4.3.1Fixed data
Fixed data is defined as all seal information which will not change after the time of manufacture. This includes the manufacturer ID, the tag ID (serial number), the protocol ID, the model number, the product version, the seal tag type and the protocol version.
Fixed data shall be protected against erasure or alteration during the manufacturing process such that it cannot be modified or deleted by an outside entity. The technical details of how fixed data protection is performed are beyond the scope of this part of ISO 18185 and are leftto the individual electronic seal manufacturer.
4.3.2 Variable data
Variable data is defined as all seal event information which,after the time of manufacture, can and most probably will change throughout the life of the seal. This includes the time of seal closure, the time of seal opening and the battery status.
Event information shall be added to the seal’s memory upon each status change. Once written into the event log, this information shall become a permanent record within the seal and shall not be modified or erased by either the seal or an outside entity.
Variable data shall be protected against erasure or alteration within the device throughout the lifetime of the seal. The technical details of how variable data protection is performed are beyond the scope of this part of ISO 18185 and are left to the individual electronic seal manufacturer.
5 Device authentication
5.1 General
In addition to the integrity of the data communicated, this part of ISO 18185 requires the capability to verify the authenticity of the electronic seal.
5.2 Physical authentication
The ability for forensic authentication is necessary for both the mechanical and the electronic components of a seal. The seal manufacturer shall be able to identify and authenticate the seal as a valid seal based on proprietary information, its unique manufacturing characteristics, and the fixed data defined in 4.3.1.
Presented with the physical device, the seal manufacturer shall be able to validate the authenticity of the mechanical and electronic components of the seal. The technical details of how physical device authentication is performed are beyond the scope of this part of ISO 18185 and are left to the individual electronic seal
manufacturer.
5.3Electronic authentication
Under the terms of this first-generation part of ISO 18185, there are no requirements for the ability to electronically authenticate a seal through data transmissions.
6 Conformance
Electronic seals claiming compliance with this part of ISO 18185 shall have the high security mechanical seal physical properties defined in ISO/PAS 17712.They shall further comply with the electronic seal manufacturers’ security-related practices identified in Annex A.