ISS at CES 2023 | January 5-8 | Las Vegas, NV | LVCC West Hall | Booth #6301

Subscriber Terms of Use

INTEGRITY Security Services LLC Secuity Credential Management Service (“SCMS”) Test, Pilot and Production Service Subscriber Terms of Use

1. TERMS OF USE

PLEASE READ THESE TERMS OF USE CAREFULLY BEFORE USING THE ISS SCMS SERVICE TEST, PILOT or PRODUCTION CERTIFICATES. BY USING THE CERTIFICATES OR RELATED SERVICES, YOU ACCEPT AND ARE AGREEING TO BE BOUND BY THE TERMS OF THESE TERMS OF USE. THE DATE OF YOUR FIRST USE OF THE CERTIFICATES OR RELATED SERVICES IS THE EFFECTIVE DATE OF YOUR USE UNDER THESE TERMS OF USE (“EFFECTIVE DATE”). IF YOU DO NOT AGREE TO THESE TERMS OF USE THEN YOU WILL NOT BE PERMITTED TO USE THE CERTIFICATES OR RELATED SERVICES HEREUNDER. IF YOU HAVE QUESTIONS RELATED TO THESE TERMS OF USE, CONTACT US USING THE INFORMATION IN THE CONTACT SECTION OF THSE TERMS OF USE.

These ISS Managed SCMS Test, Pilot and Production Service Subscriber Terms of Use (this “Terms of Use”) are made by and between INTEGRITY Security Services LLC (“ISS”) with offices at 30 W Sola Street Santa Barbara, CA 93101 and the Subscriber (“Subscriber”).

WHEREAS, Subscriber manufactures, supplies, or operates products and/or services that must operate in in the US Department of Transportation’s (“US-DOT”) vehicle-to-vehicle (“V2V”) and vehicle-to-infrastructure (“V2I”) programs (collectively, “V2X”); the European Commission’s Cooperative Intelligent Transport Systems (C-ITS) programs, the Car to Car (“C2C”) Consortium Car to Car (“C2C”) and Car to Infrastructure (“C2I”) programs (collectively C2X); and/or equivalent in China.

WHEREAS, ISS owns and operates the V2X Root CA (“V2XRCA”), C2X Root CA (“C2XRCA”) and the associated ISS Managed Certificate Management Service (“SCMS Service”) to issue US-DOT V2X, European C2X Pilot, Production and Test certificates and certificate revocation lists to Subscriber’s end entities including the ISS Traffic Management Center Authority (“TMCA”) and the ISS Device Management Dashboard (DMD) Service.

NOW, THEREFORE, in consideration of the mutual covenants and promises herein contained, the parties agree as follows:

2. DEFINITIONS AND ACRONYMS

2.1 Definitions

Affiliate

All current and future business entities that, directly or indirectly, control, are controlled by, or are under common control with Subscriber, excluding retail dealerships. For purposes of this definition only, the term “control” is defined as the legal, beneficial, or equitable ownership, directly or indirectly, in such entity.

Certificate

A digitally signed bit string issued by ISS’ V2XRCA, Test V2XRCA, C2XRCA, Subscriber C2XRCA, Test C2XRCA, ISS SCMS Test, Pilot and Production Service to a Subscriber identifying the holder (“Holder”) of the Private Key corresponding to the Public Key contained in the Certificate.

SCMS Test, Pilot and Production Service

As used herein “SCMS Test, Pilot and Production Service” refers to the service ordered by Subscriber hereunder, which may include any or all of: (i) SCMS Pilot ICA Service; (ii) SCMS Test Service; (iii) SCMS Production ICA Service; and (iv) SCMS TMCA Service.

(a) The “SCMS Pilot ICA Service” operates under the V2XRCA or C2XRCA (or Subscriber C2XRCA) and issues certificates to Subscriber for use in pre-production products that are deployed in state or government agency sponsored pilot V2X or C2X projects (e.g., the USDOT CV Pilots). At some point, these products will be removed from deployment or they will be transitioned to the SCMS Production ICA Service once they meet all applicable state or government agency requirements.

(b) The “SCMS Test Service” operates under the Test V2XRCA or the Test C2XRCA and issues certificates to Subscriber for use in product and service development. These certificates are not interoperable with those issued by the SCMS Pilot ICA Service and SCMS Production ICA Service.

(c) The “SCMS Production ICA Service” operates under the V2XRCA or C2XRCA and issues certificates to Subscriber for use in production products that meet all applicable state or government agency requirements for long term deployment in connected vehicle to vehicle and/or connected vehicle to infrastructure projects.

(d) The “SCMS TMCA Service” is an on premise or hosted service for encrypting, validating, accelerating and/or signing messages, MAP, TIM and other data.

(e) The “SCMS DMD Service” is a hosted service for monitoring and managing devices from a web interface and/or generating reports of fielded devices that have been privisioned by the ISS SCMS.

Key Pair

For asymmetric key cryptography, a Private Key and its corresponding Public Key.

Private Key

A secret key known only to Holder of the Key Pair. This is the key of a Key Pair that is used by the Holder to create digital signatures.

Public Key

This key is mathematically related to the Holder’s Private Key. It may be publicly disclosed by the Holder, and is used by Relying Parties to verify digital signatures created by the Holder using her Private Key.

Relying Party

The entity that relies on a valid Certificate.

Subscriber

A legal entity to whom a Certificate is issued and who is legally bound by these Subscriber Terms of Use.

2.2 Acronyms

CA Certificate Authority or Certification Authority
CAMP Crash Avoidance Metrics Partners LLC
SCMS Security Credential Management Service
C2XRCA ISS C2X Root Certification Authority
CRL Certificate Revocation List
DDA DLM Distributor Appliance
DLM Device Lifecycle Management
DMD Device Management Dashboard
DOT US Department of Transportation
EE End Entity
FIPS Federal Information Processing Standards
ISS INTEGRITY Security Services LLC
ICA Intermediate CA
IT Information Technology
OBU On Board Unit or Equipment
PKI Public Key Infrastructure
RSU Roadside Unit or Equipment
SCMS Security Credential Management System
TIM Traveler Information Message
TMCA ISS SCMS Traffic Management Center Authority
V2XRCA ISS V2X Root Certification Authority

3. LICENSE

Subject to the terms and conditions of these Terms of Use, Subscriber hereby accepts a single, individual, non-transferable and non-exclusive license to use the SCMS Test, Pilot and Production Service set forth in the ISS SCMS quotation referenced by Subscriber’s purchase order, applicable application programming interfaces and the issued V2V, V2I, C2C, C2I, DMD or TMC Authority Test, Pilot or Production Certificates, henceforth (“Licensed Material”). The ISS SCMS Test Service does not include any production rights. The ISS SCMS Administrator will provide access to the ISS SCMS Service appropriate for the Subscriber and as defined in the ISS SCMS Quotation.

4. CONDITIONS

The Licensed Material is supplied by ISS solely for use by Subscriber for its provisioning of its ISS-authorized products and services. All right, title, and inter¬est in and to the ISS SCMS Test, Pilot and Production Service, the Licensed Material, the ISS Root Certificate Authorities and their root certificates, and all related materials, excluding the issued certificates, are and shall at all times remain the sole property of ISS. Subscriber is not authorized to grant sublicenses for use of the ISS SCMS Test, Pilot or Production Service or the Licensed Materials or to permit usage on a time-sharing service. Subscriber shall not disassemble or re¬verse compile, reverse engineer, or otherwise attempt to learn the source code underlying the Licensed Material, or any algorithms or methods underlying the same. ISS preserves all rights not expressly licensed herein.

5. ISS OBLIGATIONS

The SCMS Test, Pilot and Production Service produces Certificates that are compliant with USDOT’s, CAMP’s or ISS’ then current profile of IEEE 1609.2 and the European Union’s or ISS’ then current profile of ETSI TS 103 097 and TS 102 941 standards for infrastructure and OBU certificates. The SCMS Test Certificates must not be considered secure in the traditional sense of a certificate since there are no security controls protecting the Test Root CA private key, any signing or encryption process and keys, or the OBU/RSU private keys (if generated by the SCMS Test Service). These Test Certificates are not interoperable with Certificates from the ISS SCMS Pilot or Production Service which are certified under the ISS V2X or C2X Root Certificate Authority.

6. SUBSCRIBER OBLIGATIONS

6.1 General Obligations

Subscriber’s obligations are as follows:

  1. Only use the Licensed Material to obtain SCMS-produced Test, Pilot and Production Certificates for the development, testing, manufacturing and operation of devices, systems and services which comply with US-DOT’s and European Commission’s then current regulations for such devices and systems.
  2. Only use the Licensed Material to obtain SCMS-produced Test, Pilot and Production Certificates for development, testing, manufacturing and operation of devices, systems and services for use in the US-DOT’s V2V and V2I programs and the European Commission’s C-ITS programs.
  3. Subscriber will protect its credentials used to log into the ISS SCMS Test, Pilot and Production Service from unauthorized use.
  4. Subscriber will report any suspected misuse of the SCMS-produced Test, Pilot and Production Certificates to ISS within 24 hours of detection. For Pilot and Production SCMS certificates, Subscriber’s devices, systems, and services will meet ISS’ then current minimum implementation requirements.
  5. Subscriber represents that it is not a direct competitor of ISS and shall not become a direct competitor of ISS, and under no circumstances shall the Licensed Material or Confidential Information be used by Subscriber for the purpose of competing with Licensor, and doing so constitutes a material breach of the Agreement.

6.2 Device, Service, and Certificate Revocation

Subscriber agrees that its devices and/or services containing SCMS Test, Pilot and Production Certificates may have those Certificates revoked by ISS, USDOT (for US V2X products and services), the European Commission (for EU C-ITS products and services), state and government agencies deploying connected vehicle/infrastructure projects, or by an automated misbehavior detection service as appropriate, without a period for cure, should such devices/services be determined by these entities, as appropriate, to be misbehaving or hacked.

For the verification of CRL processing by a test OBU/RSU, Subscriber may request a specific OBU/RSU be revoked by emailing ISS the Test OBU/RSU certificate.

ISS will issue a CRL for the requested device and will send this CRL to the Subscriber by email. Note that this CRL may contain certificates for other OBU/RSU not belonging to Subscriber.

7. FEES

No fees are required for the use of the ISS SCMS Test Service. Fees for the (i) SCMS Pilot ICA Service; (ii) SCMS Production ICA Service; (iii) SCMS DMD; and/or (iv) SCMS TMCA Service, as appropriate, will be defined and governed by the ISS SCMS Quotation and Subscriber Purchase Order. The Subscriber Purchase Order will list the services the Subscriber is subscribing to and will reference the ISS SCMS Quotation number and the ISS SCMS Quotation will incorporate by reference these Terms of Use. These Terms of Use will supersede and replace any additional and/or inconsistent terms and conditions listed in any Subscriber Purchase Order.

8. WARRANTY DISCLAIMER

TO THE MAXIMUM EXTENT PERMITTED BY LAW, ISS HEREBY DISCLAIMS ALL REPRESENTATIONS AND WARRANTIES OF ANY KIND HEREUNDER, INCLUDING REPRESENTATIONS AND WARRANTIES FOR THE V2XRCA AND C2XRCA PUBLIC KEYS, THE ISS SCMS TEST, PILOT, AND PRODUCTION SERVICE, V2XRCA & C2XRCA CERTIFICATES, SCMS CERTIFICATES, LICENSED MATERIAL AND ANY SERVICES PROVIDED BY ISS UNDER THESE TERMS OF USE, WHETHER EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF NON-INFRINGEMENT, CLEAR TITLE, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

9. TERM AND TERMINATION

Subscriber’s use of the SCMS Test, Pilot and Production Service under these Terms of Use shall commence as of the Effective Date and continue for a period of one year unless otherwise set forth in an ISS SCMS Quotation (the “Term”). These Terms of Use shall renew automatically on the anniversary of each Effective Date unless a party provides written notice prior to such renewal date that such party is terminating these Terms of Use.

ISS may terminate Subscriber’s right to use the SCMS Test Service under these Terms of Use for convenience and without cause on five (5) days prior notice provided via email or writing to Subscriber’s designated contact (see also Section 18 Amendments).

ISS may terminate Subscriber’s right to use the (i) SCMS Pilot ICA Service; (ii) SCMS Production ICA Service; (iii) SCMS DMD; and/or (iv) SCMS TMCA Service under these Terms of Use for convenience and without cause at the end of a then current subscription term on at least ninety (90) days prior notice provided via email or writing to Subscriber’s designated contact (see also Section 18 Amendments).

Either party may terminate these Terms of Use upon providing written notice if: (i) the other party makes any assignment for the benefit of creditors, or if any bankruptcy, reorganization, debt arrangement, or other proceeding under any bankruptcy or insolvency law is initiated by it, or is initiated against it and is not dismissed within sixty (60) days (collectively, “Bankruptcy”); or (ii) the other party ceases to be actively engaged in business, the other party materially breaches of any of its obligations under this Agreement; and such Bankruptcy and/or breach is not remedied within twenty (20) business days from the Effective Date of written notice by the non-breaching party.

Subscriber’s right to use the SCMS Test, Pilot and Production Service shall terminate immediately upon material breach of any of its obligations under these Terms of Use.

Upon termination of Subscriber’s right to use the SCMS Test, Pilot and Production Service, Subscriber will return all Licensed Material and Confidential Information (defined below) to ISS promptly upon such termination, and shall provide written certification of such return.

Sections 4, 6–8, 11–19, the last two sentences of 20, and 21-25 shall survive termination of expiration of these Terms of Use.

10. MAINTENANCE

The SCMS Test Service is provided “As-Is” with no maintenance services.

Upon payment in full of the fees for the service level set forth in the ISS SCMS Quotation, ISS shall provide maintenance service for the Licensed Material to Subscriber pursuant to the terms of these Terms of Use and the ISS SCMS Quotation. Error corrections, enhancements, and Documentation updates (“Revisions”) may be initi¬ated from time to time by ISS, and in such event shall be furnished to Subscriber. ISS cannot guarantee that all coding errors will be corrected or that all Revisions will be compatible with pre¬vious versions.

In order to continue to be eligible to receive Revisions hereunder, Subscriber must be current in the payment of fees and charges due ISS under this Agreement and must have accepted and installed the Revision most recently provided by ISS under this Agreement.

11. LIMITATION OF LIABILITY

ISS SHALL NOT BE LIABLE TO SUBSCRIBER OR ANY THIRD PARTY FOR ANY INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, COVER OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING DAMAGES FOR LOSS OF PROFITS, THE INABILITY TO USE EQUIPMENT OR ACCESS DATA, LOSS OF BUSINESS, BUSINESS INTERRUPTION, PERSONAL INJURY AND FOR ANY OTHER PECUNIARY LOSS OF ANY SORT), ARISING OUT OF THE USE OF, OR INABILITY TO USE, THE SERVICES OR LICENSED MATERIAL PROVIDED HEREUNDER OR ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OF USE BASED ON ANY THEORY OF LIABILITY INCLUDING BREACH OF CONTRACT, BREACH OF WARRANTY, STRICT LIABILITY, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, EVEN IF ISS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND EVEN IF A REMEDY SET FORTH HEREIN IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE.

The entire aggregate liability of ISS to Subscriber and any third parties arising out of or in connection with these Terms of Use shall be limited to amounts paid by Subscriber over the past twelve (12) months.

12. DISPUTES

These Terms of Use, and all of their provisions, shall be deemed to have been made in the State of California and the validity, construction, interpretation and enforcement thereof shall be governed by and construed in accordance with the laws of the State of California without regard to conflict of laws provisions.

With the exception of an action primarily seeking injunctive relief, any dispute, controversy or claim arising out of or relating to these Terms of Use, the subject matter thereof, or the breach thereof shall be settled by binding arbitration in Orange County, California, in accordance with the Commercial Arbitration Rules then prevailing of the American Arbitration Association. Judgment upon any award made in an arbitration may be entered and enforced in any court of competent jurisdiction. Except as set forth in the previous sentence, any judicial action taken by either party against the other in connection with any dispute or arbitration under these Terms of Use shall be brought in Orange County, California, in a State or Federal court having jurisdiction of the subject matter of the action; unless jurisdiction cannot there be obtained over, or venue is not there proper as to, an indispensable third party. Both parties expressly consent to the exercise of jurisdiction over them in the courts set forth in the previous sentence, as appropriate, by any court of competent jurisdiction and waive any rights they may have to have the action tried or determined in a different venue. The prevailing party in any arbitration or judicial action brought by one party against the other arising out of or related to these Terms of Use shall be entitled, in addition to any other rights and remedies it may have, to recover its reasonable attorneys’ fees, costs and expenses incurred in such action.

13. INDEMNIFICATION

Subscriber shall defend, indemnify and hold harmless ISS, its representative, its affiliates, and its parent corporation from all claims, costs, damages, judgments and attorneys’ fees resulting from or arising out of the use of the SCMS Test, Pilot and Production Service, V2XRCA/C2XRCA Public Key, the V2XRCA/C2XRCA Certificate, Managed SCMS Service-issued Certificates, or other services hereunder by Subscriber and others through Subscriber (whether or not authorized hereunder), or resulting from or arising out of these Terms of Use, provided that:

(a) ISS promptly notify Subscriber of the claim;

(b) Subscriber has sole control of the defense and related settlement negotiations; and

(c) ISS shall cooperate with Subscriber in the defense at Subscriber’s cost.

14. NOTICES

Notices from the Subscriber to ISS must be sent in the English language by first class mail with return receipt, by courier with signature required.   ISS contact information is specified in the “Contact” section of these Terms of Use.

Notices to the Subscriber shall be sent by email to the Subscriber’s contact information provided during registration for the SCMS Test, Pilot and Production Service on the ISS website. Notices to Subscriber are deemed effective when they are sent by ISS.  Notices by Subscriber to ISS or the SCMS Administrator are effective when they are confirmed received by ISS or five (5) business days, whichever occurs first.

15. CONFIDENTIALITY

Subscriber agrees to maintain the SCMS Test, Pilot and Production Service and all methods and concepts utilized therein, technical and non-technical information including but not limited to the Licensed Materials (including any documentation, methods and algorithms related thereto), patent, copyright, trademark, trade secret, proprietary information, techniques, sketches, drawings, models, inventions, know-how, processes, apparatus, equipment, algorithms, benchmarks and similar studies, formulae related to current and future proposed products and services of ISS or its licensors or suppliers, or including, without limitation, information concerning research, intellectual property, experimental work, development, design details and specifications, architecture, engineering, financial information, procurement requirements, purchasing, manufacturing, customer lists, business forecasts, pricing, availability time frames, business models, sales and merchandising, marketing and communications plans and information of ISS or its licensors or suppliers or and any information related thereto (hereinafter “Confidential Information”) in confidence as follows:

(a) Subscriber shall reproduce and include copyright and proprietary notices on all copies of the Confidential Information in the same form and manner that such copyright and proprietary notices are included on the Confidential Information.

(b) Subscriber agrees to maintain the Confidential Information in secure premises to prevent any unauthorized person from gaining access thereto.

(c) Subscriber agrees not to disclose the Confidential Information to any person or entity, except to employees of Subscriber to whom such disclosure is necessary to permit Subscriber to exercise its rights hereunder. Subscriber shall advise each employee to whom such disclosure is made of the need to maintain the Confidential Information in confidence and shall entered a confidentiality agreement with employee to protect third party confidential information.

(d) Subscriber warrants that all individuals having access to the Confidential Information will observe and perform the covenants set forth in this “Confidentiality” section.

(e) Subscriber shall give ISS written notice of any unauthorized disclosure or use of the Confidential Information as soon as Subscriber learns or becomes aware of it.

16. ENTIRE AGREEMENT

These Terms of Use hereto constitute the entire understanding of the parties with respect to the subject matter of these Terms of Use and supersede all prior agreements, communications and understandings relating to such subject matter.

17. WAIVER AND ASSIGNMENT

The waiver by either party of a breach of any provision of these Terms of Use shall not operate or be construed as a waiver of any other or a subsequent breach of the same or a different kind. ISS may assign these Terms of Use to an entity which acquires substantially all of its assets or merges with it. Except as set forth herein, neither these Terms of Use nor any rights hereunder, in whole or in part, shall be assignable or otherwise transferable by either party without the express written consent of the other party. Subject to the above, these Terms of Use shall be binding upon and inure to the benefit of the successors and assigns of the parties hereto.

18. AMENDMENTS

ISS may revise these Terms of Use from time to time and will notify Subscriber via email at least five (5) days before such revisions take place. In the event of such revisions, Subscriber will be required to agree to the new Terms of Use before continuing use of the SCMS Test, Pilot and Production Service. Failure to agree to the new Terms of Use before using the SCMS Test, Pilot and Production Service shall be deemed an immediate termination of Subscriber’s right to use the SCMS Test, Pilot and Production Service.

19. SEVERABILITY

If for any reason a court of competent jurisdiction finds any provision of these Terms of Use, or portion thereof, to be unenforceable, that provision of these Terms of Use will be enforced to the maximum extent permissible so as to affect the intent of the parties, and the remainder of these Terms of Use will continue in full force and effect.

20. SUBSCRIBER AFFILIATES

Subscriber is entitled to obtain services for the benefit of and use by Subscriber’s affiliates solely to provide Certificates for Subscriber automotive products. Such affiliates and their respective employees are entitled to use the services in accordance with this these Terms of Use and have and are entitled to all rights, benefits and protections granted to Subscriber under these Terms of Use with respect to the services solely to provide Test, Pilot and Production Certificates for Subscriber V2X/C2X automotive or roadside products. Subscriber is responsible for, and shall be liable for, compliance by its affiliates and their employees with the terms and conditions of these Terms of Use. There shall be no other third party beneficiaries to these Terms of Use.

21. RELATIONSHIP OF THE PARTIES

The parties agree that they are independent contractors and nothing in these Terms of Use will be construed as constituting or deemed to constitute a partnership, joint venture, or employment relationship between the parties. Neither party has the authority to bind the other party to any third party or otherwise to act in any way as the representative of the other party unless otherwise expressly agreed to in a written instrument signed by both parties.

22. EXPORT

Subscriber agrees to comply with any and all applicable laws, including but not limited to export laws, regulations, orders and other rulings or decrees of the United States and any applicable jurisdictions. Subscriber agrees that it shall not, and shall not allow third parties to, supply the Licensed Material to a unit or agency of the United States government or any other government without prior written authorization by ISS, and then only pursuant to terms set forth by ISS.

23. FORCE MAJEURE

ISS is not liable for a delay or failure to perform an obligation under these Terms of Use to the extent that the delay or failure is caused by an occurrence beyond ISS’ reasonable control.

24. CONSTRUCTION

Paragraph captions are inserted for convenience only and in no way are to be construed to define, limit or affect the construction or interpretation hereof. The section headers are for reference only and shall not be used to construe or interpret these Terms of Use.

25. CONTACT

The Contact Information for official ISS or ISS SCMS correspondence:

ISS SCMS Administrator
INTEGRITY Security Services LLC
300 Spectrum Center Dr. Suite 800
Irvine, CA 92618
Phone: (888) 951-4477
Email: SCMSadministrator@ghsiss.com