Infrastructure Standard Security Implementation (ISSI)

The United States Department of Transportation (USDOT) and the Institute of Transportation Engineers (ITE) and their standards development partners, AASHTO and NEMA under the Infrastructure Standards Security Implementation project continue the implementation of the recommendations contained within the NTCIP 9014 NTCIP Infrastructure Standards Security Assessment (ISSA) informational report by updating NTCIP profiles and device standards to be based on SNMPv3.

ITS standards, including the NTCIP family of standards, are critically important to the deployment of ITS systems that are interoperable nationwide. The rapid evolution of ITS with the deployment of connected vehicle (CV) technologies and the need for heightened security on ITS infrastructure devices will drive changes to the NTCIP standards. Traditionally, NTCIP center-to-field (C2F) communications were based on Simple Network Management Protocol Version 1 (SNMPv1) which does not adequately address cybersecurity concerns. SNMPv3 was identified as a security solution as it was specifically designed to address security concerns of the previous versions of SNMP. Updating the NTCIP family of standards to incorporate SNMPv3 falls within scope of the Infrastructure Standards Security Implementation project.

ISSI Work Flow Chart: The Following published/current standards are highlighted below in bold and are linked directly below this diagram.

Notice of Intent (NOI) to Adopt the NTCIP Foundational Standards (1201, 2202 and 2301) (due by Feb 11, 2025)

The Institute of Transportation Engineers (ITE) intends to adopt the following National Transportation Communications for ITS Protocol (NTCIP) Foundational Standards, i.e., NTCIP 1201- Global Object Definitions, NTCIP 2202- Internet Transport Profile and NTCIP 2301-Simple Transportation Management Framework (STMF) Application Profile’s Recommended Standard (RS) assuming no final comments or appeals are received. The final draft versions of these NTCIP Foundational Standard’s proposed Recommended Standards (pRS) were approved as Recommended Standards (RS) by the NTCIP Joint Committee (JC) made up of representatives of ITE, AASHTO, and NEMA on November 08, 2024. Please check below for the final draft versions of the NTCIP Foundational Standards, the Standards Development Reports, and a notice as to whether these versions have been adopted by ITE. When adopted, these standards will be jointly published by ITE, NEMA and AASHTO.

The deadline to appeal (provide comments) the adoption of these standards as ITE standards is Feb 11, 2025.

Please see the attached NOI above to have more information about how to file an Appeal and how ITE will proceed if an Appeal is received.

If no appeals are filed, the ITE International Board of Direction (IBOD), AASHTO and NEMA will ballot the standard and these will be available for a no-cost free download for a period of at least one year. The 508 Compliant versions will also be available.

Task No.	Standard/Document Name	Overall Status- Not Started/ Under Development / Published	Date Completed
Task 4	Outreach Materials	Not Started
Task 3	Publication of Updated Standards	Not Started
Task 2.4	Deprecate Targeted NTCIP Standards	Not Started
Task 2.3	Update Lower Priority Standards	Not Started
Task 2.2	Update NTCIP Device Standards	Under Development
Task 2.1	Update Foundational NTCIP Standards	Published	2/13/2023
Task 1	Project Management Plan (PMP)	Published	9/15/2022
Task 1	Schedule	Published	1/5/2024
	Period of Performance (POP)		7/1/2022 - 6/28/2024

To participate in this project, please email as follows:

Address: standards@ite.org

Subject: NTCIP Standards Security Implementation (ISSI) Stakeholder