technical note - tn 063: 2016 - transport for nsw · technical note - tn 063: 2016 . technical note...
Post on 26-May-2020
21 Views
Preview:
TRANSCRIPT
Technical Note - TN 063: 2016
Technical Note - TN 063: 2016
Subject: Withdrawal of T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Issued date: 25 August 2016
Effective date: 25 August 2016
For queries regarding this document standards@transport.nsw.gov.au
www.asa.transport.nsw.gov.au
This technical note is issued by the Asset Standards Authority as a notification to remove from
use T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands,
version 1.0.
T HR TE 41002 ST should be used for reference purposes only.
T HR TE 41002 ST contained requirements for both radiocommunication in LIPD class licensed
bands and wireless local area networks (WLAN). The requirements for radiocommunication in
LIPD class licensed bands and WLAN are now split between two documents.
T MU TE 41004 ST Packet Switched Networks – Wireless Local Area Networks, version 1.0
contains requirements for WLAN.
T MU TE 41003 ST Radiocommunication in LIPD Class Licensed Bands, version 1.0 contains
requirements for radiocommunication in LIPD class licensed bands.
Technical content prepared by
Checked and approved by
Interdisciplinary coordination checked by
Authorised for release
Signature
Date
Name James Piper Trevor Payne Andrea Parker Graham Bradshaw
Position Principal Engineer Rail Systems
Lead Telecommunications Engineer
Chief Engineer Director Network Standards and Services
© State of NSW through Transport for NSW Page 1 of 1
v1.0
ST
4100
4 TE
M
U
T &
v1
.0
ST
4100
3 TE
M
U
T by
S
uper
sede
d
Wireless Data Communication in LIPD Class Licensed Bands
T HR TE 41002 ST
Standard
Version 1.0
Issued Date: 03 October 2014
Important Warning This document is one of a set of standards developed solely and specifically for use on the rail network owned or managed by the NSW Government and its agencies. It is not suitable for any other purpose. You must not use or adapt it or rely upon it in any way unless you are authorised in writing to do so by a relevant NSW Government agency. If this document forms part of a contract with, or is a condition of approval by, a NSW Government agency, use of the document is subject to the terms of the contract or approval. This document may not be current. Current standards are available for download from the Asset Standards Authority website at www.asa.transport.nsw.gov.au. © State of NSW through Transport for NSW
v1.0
ST
4100
4 TE
M
U
T &
v1
.0
ST
4100
3 TE
M
U
T by
S
uper
sede
d T HR TE 41002 ST
Wireless Data Communication in LIPD Class Licensed Bands Version 1.0
Issued Date: 03 October 2014
© State of NSW through Transport for NSW
Standard governance
Owner: Lead Telecommunications Engineer, Asset Standards Authority
Authoriser: Chief Engineer Rail, Asset Standards Authority
Approver: Director, Asset Standards Authority on behalf of ASA Configuration Control Board
Document history
Version Summary of change
1.0 First issue
For queries regarding this document, please email the ASA at
standards@asa.transport.nsw.gov.au
or visit www.asa.transport.nsw.gov.au
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 3 of 24
Preface
The Asset Standards Authority (ASA) is an independent unit within Transport for NSW (TfNSW)
and is the network design and standards authority for defined NSW transport assets.
The ASA is responsible for developing engineering governance frameworks to support industry
delivery in the assurance of design, safety, integrity, construction, and commissioning of
transport assets for the whole asset life cycle. In order to achieve this, the ASA effectively
discharges obligations as the authority for various technical, process, and planning matters
across the asset life cycle.
The ASA collaborates with industry using stakeholder engagement activities to assist in
achieving its mission. These activities help align the ASA to broader government expectations of
making it clearer, simpler, and more attractive to do business within the NSW transport industry,
allowing the supply chain to deliver safe, efficient, and competent transport services.
The ASA develops, maintains, controls, and publishes a suite of standards and other
documentation for transport assets of TfNSW. Further, the ASA ensures that these standards
are performance based to create opportunities for innovation and improve access to a broader
competitive supply chain.
This document has been developed by the Chief Engineer Rail section of the ASA, reviewed by
a committee of TfNSW cluster representatives and approved by the ASA Configuration Control
Board.
This document standardises wireless data communication within certain low interference
potential devices (LIPD) class licensed bands, used for the purpose of data exchange between
connected internet protocol (IP) enabled computer systems.
This standard is a first issue.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 4 of 24
Table of contents
1. Introduction............................................................................................................................................5
2. Purpose...................................................................................................................................................5 2.1. Scope ..................................................................................................................................................................... 5 2.2. Application............................................................................................................................................................. 6
3. Reference documents ...........................................................................................................................7
4. Terms and definitions ...........................................................................................................................9
5. Restrictions on use of WLAN systems..............................................................................................10 5.1. System safety ...................................................................................................................................................... 11 5.2. Engineering controls .......................................................................................................................................... 11
6. Interface between WLAN and LAN systems .....................................................................................11
7. Interfaces between DTE and WLAN systems ...................................................................................13 7.1. Media access control and physical layer .......................................................................................................... 13 7.2. Radiocommunications........................................................................................................................................ 14
8. Interfaces between WLAN systems ...................................................................................................14
9. Interfaces to physical environment ...................................................................................................15
10. Interfaces to network management systems....................................................................................16
11. Non-functional requirements for WLAN............................................................................................16 11.1. Availability ........................................................................................................................................................... 17 11.2. Interoperability .................................................................................................................................................... 17 11.3. Maintainability ..................................................................................................................................................... 17 11.4. Manageability ...................................................................................................................................................... 18 11.5. Performance ........................................................................................................................................................ 19 11.6. Reliability ............................................................................................................................................................. 20 11.7. Work, health, and safety ..................................................................................................................................... 20 11.8. Security ................................................................................................................................................................ 20 11.9. Supportability ...................................................................................................................................................... 23 11.10. Sustainability....................................................................................................................................................... 24
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 5 of 24
1. Introduction
Railway communication systems are increasingly based on internet protocol (IP) enabled
computer systems. Wireless data communication systems shall align with national and
international standards to create open industry involvement, increased competition, and optimal
asset stewardship outcomes.
2. Purpose
This document standardises wireless data communication within certain low interference
potential devices (LIPD) class licensed bands, used for the purpose of data exchange between
connected IP-enabled computer systems.
2.1. Scope
The scope of this standard includes all wireless data communication systems that operate in
class licensed bands as defined by items 44, 44A, 45A, 45B, 46, 53, 54, and 55 of the
Radiocommunications (Low Interference Potential Devices) Class Licence 2000 made under the
Radiocommunications Act, 1992.
For the purpose of this standard, the wireless data communication system is referred as the
wireless local area network (WLAN).
This document specifies the functional requirements for the following system interfaces:
wireless local area network to (wired) local area network (WLAN to LAN systems)
wireless data terminal equipment to wireless local area network (DTE to WLAN systems)
wireless local area network to wireless local area network (WLAN to WLAN systems)
WLAN systems to physical environment
WLAN systems to network management systems
The functional requirements specified in this document principally relate to the physical, data
link and network layers of the open systems interconnection model defined in ISO/IEC 7498-1
and the link and internet layers of the internet protocol suite (commonly referred to as the
TCP/IP model).
Figure 1 depicts the systems and interfaces that are in scope.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 6 of 24
Figure 1 In-scope systems and interfaces (informational)
Figure 1 is informational and is not intended to convey any architectural information.
Solid lines represent systems and system interfaces, dashed lines within the solid
lines represent sub-systems and sub-system interfaces.
This document specifies minimum non-functional requirements for wireless local area network
systems.
More stringent non-functional requirements may be specified as part of a system requirements
specification for a wireless data communication system.
This document does not contain detailed and comprehensive requirements for functional areas
of the ASA other than network standards, such as asset planning, technical management or
maintenance plans, configuration control, asset stewardship inclusive of network strategy and
architecture.
2.2. Application
This document applies to all uses of wireless data communication systems.
This document applies to all installations of wireless data communication systems. For example,
outdoor installations on poles or towers, within fixed premises, or on rolling stock.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 7 of 24
3. Reference documents
International standards
EN 50159 Railway Applications - Communication, Signalling and Processing Systems - Safety-
related Communication in Transmission Systems
EN 60825-1 Safety of laser products - Equipment classification and requirements
EN 60825-2 Safety of laser products - Safety of optical fibre communication systems (OFCS)
EN 60950-1 Information technology equipment - Safety - General requirements
EN 61508-4 Functional Safety of electrical/electronic/programmable electronic safety-related
systems - Part 4: Definitions and abbreviations
ISO/IEC 18028 Information technology - Security techniques - IT network security
IEC 11801 Information technology - Generic cabling for customer premises
IEC 62380 Reliability data handbook - Universal model for reliability prediction of electronics
components, PCBs and equipment
IEEE 802.11-2007 Telecommunications and Information Exchange Between Systems – Local
and Metropolitan Area Networks – Specific Requirements – Part 11: Wireless LAN Medium
Access Control (MAC) and Physical Layer (PHY) Specifications
IEEE 802.11-2007 Telecommunications and Information Exchange Between Systems – Local
and Metropolitan Area Networks – Specific Requirements – Part 11: Wireless LAN Medium
Access Control (MAC) and Physical Layer (PHY) Specifications: Amendment 4: Enhancements
for Very High Throughput for Operation in Bands below 6 GHz
IEEE 802.11i-2004 Telecommunications and Information Exchange Between Systems – Local
and Metropolitan Area Networks – Specific Requirements – Part 11: Wireless LAN Medium
Access Control (MAC) and Physical Layer (PHY) Specifications: Amendment 6: Medium Access
Control (MAC) Security Enhancements
IEEE 802.11n-2009 Telecommunications and Information Exchange Between Systems – Local
and Metropolitan Area Networks – Specific Requirements – Part 11: Wireless LAN Medium
Access Control (MAC) and Physical Layer (PHY) Specifications: Amendment 5: Enhancements
for Higher Throughput
IEEE 802.11s-2011 Telecommunications and Information Exchange Between Systems – Local
and Metropolitan Area Networks – Specific Requirements – Part 11: Wireless LAN Medium
Access Control (MAC) and Physical Layer (PHY) Specifications: Amendment 10: Mesh
Networking
IEEE 802.11u-2011 Telecommunications and Information Exchange Between Systems – Local
and Metropolitan Area Networks – Specific Requirements – Part 11: Wireless LAN Medium
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 8 of 24
Access Control (MAC) and Physical Layer (PHY) Specifications: Amendment 9: Interworking
with External Networks
IEEE 802.1X Port-Based Network Access Control
IETF RFC 2544 Benchmarking Methodology for Network Interconnect Devices
IETF RFC 5424 The Syslog Protocol
IETF RFC 6241 Network Configuration Protocol (NETCONF)
ISO/IEC 27001 Information technology - Security techniques - Information security management
systems - Requirements
ISO/IEC 7498-1 Information technology – Open Systems Interconnection – Basic Reference
Model: The Basic Model
MIL-HDBK-217F Notice 2 Reliability Prediction of Electronic Equipment
Telcordia SR-332 Reliability Prediction Procedure for Electronic Equipment
Australian standards
AusCERT AA-2004.02 -- Denial of Service Vulnerability in IEEE 802.11 Wireless Devices
Transport for NSW standards
T HR TE 41001 ST Packet Switched Networks – Wired – Local, Metropolitan, and Wide Area
Networks
T HR TE 81001 ST Telecommunication Equipment – Physical Interfaces and Environmental
Conditions
T HR TE 81002 ST Telecommunication Equipment – Network Management
T MU TE 81003 ST Test Processes and Documentation for Programmable Electronic Systems
and Software
TS 20001 System Safety Standard for New or Altered Assets
Legislation
Radiocommunications Act, 1992
Radiocommunications (Low Interference Potential Devices) Class Licence 2000
Radiocommunications (Short Range Devices) Standard 2004
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 9 of 24
4. Terms and definitions
The following terms and definitions apply in this document:
ANT antenna sub-system
AP access point sub-system
CERT computer emergency response team
CTR (CTR) counter mode
CBC-MAC cipher-block chaining with message authentication code
CCMP CTR with CBC-MAC protocol
CFR constant failure rate
constant failure rate (as defined in IEC 60050-191) that period, if any, in the life of a non-
repaired item during which the failure rate is approximately constant
data terminal equipment a computer system with one or more internet protocol addresses
assigned to its network interfaces for the purpose of resource sharing amongst systems
connected to the communication network. For example, laptop, tablet, smartphone.
DTE data terminal equipment
EN European Norms
EOS end of sale
end of sale the date when the original equipment manufacturer withdraws a product from sale,
both directly and through its authorised points of sale; for example, distributors and resellers
FOFS first offered for sale
first offered for sale the date when the original equipment manufacturer first offers a product
for sale in the Australian market
IEC International Electrotechnical Commission
IEEE Institute of Electrical and Electronics Engineers
IETF Internet Engineering Task Force
ICMP internet control message protocol
LAN local and metropolitan area network
local area network computer network consisting of switches which forward ethernet frames
LIPD low interference potential device
LLDP link layer discovery protocol
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 10 of 24
MTTF mean time to failure
NETCONF network configuration protocol
OEM original equipment manufacturer
operational [availability] (as defined in IEC 60050-191) qualifies a value determined under
given operational conditions
RADIUS remote authentication dial in user service
safety related (as defined in EN 61508-4) designated system that both
– implements the required safety functions necessary to achieve or maintain a safe state for the
equipment under control; and
– is intended to achieve, on its own or with other electrical, electronic, or programmable
electronic safety-related systems and other risk reduction measures, the necessary safety
integrity for the required safety functions
steady state [availability] (as defined in IEC 60050-191) qualifies a value determined for
conditions of an item when characteristic parameters of the item remain constant
SNMP simple network management protocol
TFTP trivial file transfer protocol
WLAN wireless local area network
5. Restrictions on use of WLAN systems Many known denial of service and penetration attacks on WLANs are detectable, but not
preventable, even with the use of sophisticated wireless intrusion detection systems. The
following note contains considerations on the use of WLAN and wireless data communications
within LIPD class licensed bands:
The Radiocommunications (Low Interference Potential Devices) Class Licence 2000
contains a note cautioning against operating under a class licence, used by WLAN in
Australia, for applications with commercial and safety-of-life implications.
AusCERT advisory AA-2004.02 recommends that WLAN be "precluded from use in
safety, critical infrastructure and/or other environments where availability is a primary
requirement". The advisory applies to IEEE 802.11 using the direct sequence spread
spectrum (DSSS) physical layer, including IEEE 802.11b-1999 and
IEEE 802.11g-2003. However all WLAN protocols are inherently vulnerable due to the
clear channel assessment (CCA) procedure defined in all IEEE 802.11 protocols.
On the basis of vulnerability notes VU#106678 and VU#391513 CERT recommends
that due to "inherent vulnerabilities in 802.11 … do not deploy 802.11 networks for
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 11 of 24
applications that require high availability (e.g. safety, critical infrastructure)"
(VU#106678).
While it is recommended that WLAN and LIPD class licensed bands are not to be used for
safety and critical infrastructure applications, it is acknowledged that it may be possible to use
WLAN for these applications if the system safety is managed and appropriate engineering
controls are implemented.
5.1. System safety
System safety of WLAN data communication systems shall be managed in accordance to the
TS 20001 System Safety Standard for New or Altered Assets.
5.2. Engineering controls
WLAN systems may be used for safety-related systems if an alternate means of data
communication is provided that meets the reliability, availability, maintainability, and safety
requirements in the event that the WLAN system fails.
WLAN systems may be used for non safety-related systems under one of the following
conditions:
the radio frequency interference and channel utilisation is static and quantifiable across the
whole of life of the system, such that the reliability, availability, and maintainability
requirements are met
an alternate means of data communication is provided that meets the reliability, availability,
maintainability, and safety requirements in the event that the WLAN system fails
there are no reliability, availability, and maintainability requirements
6. Interface between WLAN and LAN systems
Figure 2 shows interface between the wireless local area network (WLAN) and local area
network (LAN) systems in the overall system.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 12 of 24
Figure 2 WLAN to LAN system interfaces (informational)
WLAN systems shall comply with the following sections of T HR TE 41001 ST Packet Switched
Networks Wired - Local, Metropolitan, and Wide Area Networks as a DCE:
Bridging and management (section 5.1), except LLDP
100 Mb/s ethernet interfaces (section 5.4)
1 Gb/s ethernet interfaces (section 5.5)
Modular transceiver packages (section 5.10), except XFP and QSFP+
Port-based network access control (section 5.11)
Quality of service (section 5.15)
WLAN systems shall comply with the power over ethernet requirements in section 5.9 of
T HR TE 41001 ST as a DTE.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 13 of 24
7. Interfaces between DTE and WLAN systems
Figure 3 shows interface between the wireless data terminal equipment (DTE) and wireless
local area network (WLAN) systems in the overall system.
Figure 3 DTE to WLAN system interfaces (informational)
7.1. Media access control and physical layer
Systems shall comply with the medium access control and physical layer specifications defined
in IEEE 802.11-2007, with the exception of physical layer specifications that use infrared or
frequency-hopping spread spectrum.
Note that IEEE 802.11-2007 incorporates IEEE 802.11a-1999, IEEE 802.11b-1999,
IEEE 802.11d-2001, IEEE 802.11g-2003, IEEE 802.11h-2003, IEEE 802.11i-2004,
IEEE 802.11j-2004, and IEEE 802.11e-2005.
Systems shall be configured to use the physical layer specifications defined in
IEEE 802.11n-2009 or IEEE 802.11ac-2013. For backwards compatibility, systems may be
additionally configured to use the extended rate physical specifications (commonly known as
IEEE 802.11g-2003) defined in IEEE 802.11-2007.
Where data confidentiality, authentication, and integrity are required, systems shall be
configured to use CTR with CBC-MAC Protocol (CCMP) as defined in IEEE 802.11i-2004.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 14 of 24
Where public access to the system is provided (for example, to customer laptops, tablets, or
smartphones), and data confidentiality, authentication, and integrity are required, systems shall
be additionally configured to use IEEE 802.11u-2011 and Wi-Fi® Certified Passpoint™.
7.2. Radiocommunications
Systems shall operate in class licensed bands as defined by items 44, 44A, 45A, 45B, 46, 53,
54, and 55 of the Radiocommunications (Low Interference Potential Devices) Class Licence
2000, as amended.
Systems shall comply with the Radiocommunications (Short Range Devices) Standard 2004, as
amended.
8. Interfaces between WLAN systems
Figure 4 shows interface between one WLAN system and another WLAN system within the
overall system.
Figure 4 WLAN to WLAN system interfaces (informational)
Systems shall comply with the requirements stated in Section 7 of this standard.
Systems shall be configured to use mesh networking as defined in IEEE 802.11s-2011.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 15 of 24
9. Interfaces to physical environment
Figure 5 depicts the WLAN interfaces with the physical environment. The physical environment
includes power supply, earth connections, equipment cords, environmental conditions and
electromagnetic emissions and immunity.
Figure 5 Interfaces to the physical environment (informational)
WLAN systems shall comply with the following sections of T HR TE 81001 ST
Telecommunication Equipment – Physical Interfaces and Environmental Conditions:
Power supply interfaces
Earth connections
Equipment cords
Environmental conditions
Electromagnetic emissions and immunity
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 16 of 24
10. Interfaces to network management systems
Figure 6 shows the WLAN interface with the network management systems. The network
management systems comprise fault and performance management, configuration
management, and security management.
Figure 6 Interfaces to network management systems (informational)
WLAN systems shall comply with T HR TE 81002 ST Telecommunication Equipment – Network
Management.
11. Non-functional requirements for WLAN
The non-functional requirements specify the following performance requirements for WLANs:
availability
interoperability
maintainability
manageability
performance
reliability
work, health, and safety
security
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 17 of 24
11.1. Availability
Unless otherwise qualified in this section, availability refers to the 'operational' and 'steady state'
availability inclusive of all factors that contribute to system down time within the operational
conditions, such as the physical environment and network management systems defined in
Section 9 and Section 10 of this standard.
The minimum availability requirement for the WLAN system (excluding the DTE to WLAN and
WLAN to WLAN radiocommunications interfaces) is 99.99%.
Where the radio frequency interference and channel utilisation is static and quantifiable across
the whole of life, the minimum availability of the DTE to WLAN and WLAN to WLAN
radiocommunications interfaces is 95%.
Where the radio frequency interference and channel utilisation is neither static nor quantifiable
across the whole of life, such as in public access applications, it is not possible to specify the
minimum availability of the DTE to WLAN and WLAN to WLAN radiocommunications interfaces.
Availability shall be demonstrated by the reliability block diagram (RBD) method as part of the
reliability, availability, and maintainability (RAM) programme.
11.2. Interoperability
Where no specific requirement exists, open standards shall be complied with instead of
proprietary alternatives.
Interoperability with nominated type approved or existing operators' systems shall be verified by
testing the systems, which complies with T MU TE 81003 ST Test Processes and
Documentation for Programmable Electronic Systems and Software as part of the verification
plan. This is in addition to other verification methods such as certification that may form part of
the verification plan.
Where modular transceiver packages are used, WLAN shall interoperate with any compliant
modular transceiver package from any third party. If a third-party modular transceiver package
is used the WLAN shall not disable or degrade its performance and the WLAN supplier shall not
alter the support or warranty conditions for the WLAN.
11.3. Maintainability
Preventative maintenance programs shall be identified for all components with an increasing
failure rate failure model such as fans, filters, transceivers, and connectors.
Maintenance programs shall be identified to detect imminent or conditional failures such as
thresholds for CPU and memory, interface utilisation and errors, temperature, power supply
current and voltage, and radio frequency coverage.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 18 of 24
Maintenance programs shall be identified for all assets to ensure that the hardware, firmware,
software, physical and logical configuration is as designed throughout the life of the asset.
Where installed in a redundant configuration, cards and modules shall be able to be inserted or
removed without affecting system operation, that is, hot swappable. Hot swapping shall be
performed in hardware without issuing any system commands.
All message logs with a severity level between 0 and 4 inclusive as defined in
IETF RFC 5424 shall be logged to syslog.
All message logs with a severity level between 0 and 2 inclusive as defined in IETF RFC 5424
shall be regarded as failures requiring immediate corrective action.
All message logs with a severity level of 3 or 4 as defined in IETF RFC 5424 shall be regarded
as conditional failures requiring priority preventative action.
Table 1 contains the different severity levels of message logs.
Table 1 - Severity levels of message logs
Severity level Description
0 Emergency
1 Alert
2 Critical
3 Error
4 Warning
11.4. Manageability
Configuration datastore, running configuration datastores and startup configuration datastores
are defined in IETF RFC 6241. However, implementing the requirements in IETF RFC 6241 is
not required.
WLAN shall support the following logical configuration management capabilities:
support separate running and startup configuration datastores
retrieve all of a configuration datastore
load all of a configuration to a target configuration datastore
create or replace a configuration datastore with the contents of another configuration
datastore
delete a configuration datastore
retrieve running configuration
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 19 of 24
When queried using SNMPv3, the WLAN AP shall return values that correspond with configured
values for the following logical configuration attributes:
hostname (sysName)
location (sysLocation)
contact (sysContact)
When queried using SNMPv3, the WLAN AP shall return values that correspond with published
product documentation for the following physical configuration attributes:
hardware revision
firmware revision
software revision
serial number of chassis and field replaceable units
manufacturer name of chassis and field replaceable units
model name of chassis and field replaceable units
11.5. Performance
Throughput, latency, and frame loss rate are defined in IETF RFC 1242.
Performance requirements with confidence levels and confidence intervals (margin of error) of
the system shall be specified including but not limited to throughput, latency, frame loss rate,
received signal strength (RSS) within defined coverage area.
The confidence level shall be 95% or greater.
The confidence interval (margin of error) shall be 10% or less.
The performance shall be analysed using a radio frequency simulation tool.
The performance shall be verified by testing the system which complies with T MU TE 81003 ST
Test Processes and Documentation for Programmable Electronic Systems and Software. The
population for sampling purposes shall consist of discrete points at every linear or square metre
within the defined coverage area. A minimum of 100 random samples from the population shall
be used to verify the design.
Where a confidence level greater than 95% or confidence interval less than 10% are used the
increased sample size shall be statistically calculated assuming simple random sampling.
Where the radio frequency interference and channel utilisation is neither static nor quantifiable
across the whole of life, such as in public access applications, the test results are only valid at
the time the test was performed.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 20 of 24
All traffic flows shall be assigned a relative priority and information rates as part of a traffic policy
and serviced by WLAN accordingly, such that the network quality of service guarantees is
achieved.
11.6. Reliability
Failure models inclusive of the failure distribution and required parameters for all field
replaceable units (FRU) that comprise WLAN shall be specified. For example, a common failure
model is the constant failure rate (CFR) with exponential distribution and mean time to failure
(MTTF).
The mean time to failure of all CFR field replaceable units shall exceed 150,000 h.
Failure model parameters shall comply with the yearly average temperature for reliability,
availability, maintainability, and safety calculations defined in EN 50125-3.
Acceptable methods for predicting the failure model for electronic equipment, as stated in the
following standards shall be followed:
IEC/TR 62380
Telcordia SR-332 Issue 3
MIL-HDBK-217F Notice 2
Where multiple MTTF estimates are available, the lowest estimate shall be used.
Failure models shall be justified by stating the data source, methodology, environment,
assumptions, and parameters.
11.7. Work, health, and safety
WLAN shall comply with the safety of information technology requirements as defined in
EN 60950-1.
If modular transceiver packages are used, WLAN shall comply with the safety of laser products
requirements as defined in EN 60825-1 and EN 60825-2.
11.8. Security
Defences against security vulnerabilities such as interruption, interception, modification,
intrusion, and deception shall be implemented consistently with the guidance contained within
ISO/IEC 18028. These defences shall mitigate internal or external and intentional or
unintentional security vulnerabilities.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 21 of 24
11.8.1. Management-plane security
Full compliance to this section may not be required provided both of the following conditions are
satisfied:
the WLAN is dedicated to a single application
it is not feasible to implement network management systems based on the protocols
defined in Section 9 of this standard
As a minimum, the following management-plane security defences shall be implemented on
WLAN:
in-band management ports to be on dedicated management VLAN (not VLAN 1)
prune management VLAN from 802.1Q trunks where not required
enable password security (hashing) for local passwords
disable local password recovery using the console, that is, the WLAN AP is factory reset to
reinitialise
disable all unused services, such as discard, daytime, chargen and protocols, such as
SNMPv1, SNMPv2
enable an idle timeout of 5 minutes on console and remote terminal sessions
enable the generation of a trap or message notification when memory utilisation exceeds
80%
Enabling the generation of a message notification when memory and CPU utilisation
thresholds have been exceeded assists in detecting that a security attack is in progress.
enable the generation of a trap or message notification when CPU utilisation exceeds 80%
enable authentication in protocols where the support exists; for example, NTPv3, SNMPv3
enable encryption in protocols where the support exists; for example, SNMPv3
implement access control list 'white-list' to permit access to the WLAN management-plane
services, such as SNMPv3, syslog, DNS, NTPv3, SNTP, SSHv2, HTTPS, TACACS+,
RADIUS from authorised network management servers and clients
All other access to management-plane services is denied.
implement access control list 'white-list' to permit access to the WLAN using internet control
message protocol (ICMP) types 0, 8, and 11 from authorised network management servers
and clients
All other access to the WLAN using ICMP types 0, 8, and 11 is denied.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 22 of 24
restrict access to management services to configured interfaces
disable insecure management protocols, such as trivial file transfer protocol (TFTP), telnet
enable a retry limit for protocols that support authentication
disable any auxiliary or unused management ports
enable the banner on login as shown below to notify unauthorised users that they are not
permitted to use the system
***** This service is for authorised clients only *****
*************************************************************
* WARNING: It is a criminal offence to: *
* i. Obtain access to data without authority *
* (Penalty 2 years imprisonment) *
* ii Damage, delete, alter or insert data without authority *
* (Penalty 10 years imprisonment) *
*************************************************************
configure the primary method of authentication, authorisation and accounting to TACACS+
or RADIUS
configure the secondary method of authentication, in the event of the failure of the primary
method, to local passwords
Manufacturer default passwords shall not be used.
configure logging of messages with a severity level between 0 and 4 inclusive, as defined
in IETF RFC 5424 to syslog servers
disable logging of messages to console and terminal
enable logging of configuration change, authentication and authorisation events
11.8.2. Control-plane security
As a minimum, the following control-plane security defences shall be implemented on WLAN:
implement access control list 'white-list' to permit access to the control-plane
All other access to the control-plane is denied.
enable authentication in protocols where the support exists
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 23 of 24
11.8.3. Data-plane security
As a minimum, the following data-plane security defences shall be implemented on WLAN:
prune VLAN 1 from 802.1Q trunks where not required
enable IEEE 802.1X port-based network access control for all access to the network (both
wired and wireless interfaces)
enable traffic flow statistics
implement access control list 'white-list' to permit access to data-plane, specified by
internet layer, such as IP, ICMP or transport layer, such as TCP, UDP rules
All other access to data-plane is denied.
11.9. Supportability
The supportability life cycle is shown in Figure 7 and Figure 8.
An advance notice shall be issued by the original equipment manufacturer (OEM) more than six
months (180 days) prior to the end of sale (EOS).
WLAN shall only be submitted for type approval if either of the following conditions is met:
the OEM guarantees that the EOS is at least three years from the date of proposed
commissioning
the WLAN has been first offered for sale for less than two years from the date of proposed
commissioning
Software support services for operating system software shall be commercially available for at
least three years following the EOS.
Hardware repair and replacement services shall be commercially available for at least three
years following the EOS.
Type approval is withdrawn at EOS.
While software support and hardware repair and replacement services are available after EOS,
the use of the product may continue for existing installations, but shall not be used in new works
or upgraded installations except for emergency replacements.
When software support or hardware repair and replacement services are unavailable after EOS,
the use of the product shall be discontinued.
Sup
erse
ded
by T
MU
TE
410
03 S
T v1
.0 &
T M
U T
E 4
1004
ST
v1.0
T HR TE 41002 ST Wireless Data Communication in LIPD Class Licensed Bands
Version 1.0 Issued Date: 03 October 2014
© State of NSW through Transport for NSW Page 24 of 24
Figure 7 Supportability life cycle based on time until end of sale
Figure 8 Supportability life cycle based on time from first offered for sale
11.10. Sustainability
WLAN shall comply with the restriction of hazardous substances directive requirements as
defined in EU 2002/95/EC.
top related