ) . 36
B.1.1 Overview . 36
© ISO #### – All rights reserved v

---------------------- Page: 4 ----------------------
ISO/TS 23374-2:####(X)
B.1.2 Reference .36
B.1.3 Applicability .36
B.2 ISO/TS 21177 .36
B.2.1 Overview .36
B.2.2 Reference .36
B.2.3 Applicability .36
B.3 QUIC .37
B.3.1 Overview .37
B.3.2 Reference .37
B.3.3 Applicability .37
B.4 Datagram Transport Layer Security (DTLS) .37
B.4.1 Overview .37
B.4.2 Reference .37
B.4.3 Applicability .37
B.5 Internet Key Exchange Protocol Version 2 (IKEv2) and IP Encapsulating Security
Payload (ESP).37
B.5.1 Overview .37
B.5.2 Reference .38
B.5.3 Applicability .38
B.6 IEEE 1609.2 .38
B.6.1 Overview .38
B.6.2 Reference .38
B.6.3 Applicability .38
Annex C (informative) Views on threats and risks .39
C.1 General .39
C.2 Definition of analysis target .39
C.3 Identification of assets; clarify information resources in system .39
C.4 Threats analysis; damage scenarios .40
C.5 Risk analysis; assessment of associated (generic risks) .40
C.5.1 Approach of risk analysis .40
C.5.2 Risk analysis result .42
Bibliography .43


Foreword . viii
Introduction . ix
1 Scope . 1
vi © ISO #### – All rights reserved

---------------------- Page: 5 ----------------------
ISO /TS 23374-2:####(X)
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 4
5 General . 5
5.1 Basic operation model of AVPS . 5
5.1.1 Basic functionalities . 5
5.1.2 Basic operation flow . 6
5.1.3 Example functional allocation of logical architecture in AVPS . 8
5.2 Security lifecycle . 11
6 Security requirements . 12
6.1 Security requirements for AVPS . 12
6.2 Security requirements on AVPS communication . 12
6.2.1 General . 12
6.2.2 Confidentiality . 13
6.2.3 Integrity . 13
6.2.4 Availability . 13
6.2.5 Authentication . 13
Annex A (informative) Communication sequences . 14
Annex B (informative) Examples of secure communication protocol using PKI . 51
Annex C (informative) Views on threats and risks . 55
Bibliography . 60

© ISO #### – All rights reserved vii

---------------------- Page: 6 ----------------------
ISO/TS 23374-2:####(X)
Formatted: Don't adjust space between Latin and Asian
Foreword
text, Don't adjust space between Asian text and
numbers
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO
collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documentsdocument should be noted. This document was drafted in accordance
with the editorial rules of the ISO/IEC Directives, Part 2 (see
www.iso.org/directiveswww.iso.org/directives).
Attention is drawnISO draws attention to the possibility that some of the elementsimplementation of this
document may beinvolve the subjectuse of (a) patent(s). ISO takes no position concerning the evidence,
validity or applicability of any claimed patent rights. in respect thereof. As of the date of publication of
this document, ISO [had/had not] received notice of (a) patent(s) which may be required to implement
this document. However, implementers are cautioned that this may not represent the latest information,
which may be obtained from the patent database available at www.iso.org/patents. ISO shall not be held
responsible for identifying any or all such patent rights. Details of any patent rights identified during the
development of the document will be in the Introduction and/or on the ISO list of patent declarations
received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the World
Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
Formatted: Font color: Auto
www.iso.org/iso/foreword.html.
Formatted: English (United States)
This document was prepared by Technical Committee ISO/TC 204, Intelligent Transport
Systemstransport systems.
Formatted: Font: Not Italic

A list of all parts in the ISO 23374 series can be found on the ISO website.
Formatted: std_publisher
Formatted: std_docNumber
Any feedback or questions on this document should be directed to the user’s national standards body. A
Formatted: std_docPartNumber
complete listing of these bodies can be found at www.iso.org/members.html.
Formatted: English (United States)
Formatted: English (United States)
viii © ISO #### – All rights reserved

---------------------- Page: 7 ----------------------
ISO /TS 23374-2:####(X)
Formatted: Don't adjust space between Latin and Asian
Introduction
text, Don't adjust space between Asian text and
numbers
The "Automated Valet Parking System"An automated valet parking system (AVPS) automatically
operates unoccupied vehicles from the drop off area where the driver and passengers leave the vehicle,
and returns the vehicle to a pickup area upon the user’s request to retrieve the vehicle.
Beside enhanced user experiences, the AVPS is expected to contribute to accident:
— enhanced user experience,
— a reduction, in accidents,
— the lowering of energy consumption and CO emission of emissions whilst vehicles searchingsearch
2
for available parking spaces, and effectively utilize
— the effective use of land bythrough parking of vehicles in dense spaces.
Formatted: List Continue 1
AVPS, asAs for any kind of automated traffic, AVPS is susceptible to attacks and malfunctioning, which
Formatted: Body Text, Don't adjust space between Latin
maycan affect the safety of human life and other properties. Thus, security is an essential prerequisite for and Asian text, Don't adjust space between Asian text
deployment of AVPS. Further on,Furthermore, it is essential to avoid the proliferation of security means and numbers
must be avoidedin order to keepensure that the overall C-ITS / /CCAM (cooperative, connected and
automated mobility) security systems remain manageable, and to ensure interoperability.
The aim of this document is to contribute to the realization of secure level 4 driverless operation of
vehicles within parking facilities, and to support a fast and smooth market introduction by achieving
interoperability among vehicles provided by different manufactures and within different parking
facilities.
Clause 6 of this document addresses specifications of basic security requirements for AVPS related to
Formatted: cite_sec
identified operation interfaces and management interfaces. This is complemented by the
Formatted: cite_sec
informativeinformation in Clause 5 and three informative Annexes.
Formatted: cite_sec

Formatted: cite_sec
© ISO #### – All rights reserved ix

---------------------- Page: 8 ----------------------
ISO/TS DTS 23374-2:####(X:2023(E)
annexes.
Formatted: Font: 11 pt
Formatted: Space After: 12 pt, Line spacing: Exactly 11
pt
ii © ISO #### – All rights reserved
ii © ISO 2023 – All rights reserved

---------------------- Page: 9 ----------------------
TECHNICAL SPECIFICATION ISO/DTS 23374-2:2023(E)

Formatted: Font color: Blue
Formatted: Different first page header
Intelligent transport systems — Automated valet parking systems
Formatted: Space Before: 20 pt, Don't adjust space
(AVPS) — Part 2: Security integration for type 3 AVP
between Latin and Asian text, Don't adjust space
between Asian text and numbers
1 Scope Formatted
...
This document specifies security means and procedures for AVPS Type 3 as specified in ISO 23374-1 and.
Formatted: std_publisher
It focuses on the operation interfaces and management interfaces as defined in ISO 23374-1.
Formatted: std_docNumber
Formatted: std_docPartNumber
2 Normative references
Formatted: std_publisher
The following documents are referred to in the text in such a way that some or all of their content Formatted: std_docNumber
constitutes requirements of this document. For dated references, only the edition cited applies. For
Formatted: std_docPartNumber
undated references, the latest edition of the referenced document (including any amendments) applies.
Formatted: std_publisher
1
ISO 23374--1,:—, Intelligent transport systems — Automated valet parking systems (AVPS) — Part 1:
Formatted: std_docNumber
System framework, requirements for automated driving, and communication interface
Formatted: std_docPartNumber
ISO/SAE 21434, Road vehicles — Cybersecurity engineering
Formatted: std_docTitle, Font: Not Italic
Formatted

...
Formatted: std_publisher
3 Terms and definitions Formatted: std_docNumber
Formatted: std_docTitle
For the purposes of this document, the terms and definitions given in ISO 23374-1 and the following
Formatted: std_docTitle, Font: Not Italic
apply.
Formatted
...
ISO and IEC maintain terminologicalterminology databases for use in standardization at the following
addresses: Formatted: std_publisher
Formatted: std_docNumber
— — ISO Online browsing platform: available at https://www.iso.org/obphttps://www.iso.org/obp
Formatted: std_docPartNumber
— IEC Electropedia: available at http://www.electropedia.org/https://www.electropedia.org/
Formatted: English (United States)
3.1 Formatted: English (United States)
subject vehicle
Formatted
...
SV
Formatted: English (United States)
light vehicle which is equipped with the vehicle operation sub -system of an automated valet parking
system (AVPS, and subject to this document)
Formatted: List Continue 1, No bullets or numbering
Formatted: Font: English (United States)
2
[SOURCE: ISO/DIS 23374-1,:—, 3.1] 4]
Formatted
...
3.2
Formatted
...
parking facility
Formatted
...
Formatted: std_publisher

1
Under preparation. Stage at the time of publication: ISO/FDIS 23374-1:2023.
Formatted: std_docNumber
Formatted: std_docPartNumber
2
Under preparation. Stage at the time of publication: ISO/FDIS 23374-1:2023.
Formatted: std_section
© ISO 2023 – All rights reserved 1

---------------------- Page: 10 ----------------------
ISO/DTS 23374-2:2023(E)
Formatted: Font: 12 pt
Formatted: Left, Space After: 36 pt, Line spacing:
Exactly 12 pt
public or private car park capable of in which an automated valet parking system (AVPS and subject to
this document) is available
Note 1 to entry: The entire facility An AVPS does not necessarily have to be capable of AVPS in being
Formatted
...
compliantavailable in the entire favility in order to achieve conformance to this document. For example, it is possible
for only a certain floor within a multi-story parking facility mayto be dedicated forto an AVPS.
[SOURCE: ISO/ DIS 23374-1,:—, 3.5, modified — Note 2] to entry removed.]
Formatted: std_publisher
Formatted: std_docNumber
3.3
Formatted: std_docPartNumber
operation zone
single or multiple geographical boundaries of the area(s) within a parking facility where parking
Formatted: std_section
automationautomated driving can be performed by an automated valet parking system (AVPS)
Formatted
...
[SOURCE: ISO/ DIS 23374-1,:—, 3.3]6, modified — Notes 1 and 2 to entry removed.] Formatted: Font: Bold
Formatted: std_publisher
3.4
Formatted: std_docNumber
drop -off area
location within the operation zone where the driveruser leaves the subject vehicle (SV) and AVPS
Formatted: std_docPartNumber
receives the dispatchinghands over authority to the service provider
Formatted: std_section
Formatted
[SOURCE: ISO/ DIS 23374-1,:—, 3.4]7, modified — Notes 1 and 2 to entry removed.]
...
Formatted: std_publisher
3.5
Formatted: std_docNumber
pick -up area
location inwithin the operation zone where AVPS places the SV for service provider sends the usersubject Formatted: std_docPartNumber
vehicle (SV) to board the vehicleuser for boarding and retainshands over authority
Formatted: std_section
Formatted: Font: Bold
[SOURCE: ISO/ DIS 23374-1,:—, 3.5]8, modified — Notes 1 and 2 to entry removed.]
Formatted: std_publisher
3.6
Formatted: std_docNumber
destination
Formatted: std_docPartNumber
location within the operation zone to transfer a which the subject vehicle (SV to, determined by AVPS.) is
transferred
Formatted: std_section
Formatted: Font: Bold
Note 1 to entry: For example, parking slots delineated by line markers, service bays (e.g. location beside an electric
vehicle charging stations), or a pick-up area can be a destination.
Formatted
...
[SOURCE: ISO/ DIS 23374-1,:—, 3.6]11, modified — Original Note 1 to entry removed. New Note 1 to
Formatted: std_publisher
entry added.]
Formatted: std_docNumber
Formatted: std_docPartNumber
3.7
parking area
Formatted: std_section
area within the operation zone consisting of multiple parking locationsspots
Formatted
...
Formatted: std_publisher
[SOURCE: ISO/ DIS 23374-1,:—, 3.7]10, modified — Note 1 to entry removed.]
...

FINAL
TECHNICAL ISO/DTS
DRAFT
SPECIFICATION 23374-2
ISO/TC 204
Intelligent transport systems —
Secretariat: ANSI
Automated valet parking systems
Voting begins on:
2023-05-25 (AVPS) —
Voting terminates on:
Part 2:
2023-07-20
Security integration for type 3 AVP
Systèmes de transport intelligents — Systèmes de parking avec
voiturier automatisé (AVPS) —
Partie 2: Intégration de la sécurité pour les AVP de type 3
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/DTS 23374-2:2023(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. © ISO 2023

---------------------- Page: 1 ----------------------
ISO/DTS 23374-2:2023(E)
FINAL
TECHNICAL ISO/DTS
DRAFT
SPECIFICATION 23374-2
ISO/TC 204
Intelligent transport systems —
Secretariat: ANSI
Automated valet parking systems
Voting begins on:
(AVPS) —
Voting terminates on:
Part 2:
Security integration for type 3 AVP
Systèmes de transport intelligents — Systèmes de parking avec
voiturier automatisé (AVPS) —
Partie 2: Intégration de la sécurité pour les AVP de type 3
COPYRIGHT PROTECTED DOCUMENT
© ISO 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
RECIPIENTS OF THIS DRAFT ARE INVITED TO
ISO copyright office
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
CP 401 • Ch. de Blandonnet 8
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
CH-1214 Vernier, Geneva
DOCUMENTATION.
Phone: +41 22 749 01 11
IN ADDITION TO THEIR EVALUATION AS
Reference number
Email: copyright@iso.org
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/DTS 23374-2:2023(E)
Website: www.iso.org
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
Published in Switzerland
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
ii
  © ISO 2023 – All rights reserved
NATIONAL REGULATIONS. © ISO 2023

---------------------- Page: 2 ----------------------
ISO/DTS 23374-2:2023(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 3
5 General . 4
5.1 Basic operation model of AVPS . 4
5.1.1 Basic functionalities . 4
5.1.2 Basic operation flow . 5
5.1.3 Example functional allocation of logical architecture in AVPS . 6
5.2 Security lifecycle. 8
6 Security requirements . 9
6.1 Security requirements for AVPS . 9
6.2 Security requirements on AVPS communication. 9
6.2.1 General . 9
6.2.2 Confidentiality . 10
6.2.3 Integrity . 10
6.2.4 Availability . 10
6.2.5 Authentication . 10
Annex A (informative) Communication sequences .11
Annex B (informative) Examples of secure communication protocol using PKI .37
Annex C (informative) Views on threats and risks.40
Bibliography . 44
iii
© ISO 2023 – All rights reserved

---------------------- Page: 3 ----------------------
ISO/DTS 23374-2:2023(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use
of (a) patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed
patent rights in respect thereof. As of the date of publication of this document, ISO [had/had not] received
notice of (a) patent(s) which may be required to implement this document. However, implementers are
cautioned that this may not represent the latest information, which may be obtained from the patent
database available at www.iso.org/patents. ISO shall not be held responsible for identifying any or all
such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 204, Intelligent transport systems.
A list of all parts in the ISO 23374 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
iv
  © ISO 2023 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/DTS 23374-2:2023(E)
Introduction
An automated valet parking system (AVPS) automatically operates unoccupied vehicles from the drop
off area where the driver and passengers leave the vehicle, and returns the vehicle to a pickup area
upon the user’s request to retrieve the vehicle.
AVPS is expected to contribute to:
— enhanced user experience,
— a reduction in accidents,
— the lowering of energy consumption and CO emissions whilst vehicles search for available parking
2
spaces, and
— the effective use of land through parking of vehicles in dense spaces.
As for any kind of automated traffic, AVPS is susceptible to attacks and malfunctioning, which can affect
the safety of human life and other properties. Thus, security is an essential prerequisite for deployment
of AVPS. Furthermore, it is essential to avoid the proliferation of security means in order to ensure
that the overall C-ITS/CCAM (cooperative, connected and automated mobility) security systems remain
manageable, and to ensure interoperability.
The aim of this document is to contribute to the realization of secure level 4 driverless operation of
vehicles within parking facilities, and to support a fast and smooth market introduction by achieving
interoperability among vehicles provided by different manufactures and within different parking
facilities.
Clause 6 of this document addresses specifications of basic security requirements for AVPS related to
identified operation interfaces and management interfaces. This is complemented by the information in
Clause 5 and three informative annexes.
v
© ISO 2023 – All rights reserved

---------------------- Page: 5 ----------------------
TECHNICAL SPECIFICATION ISO/DTS 23374-2:2023(E)
Intelligent transport systems — Automated valet parking
systems (AVPS) —
Part 2:
Security integration for type 3 AVP
1 Scope
This document specifies security means and procedures for AVPS Type 3 as specified in ISO 23374-1. It
focuses on operation interfaces and management interfaces as defined in ISO 23374-1.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
1)
ISO 23374-1:— , Intelligent transport systems — Automated valet parking systems (AVPS) — Part 1:
System framework, requirements for automated driving, and communication interface
ISO/SAE 21434, Road vehicles — Cybersecurity engineering
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 23374-1 and the following
apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
subject vehicle
SV
light vehicle which is equipped with the vehicle operation sub-system of an automated valet parking
system (AVPS)
2)
[SOURCE: ISO 23374-1:— , 3.4]
3.2
parking facility
public or private car park in which an automated valet parking system (AVPS) is available
Note 1 to entry: An AVPS does not necessarily have to be available in the entire favility in order to achieve
conformance to this document. For example, it is possible for only a certain floor within a multi-story parking
facility to be dedicated to an AVPS.
[SOURCE: ISO 23374-1:—, 3.5, modified — Note 2 to entry removed.]
1) Under preparation. Stage at the time of publication: ISO/FDIS 23374-1:2023.
2) Under preparation. Stage at the time of publication: ISO/FDIS 23374-1:2023.
1
© ISO 2023 – All rights reserved

---------------------- Page: 6 ----------------------
ISO/DTS 23374-2:2023(E)
3.3
operation zone
single or multiple geographical area(s) within a parking facility where automated driving can be
performed by an automated valet parking system (AVPS)
[SOURCE: ISO 23374-1:—, 3.6, modified — Notes 1 and 2 to entry removed.]
3.4
drop-off area
location within the operation zone where the user leaves the subject vehicle (SV) and hands over
authority to the service provider
[SOURCE: ISO 23374-1:—, 3.7, modified — Notes 1 and 2 to entry removed.]
3.5
pick-up area
location within the operation zone where the service provider sends the subject vehicle (SV) to the user
for boarding and hands over authority
[SOURCE: ISO 23374-1:—, 3.8, modified — Notes 1 and 2 to entry removed.]
3.6
destination
location within the operation zone to which the subject vehicle (SV) is transferred
Note 1 to entry: For example, parking slots delineated by line markers, service bays (e.g. location beside an
electric vehicle charging stations), or a pick-up area can be a destination.
[SOURCE: ISO 23374-1:—, 3.11, modified — Original Note 1 to entry removed. New Note 1 to entry
added.]
3.7
parking area
area within the operation zone consisting of multiple parking spots
[SOURCE: ISO 23374-1:—, 3.10, modified — Note 1 to entry removed.]
3.8
parking facility equipment
PFE
physical equipment installed in the parking facility for supporting an automated valet parking system
(AVPS)
EXAMPLE Communication devices and detection sensors.
[SOURCE: ISO 23374-1:—, 3.15, modified — Preferred term changed from "automated valet parking
facility equipment" to "parking facility equipment".]
3.9
designed speed
physical speed of a subject vehicle (SV) which changes dynamically under the given circumstances
under which an automated valet parking system (AVPS) intends to operate while performing automated
driving
Note 1 to entry: For example, the AVPS will adjust the SV’s operating speed when travelling towards a corner
with limited visibility due to occlusion by a wall. This speed depends on the system design. For this reason, most
of the test procedures in this document do not specify a specific value and only refer to the "designed speed".
2
  © ISO 2023 – All rights reserved

---------------------- Page: 7 ----------------------
ISO/DTS 23374-2:2023(E)
3.10
designed distance
physical distance from the subject vehicle (SV) to an object that an automated valet parking system
(AVPS) intends to maintain under the given circumstances while performing automated driving
[SOURCE: ISO 23374-1:—, 3.19, modified — "Situation-specific" removed from the beginning of the
definition; "other facility users, objects or structures" replaced by "an object"; Note 1 to entry removed.]
3.11
sub-system
component of an automated valet parking system (AVPS) at a logical level which includes one or more
functions
[SOURCE: ISO 23374-1:—, 3.21, modified — Note 1 to entry removed.]
3.12
function
smallest composition of an automated valet parking system (AVPS) described in this document which
contributes to the system outputs
3.13
state
mutually exclusive condition that each vehicle managed by an automated valet parking
system (AVPS) is in
3.14
reservation ID
unique identifier for an established agreement between a user and a service provider to hand over the
subject vehicle (SV)’s authority to an automated valet parking system (AVPS) within a specific parking
facility
Note 1 to entry: A single reservation ID could be used over a period of time, or could be destroyed each time it is
used.
3.15
session ID
unique identifier given each time an authority handover occurs, and destroyed when authority
handback occurs
3.16
mission ID
unique identifier given each time a subject vehicle (SV) is given a new destination
4 Abbreviated terms
For the purposes of this document, the abbreviated terms given in ISO 23374-1 and the following apply.
AVP automated valet parking
AVPS automated valet parking system
CCAM cooperative, connected and automated mobility
DoS denial of service
DTLS datagram transport layer security
ESP encapsulating security payload
HoL head-of-line
3
© ISO 2023 – All rights reserved

---------------------- Page: 8 ----------------------
ISO/DTS 23374-2:2023(E)
IKE internet key exchange
OB operator backend
OEDR object and event detection and response
OEM original equipment manufacturer
PFE parking facility equipment
PKI public key infrastructure
RSU roadside unit
SA security association
SV subject vehicle
TCP Transport Control Protocol
TLS transport layer security
UB user backend
UDP User Datagram Protocol
VB vehicle backend
VIN vehicle identification number
VMC vehicle motion control
WAVE wireless access in vehicular environments
WMI world manufacturer identifier
5 General
5.1 Basic operation model of AVPS
5.1.1 Basic functionalities
The basic functionalities of AVPS can be described as the operation functions of an automated vehicle
and the management functions of system participants. Table 1 describes these basic functionalities of
AVPS.
— Performance requirements associated with the operation functions are specified in ISO 23374-1:—,
Clause 6.
— General requirements associated with the management functions are specified in ISO 23374-1:—,
Clause 7.
4
  © ISO 2023 – All rights reserved

---------------------- Page: 9 ----------------------
ISO/DTS 23374-2:2023(E)
Table 1 — Basic functionalities of AVPS and their description
Basic functionalities Description
Operation functions of — Determine a destination and route
an automated vehicle
— Perform level 4 automated driving
— Respond to commands of the system management
functionalities
Management functions — Manage environmental conditions
of system participants
— Check the compatibility between vehicles and facilities
— Identify the correct SV as the communication participant
— Remotely engage and disengage an SV
— Perform remote assistance when necessary
— Issue command to stop the operation when necessary
— React upon incapacitation of the automated vehicle operation
— Processes user requests
5.1.2 Basic operation flow
Figure 1 describes the basic flow of AVPS based on the user action and the system reaction.
Figure 1 describes the flow in which the user initially hands over authority to the service provider as
a representative use case. AVPS can also be utilized for services in which the service provider initially
hands over authority to the user (e.g. rental car services). Re-parking is an optional process and not
always required to complete the flow.
5
© ISO 2023 – All rights reserved

---------------------- Page: 10 ----------------------
ISO/DTS 23374-2:2023(E)
Key
1 user action 2 system reaction
3 requests availability 4 checks vacancy and compatibility
5 identifies SV and initiates check-in procedure 6 hands over authority
7 automated vehicle operation (entering) 8 automated vehicle operation (re-parking)
9 requests retrieval 10 automated vehicle operation (exiting)
11 initiates check-out procedure 12 receives authority
Figure 1 — Basic flow of AVPS
5.1.3 Example functional allocation of logical architecture in AVPS
Figure 2 shows an example image of functional allocation of logical architecture in AVPS.
6
  © ISO 2023 – All rights reserved

---------------------- Page: 11 ----------------------
ISO/DTS 23374-2:2023(E)
Key
1 operation interface 2 management interfaces
3 remote vehicle operation 4 on-board vehicle operation
5 user frontend 6 user backend
7 vehicle backend 8 operator backend
9 automated valet parking facility management 10 service server
11 RSU 12 in vehicle
13 internet
NOTE See Table 2 for definitions of abbreviated terms used in this figure.
Figure 2 — Example functional allocation of logical architecture in AVPS
Table 2 shows the functional allocations described in ISO 23374-1:—, 5.3.
7
© ISO 2023 – All rights reserved

---------------------- Page: 12 ----------------------
ISO/DTS 23374-2:2023(E)
Table 2 — Functional allocation
a
ID Sub-system Role Main functions Remarks
R Remote vehicle Performs automated — SV identification. The functional allocation
operation vehicle operation between the two vehicle op-
— Destination assignment.
eration sub-systems differs

depending on the vehicle
— Route planning.
operation type.

— OEDR.

— Localization of SV.

— Path determination.

— Trajectory calculation.

— Vehicle motion control.
V On-board vehicle
operation
— Emergency stopping.
U User frontend Interface to the user — Sends user requests.
— Receives and updates
vehicle status to user.
UB User backend Manages the system — User request processing. The three backend sub-sys-
participants tems cooperate to respond to
VB Vehicle backend — Remote engagement/
user requests (e.g. retrieval
disengagement.
of vehicles).
OB Operator backend — Manages parking facility
availability.
— Checks compatibility
between SV and parking
facility.
— Dispatches SVs into
driverless operation.
— Performs remote
assistance.
P Automated valet — Manages environmental
parking facility conditions.
management
— Responds to
incapacitation of the
operation functions.
a
See Figure 2.
5.2 Security lifecycle
ISO/SAE 21434 describes the lifecycle phases of the overall cybersecurity risk management (see
Figure 3).
This document refers to the overall cybersecurity risk management described in ISO/SAE 21434.
The AVP functionality within the vehicle preferably is engineered with a security engineering process
conforming to ISO/SAE 21434.
8
  © ISO 2023 – All rights reserved

---------------------- Page: 13 ----------------------
ISO/DTS 23374-2:2023(E)
Key
1 cybersecurity risk management 2 concept
3 product development 4 production
5 operation 6 maintenance
7 decommissioning/end of cybersecurity support
Figure 3 — Overall cybersecurity risk management (described in ISO/SAE 21434)
6 Security requirements
6.1 Security requirements for AVPS
Threats and risks concerning AVPS are evaluated in Annex C.
Like any kind of level 4 automated driving service, AVPS is susceptible to attacks and malfunctioning,
which can affect the safety of human life and property. Thus, security is an essential prerequisite for
the deployment of AVPS.
Within this context, security management for in-vehicle systems shall conform to ISO/SAE 21434.
Furthermore, security for roadside and service servers shall be strong against attacks, especially for
type 2 operation.
Specific security methods for in-vehicle and in-roadside and server systems are out of scope of this
document. Existing applicable security methods are presented in Annex B.
6.2 Security requirements on AVPS communication
6.2.1 General
The result of the risk analysis shows that the risk values related to AVPS communication between [R]
and [V] or [OB] and [VB/UB] are critical and major.
This means that the communication paths in AVPS need to be carefully secured.
AVPS shall perform end-to-end protection of all information assets from threats in the whole system.
Communication paths with direct communications between vehicles or user terminals such as smart
phones, i.e. between the [OB] sub-system and [VB]/[UB] sub-system (see Figure 2 and Table 2), are
designed by service providers. Specific protocols are chosen by service providers and shall be secured
by applying methods as used for general internet applications.
9
© ISO 2023 – All rights reserved

---------------------- Page: 14 ----------------------
ISO/DTS 23374-2:2023(E)
Communication paths between sub-systems are implemented in service servers and shall be secured
applying methods as used for general purpose applications.
Annex B shows a list of secured communication protocols which are candidates for use.
If implemented as localized communications, secure communications for AVP, i.e. the communication
paths between [R] and [V], and between [OB] and [VB/UB], shall use a public key infrastructure (PKI).
Subclauses 6.2.2 to 6.2.4 specify general security requirements for AVPS communications.
To meet the following requirements, AVPSs communication shall at least apply a signature verification
function.
Both infrastructures and vehicles need to verify the validity in every access. The methodology of AVPS
communication, at least for localized communications, shall be based on a PKI.
6.2.2 Confidentiality
Every message exchanged over a management interface shall be encrypted and protected to prevent
information disclosure. It shall not be possible for an unauthorized entity to reveal the messages within
AVPS communication paths.
Every message exchanged over an operation interface should be encrypted and protected to prevent
information disclosure. It should not be possible for an unauthorized entity to reveal the messages
within AVPS communication paths.
6.2.3 Integrity
All parts of messages shall be secured to ensure completeness, accuracy and absence of unauthorized
modifications. It shall be possible to verify and validate the integrity of all parts of messages, and
messages shall be protected against unauthorized modification and deletion.
6.2.4 Availability
All entities in the messages shall be readily accessible as the authorized information at all accesses.
6.2.5 Authentication
Authentication is required before establishing a session.
10
  © ISO 2023 – All rights reserved

---------------------- Page: 15 ----------------------
ISO/DTS 23374-2:2023(E)
Annex A
(informative)

Communication sequences
A.1 General
The communication sequences presented in Figures A.2 to A.14 define the sequential flow of messages
composed of the minimum set of data elements defined in Tables A.1 to A.13 and Tables A.23 to A.26.
Different sequences for one transition can be communicated in arbitrary order.
The messages and data elements are defined on a logical level with their respective units. This way,
interoperability of the solutions in the field can be achieved without specifying a byte-level message
format and protocol, enabling different carrier technologies in different markets, while minimizing the
functional impact of low-level technology choices on the overall system.
Figure A.1 shows the legend to be used for understanding the communication sequence charts shown in
Figures A.2 through A.14.
Arrows connecting the sub-systems represent a message. The minimum set of data elements to be
communicated within each message with solid lines are provided in the “Relevant message” column of
corresponding tables. Messages represented by broken lines describe the flow of data. Numbers within
brackets of the “Relevant message” column of each table indicate that the respective data element is
expected to be communicated between the sub-systems. These solid and broken line representations
are identical to those shown in Figure 2.
Figure A.1 — Legend
A.2 Communication sequences which trigger a state transition
A.2.1 Check-in sequence
11
© ISO 2023 – All rights reserved

---------------------- Page: 16 ----------------------
ISO/DTS 23374-2:2023(E)
Key
OB Operator_Backend R Remote_Vehicle_Operation
V Onboard_Vehicle_Operation VB Vehicle_Backend
UB User_Backend U User_Frontend
A User is known and associated with SV B Recognizes SV arrival at reserved parking facility
C AVPS confirms reservation D AVPS confirms reservation
E Recognizes SV arrival at reserved parking facility G Create Session_ID
1 SV reached parking facility (FACILITY_ID) 2 SV reached parking facility (SV_ID, FACILITY_ID,
OEM_ID)
3 User confirms arrival 4 SV reached parking facility (SV_ID)
5 SV reached parking facility (SV_ID) 6 SV reached parking facility (SV_ID)
7 SV reached parking facility (SV_ID) 8 Reservation Data (Reservation_ID, OEM_ID, SV_
ID…)
9 Reservation Data 10 Communicate Session_ID (Session_ID)
(Reservation_ID, OEM_ID, SV_ID…)
11 Communicate Session_ID (Session_ID) 12 Communicate Session_ID (Session_ID)
(Used AVP protocol version, [Type1 Used vehicle
map version])
Figure A.2 — Check-in sequence
12
  © ISO 2023 – All rights reserved

----------------------
...