SFS Suomen Standardit

 

This Standard defines how the Natural Language Interaction Protocol (NLIP) should be implemented over the base transfer protocol of AMQP. The exemplar use-cases for NLIP implementation over AMQP are out of scope of this Standard.

 

This Standard establishes the Agent Security Profiles for NLIP as a standalone Ecma Standard. Each Security Profile defines a set of mandatory security requirements for an agent implementing NLIP. Conformance to this Standard is mandatory for any implementation claiming NLIP conformance.

 

Details on how the security guidelines described in this Standard should be implemented are out of scope of this Standard.

 

This Standard does not cover aspects related to internals of foundation-models, safeguards for physical data centers, or issues related to national export controls.

 

 

This Standard defines the specifications of Natural Language Interaction Protocol (NLIP), which is an application-level communication protocol defined between AI Agents or between a human and an AI agent. The motivation, the design philosophy, exemplar use-cases, and examples of sample exchanges using the NLIP protocol are out of scope of this Standard.

 

This document is aimed at those organisations wanting to create, fair, valid and reliable assessments in any context. The word high-stakes is often used, as opposed to low-stakes exams which are used in a formative context. The document takes a user through the process that they need to go through to create assessments and also identifies key roles within the assessment process. This Standard provides comprehensive guidelines on the application of information technology (IT) in delivering assessments. It outlines the scope of IT usage across various types of assessments, detailing the life cycle stages, security protocols, and privacy considerations specific to IT-enabled assessments.

 

The standard covers a broad range of assessment types, each tailored to specific contexts and objectives. These types of assessments ensure that the standard can be applied across various domains, from education to professional certification, and each has distinct characteristics and requirements. The key aspect of this is that the exams are high-stakes and have some specific use case, rather than for formative assessment, which typically has less rigorous requirements for creation and delivery. The primary types of assessment covered in the standard: a) K-12 Assessments b) Academic Assessments c) Employment Testing d) Professional Certification

 

The assessment lifecycle is a comprehensive process that encompasses the various stages involved in the creation, implementation, and evaluation of assessments. Although assessment procedures vary, the typical life cycle of assessment consists of the following steps: a) identification of need to assess b) design of outcomes/rubrics/assessment methodology c) creation, preparation and calibration of content d) preparation of assessment content (includes computer adaptive test engine/model) e) registration (may include payment) f) distribution g) authentication (includes identification) h) delivery i) response return (and/or submission) j) irregularities k) scoring, result determination and/or feedback l) data return m) analysis n) appeals and o) credentialing (certification, licensure, degree, badge, micro-credential, etc.) The design and instruments for computer adaptive testing and assessment methodology are not covered by this Standard. However, when IT is used for delivery, the relevant clauses of this Standard should be considered during the lifecycle.

 

The emphasis throughout this Standard is on the additional and distinct measures required with the integration of modern IT in assessment systems. While measures that are common to both traditional paper-based and IT-delivered assessments are mentioned only in general terms, this Standard addresses the novel challenges and opportunities introduced by digital technologies. This edition expands on the previous version by incorporating advanced technologies that were not previously covered. These include, but are not limited to, AI-assisted scoring, automatic feedback systems, adaptive testing, and remote proctoring solutions. The use of IT now supports a more comprehensive range of assessment functions: AI-Based Automated Scoring and Feedback: Modern systems employ machine learning algorithms to provide instant scoring and multi-dimensional feedback. Although the quality and validity of the assessment content remain paramount, IT is now capable of offering detailed, rubric-based evaluations that can be reviewed and validated by human markers. Adaptive Testing and Dynamic Item Banking: The introduction of computerized adaptive testing (CAT) and robust item banking systems allows assessments to adjust in real time to the test-taker’s ability, ensuring a more personalized and efficient measurement of competency. IT supports the maintenance and continuous updating of these item banks, including automatic generation and statistical calibration of test items. Remote Proctoring and Data Security: The transition to online assessments has necessitated the incorporation of remote proctoring technologies that combine AI monitoring with human oversight to mitigate fraud while safeguarding student privacy. This Standard specifies requirements for secure data transmission, storage, and compliance with international data protection regulations such as GDPR and ISO/IEC 27001. Learning Analytics and Data-Driven Decision Making: IT now plays a significant role in collecting and analyzing assessment data, enabling educators to leverage learning analytics for real-time feedback, formative assessment, and instructional adjustments. The interface between assessment content and IT delivery is enhanced to support a data-driven approach to both scoring and pedagogical decision-making. It is important to note that this Standard does not address the purely pedagogical aspects of assessment design or the intrinsic quality of assessment content. Rather, it focuses on the IT mechanisms that implement pedagogical decisions, facilitate the efficient transmission and secure handling of assessment data, and enable innovative evaluation methods. Compliance with this Standard does not imply that an assessment is pedagogically robust; rather, it ensures that the IT infrastructure supporting the assessment adheres to best practices in security, transparency, and reliability. The scope includes: IT scoring systems that are designed for subsequent human review; The IT-facilitated transmission and delivery of assessments, where responses may be scored either automatically or by human markers; The provision of automated feedback and immediate result reporting, while result-determination processes requiring human judgment remain outside this scope. By addressing these enhanced IT aspects, this Standard aims to support the evolution of assessment practices in a digital age, ensuring that technological innovations are harnessed effectively while maintaining the validity and fairness of the assessment process.

 

The aim of this Standard is to articulate overarching principles and best practices without prescribing specific technical implementations. The recommendations can be achieved through a variety of technological or procedural approaches, reflecting the expanded range of modern IT applications—including AI-assisted scoring, adaptive testing, and remote proctoring—without being tied to any specific hardware or software platform. In many instances, the principles outlined herein may be supplemented by additional regulations set by assessment providers, ensuring that while the underlying IT-enabled processes evolve, the core values of validity, fairness, and security remain paramount. 1.6 Compliance Assessment sponsors, assessment distributors and assessment centres may claim compliance with this Standard if they comply with all the clauses or subclauses applicable to their role (see table below). Notes to the clauses indicate the role(s) to which each clause or subclause is applicable. This Standard is applicable to both high-stakes and low-stakes assessments, but some clauses or subclauses are applicable only to high-stakes assessments; this is indicated in Table 1. The scenarios given in Annex A illustrate how different types of organisation might need to comply with different clauses of this Standard.

 

Design for Six Sigma (DFSS) is a methodology used to innovate, develop, or redesign processes, products, or services. This international standard provides a common understanding of the principles, terminology, and guidelines for applying various methods and tools within DFSS. Furthermore, it outlines how multidisciplinary teams can effectively implement DFSS. It is essential to note that DFSS is not intended to replace an organization's existing development processes; instead, it aims to enhance them significantly.

 

This document establishes an ISO/IEC Registration Authority (RA) that hosts a list of registered mdoc types and namespaces in a machine- and human-readable format. It establishes a Registration Management Group (RMG) with agreed upon high-level review functions for mdoc types and namespaces registration. The outcome of the registration process is a centralized list of existing mdoc types and namespaces and it also provides an opportunity for the Registration Management Group of experts to provide valuable feedback to applicants.

 

The ISO/IEC 19788 series specifies, in a rule-based manner, properties and their attributes for the description of learning resources. This includes the rules governing the identification of properties and the specification of their attributes.

 

This Part of ISO/IEC 19788 specifies, using the ISO/IEC 19788-1 Framework, technical aspects of learning resources, i.e., requirements for use, location, size, etc.

 

These elements can later be combined with other descriptive elements including those from other parts of the ISO/IEC 19788 series or other standards, including Dublin Core refinements and IEEE 1484.12.1-2002 [1] to address more specific topics such as technical or educational information.

 

This document specifies the safety requirements and test methods for slings and wraps which are designed to carry one or two children in one or more positions and secured to the carer's torso to allow for hands free operation when standing and/or walking. If the sling or wrap has functions not covered in this document, reference can be made to the relevant European Standard. This document does not cover garment or apparel carriers. This document does not cover baby carriers designed for children with special needs.

 

This document specifies refinements for an application of EN ISO/IEC 27701 in a European context.

 

This document is applicable to the same entities as is ISO/IEC 27701: all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations, which are PII controllers and/or PII processors.

 

An organization can use this document for the implementation of the generic requirements and controls of EN ISO/IEC 27701 according to its context and its applicable obligations.

 

Certification criteria based on these refinements can provide a certification model under ISO/IEC 17065 for processing operations performed within the scope of a privacy information management system according to EN ISO/IEC 27701, which can be combined with certification requirements for EN ISO/IEC 27701 under ISO/IEC 17021.

 

This document is applicable for internally coated cylindrical and conical aluminium tubes, mainly used for the packing of pharmaceutical, cosmetic, hygiene, food or other household products. The internal coating is used as a barrier to avoid any contact between aluminium and the product. This document defines the sodium chloride method to detect the electrolyte conductivity as one criterion for the quality of the internal coating. NOTE The electrolyte conductivity of the internal coating is only one criterion for evaluation of the quality of an internal coating. It does not give any information on the quantity or size of any pores or uncoated areas, nor any hint on possible reactions between the aluminium tube and the product. The electrolyte conductivity can never be used as the sole criterion for quality evaluation of the internal coating, but always with other parameters e.g. film thickness, acetone and/or ammonia resistance and of course results of enhanced stability studies.

 

This document specifies a method for the determination of the strength of the head welding of flexible laminate and extruded plastic tubes. It is applicable to flexible laminate and extruded plastic tubes packaging applications.

 

ISO 13503-5:2006 provides standard testing procedures for evaluating proppants used in hydraulic fracturing and gravel packing operations. ISO 13503-5:2006 provides a consistent methodology for testing performed on hydraulic fracturing and/or gravel packing proppants. The "proppants" mentioned henceforth in this part of ISO 13503-5:2006 refer to sand, ceramic media, resin-coated proppants, gravel packing media, and other materials used for hydraulic fracturing and gravel-packing operations. ISO 13503-5:2006 is not applicable for use in obtaining absolute values of proppant pack conductivities under downhole reservoir conditions.

 

 

This document specifies requirements and provides guidance for risk management of AI systems. It specifies terminology, principles and a process for risk management.

 

The process described in this document intends to assist providers of AI systems to identify the hazards associated with the AI systems, to estimate and evaluate the associated risks, to control these risks, and to monitor the effectiveness of the controls. The process described in this document applies to risks to health, safety and fundamental rights associated with an AI system. The process described in this document is applied throughout the life cycle of the AI system.

 

This document requires providers to establish objective criteria for risk acceptability but does not specify acceptable risk levels.

 

This document is intended for use by organizations providing AI systems, regardless of their size, nature or location. This document is not intended for managing risk faced by organizations. This document is intended to support the organization in meeting applicable regulatory requirements.

 

This document addresses organizational and technical solutions aimed at ensuring the cybersecurity of high-risk AI systems over the life cycle, appropriate to the relevant circumstances and the risks. The technical solutions to address AI-specific vulnerabilities include, where appropriate, measures to prevent, detect, respond to, resolve and control for attacks trying to manipulate the training dataset (data poisoning), or pre-trained components used in training (model poisoning), inputs designed to cause the model to make a mistake (adversarial examples or model evasion), confidentiality attacks or model flaws. This document provides objective criteria to enable decisions on whether a given technical or organizational solution adequately achieves a given vulnerability-related goal.

 

This document specifies requirements and tests for the construction, performance, safety and production of battery powered class 1,5 Capillary Thermal-Mass Flow sensor gas meters (hereinafter referred to as meter(s)). This applies to meters having co-axial single pipe, or two pipe connections, which are used to measure volumes of fuel gases of the 2nd and/or 3rd family, as given in EN 437:2021. In general, the term "thermal mass flow meters" applies to a flow-measuring device using heat transfer to measure and indicate gas flowrate, as defined in ISO 14511. NOTE Although the word "mass" is present in the definition of the measurement principle, gas meters covered by this document provide measurement of gas at base conditions of temperature and pressure. These meters have a maximum working pressure not exceeding 0,5 bar and a maximum flowrate not exceeding 160 m3/h over a minimum ambient temperature range of -10 °C to +40 °C and a gas temperature range as specified in the marking, with a minimum range of 40 °C. For meters designed for hydrogen measurement, the maximum flowrate is not exceeding 480 m3/h, whilst the other characteristics are as stated above. This document applies to meters indicating volume at base conditions, which are installed in locations with vibration and shocks of low significance. It applies to meters in: - closed locations (indoor or outdoor with protection, as specified in the instruction manual) with condensing humidity or with non-condensing humidity; or, if specified in the marking: - open locations (outdoor without any covering) both with condensing humidity or with non-condensing humidity; and in locations with electromagnetic disturbances likely to be found in residential, commercial and light industrial use. For meters which indicate unconverted volume, reference can be made to Annex C. Unless otherwise stated, all pressures given in this document are gauge pressures. Requirements for electronic indexes, valves and additional requirements for batteries incorporated in the meter and any other additional functionalities are given in EN 16314:2013. Unless otherwise stated in a particular test, the tests are carried out on meters that include additional functionality devices, as indicated in the instruction manual. Clauses 1 to 13 are for design and type testing only. For meters designed for blended gas and/or hydrogen measurement, refer to Annex E. This document refers only to hydrogen as specified in ISO 14687:2025 with a purity of type I grade A or better. Unless otherwise stated, all tests applicable to 2nd and 3rd family gases are applicable also to blended gas and hydrogen. Mixtures with a hydrogen concentration above 20 % and below 98 % by volume are not covered by this document.

 

This document specifies a test method for bending resistance properties of monofilament yarns. This document is applicable to monofilament yarns with equivalent diameters from 0,030 mm to 0,200 mm. NOTE See 7.1 for the conversion of the equivalent diameter of monofilament yarn into the corresponding linear density.

 

This document specifies a method for the determination of cetane number of diesel fuels by utilizing air flow regulation in a standard diesel engine. The cetane number measurement range is from 0 CN to 100 CN, whereas a typical cetane number range from 25 CN to 70 CN. This document is applicable to various types of diesel fuels, including automotive diesel, bio-diesel, synthetic diesel, and similar altermnative fuels. However, the precision for synthetic and other unconventional diesels has not been established.

 

This document defines terminology and concepts for application systems developed using VR, AR, and MR technologies. These systems require standardized terminology and concepts to ensure consistent meaning across various application services.

 

The integration of VR/AR/MR-systems enables users to view and interact with virtual environments, objects, and materials through computers or mobile devices, incorporate real world information, and communicate within these environments. Depending on the application, virtual humans may appear as user avatars.

 

This document defines

— Terminology related to VR/AR/MR based systems integration

— Concepts necessary to understand and conduct using VR/AR/MR based systems integration

— Requirements for systems integration using VR/AR/MR technologies to generate application services

 

This document does not address the following items: personal information, evidence information. assessment methods, metrics information, education management, curricular development information.