SFS Suomen Standardit

 

This document defines terminology and concepts for application systems developed using VR, AR, and MR technologies. These systems require standardized terminology and concepts to ensure consistent meaning across various application services.

 

The integration of VR/AR/MR-systems enables users to view and interact with virtual environments, objects, and materials through computers or mobile devices, incorporate real world information, and communicate within these environments. Depending on the application, virtual humans may appear as user avatars.

 

This document defines

— Terminology related to VR/AR/MR based systems integration

— Concepts necessary to understand and conduct using VR/AR/MR based systems integration

— Requirements for systems integration using VR/AR/MR technologies to generate application services

 

This document does not address the following items: personal information, evidence information. assessment methods, metrics information, education management, curricular development information.

 

This document specifies the safety requirements and test methods for soft carriers without a framed support designed to carry one or two children hands free when attached to the carer’s torso. If the soft carrier has functions not covered in this document, reference can be made to the relevant European Standard. This document does not apply to garment or apparel carriers or carriers in the scope of prEN 13209-3:2026. This document does not cover baby carriers designed for children with special needs.

 

This document: - defines terms for identity management and specifies core concepts of identity and identity management, and their relationships; - is applicable to any information system where information relating to identity is processed or stored; - is considered to be a horizontal document for the following reasons: - it applies concepts such as distinguishing the term “identity” from the term “identifier” on the implementation of systems for the management of identity information and on the requirements for the implementation and operation of a framework for identity management, - it provides an important contribution to assess identity management systems with regard to their privacy-friendliness and their ability to assure the relevant attributes of an identity, and consequently it provides a foundation and a common understanding for any other standard addressing identity, identity information, and identity management.

 

This document: - provides guidelines for the implementation of systems for the management of identity information; - specifies requirements for the implementation and operation of a framework for identity management; - is applicable to any information system where information relating to identity is processed or stored; - is considered to be a horizontal document for the following reasons: - it applies concepts such as distinguishing the term "identity" from the term "identifier" on the implementation of systems for the management of identity information and on the requirements for the implementation and operation of a framework for identity management, - it provides an important contribution to assess identity management systems with regard to their privacy-friendliness and their ability to assure the relevant attributes of an identity, and consequently it provides a foundation and a common understanding for any other standard addressing identity, identity information, and identity management

 

- provides requirements and guidance for the management of identity information and for ensuring that an identity management system conforms to ISO/IEC 24760-1 and ISO/IEC 24760-2; - is applicable to any information system where information relating to identity is processed or stored; - is considered to be a horizontal document for the following reasons: - it applies concepts such as distinguishing the term “identity” from the term “identifier” on the implementation of systems for the management of identity information and on the requirements for the implementation and operation of a framework for identity management, - it provides an important contribution to assess identity management systems with regard to their privacy-friendliness and their ability to assure the relevant attributes of an identity, and consequently it provides a foundation and a common understanding for any other standard addressing identity, identity information, and identity management.

 

This document specifies the long-term sampling of PCDDs/PCDFs/PCBs. There are three different sampling methods, which are based on the three different principles described in EN 1948 1, but partially modified for long-term sampling requirements: — filter/condenser method; — dilution method; — cooled probe method. Each sampling method is illustrated in detail in Annex D. The sampling methods described in this document are designed for a sampling duration of typically up to four weeks. Additionally, this document specifies a framework of quality control requirements for any long-term sampling method. With the methods described, experiences were gained for a concentration range up to 4,0 ng TEQ/m3 at various stationary sources (e.g. waste incinerators, sinter plants, cement kilns). For complete implementation of the measurement method, the use of EN 1948 2 and EN 1948 3 describing extraction, clean-up, identification, and quantification, respectively, is necessary in order to determine PCDDs/PCDFs. Additionally, EN 1948 4 is necessary for PCBs.

 

 

 

The ISO/IEC 19788 series specifies, in a rule-based manner, properties and ­­their attributes for the description of learning resources. This includes the rules governing the identification of properties and the specification of their attributes. These properties may be used to form the description of a learning resource, i.e. as a metadata learning resource (MLR) record described in iso:proj:62845ISO/IEC 19788-8:2015 Data elements for MLR record.

 

This document is intended to help implementers with a starting point for adopting the iso:proj:81950ISO/IEC 19788-1:2024framework by defining an application profile that lists properties and rules, mostly taken from iso:proj:67374ISO/IEC 19788-2:2011/Amd 1:2016. In addition, it adds, as examples, three locally defined properties and one vocabulary.

 

 

This document provides guidelines on implementation and application of the concept of metrological traceability in measurements supporting the exploration, upgrading, transmission, distribution and use of natural gas, biogas, biomethane and other substitutes. The guidance aims at implementing requirements such as those laid down in ISO/IEC 17025:2017 6.5. The measurement of flow rate, composition, temperature, pressure and natural gas properties are covered. The document also addresses the metrological traceability of properties calculated from other quanties, such as pressure, temperature and composition. This document describes how calibration, quality control and the evaluation of measurement uncertainty aid to establishing and underpinning the metrological traceability of measurement results. Requirements for the certification of traceable calibration gas mixtures and test gases are also addressed in this document. Finally, the guidance extends to the measurement of the quantity and energy supplied or received, such as described in ISO 15112. Whereas it is recognised that the measurement of quantity and energy is in practice often implemented as a computational process using measurement data, this document takes the view that the purpose of the measurement is the quantity and energy, and that the measurements made in gas metering serve the purpose of providing metrologically traceable results as input for the measurement of quantity and energy.

 

This document specifies principles for privacy protection through pseudonymization services, aimed at safeguarding personal health information . It is applicable to organizations implementing pseudonymization processes or claiming trustworthiness in pseudonymization service operations. This document:

- defines foundational principles for pseudonymization

- aligns with updated regulations and standards, such as iso:proj:69373ISO/IEC 20889:2018 , iso:proj:71677ISO/IEC 27559:2022 , and other relevant documents, and methodologies for pseudonymization services

- provides guidance on practical application of pseudonymization , including examples of de-identification process, best practices and case studies

- defines important elements in the concept of pseudonymization, direct and indirect identifiability of personal information, and different types of data variables

- provides guidance on risk assessment for re-identification, and two distinct contexts of re-identification of pseudonymized information, and

- specifies various techniques designed to balance privacy protection with data utility to ensure that the data can be used for analytics, research, or operational needs without revealing personal identities.

 

Additionally, this document addresses new regulatory and ethical frameworks, such as the EU AI Act[1] , IEEE 7000:2021 [2] , and IEEE 7007:2021 [3] , as well as guidance on pseudonymization in AI, considering the impact of emerging technologies on privacy protection.

 

ISO 25237:2017 contains principles and requirements for privacy protection using pseudonymization services for the protection of personal health information. This document is applicable to organizations who wish to undertake pseudonymization processes for themselves or to organizations who make a claim of trustworthiness for operations engaged in pseudonymization services. ISO 25237:2017

- defines one basic concept for pseudonymization (see Clause 5),

- defines one basic methodology for pseudonymization services including organizational, as well as technical aspects (see Clause 6),

- specifies a policy framework and minimal requirements for controlled re-identification (see Clause 7),

- gives an overview of different use cases for pseudonymization that can be both reversible and irreversible (see Annex A),

- gives a guide to risk assessment for re-identification (see Annex B),

- provides an example of a system that uses de-identification (see Annex C),

- provides informative requirements to an interoperability to pseudonymization services (see Annex D), and

- specifies a policy framework and minimal requirements for trustworthy practices for the operations of a pseudonymization service (see Annex E).

 

The primary purpose of ISO/IEC 19788 is to specify metadata elements and their attributes for the description of learning resources. This includes the rules governing the identification of data elements and the specification of their attributes. ISO/IEC 19788 provides data elements for the description of learning resources and resources directly related to learning resources.

 

ISO/IEC 19788-3:2011 is designed to help implementers with a starting point for adopting ISO/IEC 19788, defining an application profile that specifies, through adding constraints to the use of some data elements, how the ISO/IEC 19788-2 element set can be used.

 

 

This document specifies cybersecurity requirements and associated assessment requirements for identity management systems that qualify as products within the meaning of Regulation (EU) 2024/2847. Such products are classified as important products (class 1) according to the implementing regulation Commission Implementing Regulation (EU) 2025/2392.

 

This document covers:
- general description of the product belonging to that category and the product and/or components such product with digital elements; 
- description of their use case; 
- security analysis; 
- definition of applicable risk profiles to be considered for these product with digital elements; 
- applicable cybersecurity requirements for each risk profile; 
- applicable cybersecurity assessment and test requirements for each risk profile.

 

Product not in the scope of this document:
- chip, Embedded OS, Applets; 
- PKI products; 
- cyber security products needed for securing IT infrastructures (VPN, SIEM….); 
- all products that are classified as default such as the anti-fire detectors products. 

 

This document defines cyber security requirements for products with digital elements belonging to product category “Hardware Device with Security Boxes” (hereinafter called “Product” or “HWSB product”).

 

The technical description of “Hardware Devices with Security Boxes” can be found in Annex II of [CRA].

 

The Hardware Devices with Security Boxes in scope are designed for deployment in a range of environments and where the threat landscape includes attackers with various attack potential.

 

HWSB are hardware-based systems intended to provide secure storage, processing and use of sensitive data, including cryptographic assets, within a protected hardware boundary (envelope).

 

This document applies to the HWSB part of the product. The applicability of this document to specific products is determined based on their intended purpose, use case and risk assessment.

 

This document provides a description of anthropometric measurements that can be used as a basis for the creation of physical and digital anthropometric databases. The list of measurements specified in this part ISO 8559-6 is intended to serve as a guide for practitioners in the field of clothing who are required to apply their knowledge to select population market segments and to create size and shape profiles for the development of all contour fitting garment types which extend from the torso and shoulder to the breast and their equivalent fitness. The list provides a guide for how to take anthropometric measurements, as well as give information to clothing product development teams and innerwear manufacturers on the principles of measurement and their underlying anatomical and anthropometrical bases. It is intended to use this part ISO 8559-6 in conjunction with national, regional or international regulations or agreements to ensure harmony in defining population groups and to allow comparison of anthropometric data sets.

 

This document specifies requirements and guidance for the interoperability of data, data sharing mechanisms, and services within data spaces. It covers requirements, criteria and implementation guidance on: - dataset content, use restrictions, licences, data collection methodology, data quality and uncertainty, and on machine-readable formats to find, access and use of data; - data structures, data formats, vocabularies, classification schemes, taxonomies and code lists, and how to describe these elements a publicly available and consistent manner; - technical means to access the data, such as application programming interfaces, and their terms of use and quality of service to enable automatic access and transmission of data between parties; - where applicable, the means to enable the interoperability of tools for automating the execution of data sharing contracts. This document is applicable to all organizations participating in dataspaces, regardless of their size or type.

 

This document provides terminology, concepts, requirements, and guidance for logging of AI systems. It is primarily intended for organizations placing on the market or putting into service AI systems and is not specific to any particular sector.