Information Technology Standards: May 2025 Monthly Overview

Looking back at May 2025, the Information Technology and Office Equipment sector experienced a dynamic surge in standardization activity. In this first part of our monthly overview, we revisit five influential standards published during the period. These releases reflect mounting priorities in vendor-neutral smart home connectivity, cryptographic security testing, intelligent transport object identification, next-generation land registration, and robust biometric authentication for digital cards. Whether you’re shaping enterprise compliance strategies, managing mission-critical digital infrastructure, or advancing innovation initiatives, this retrospective offers a concise synthesis of what mattered most and guides you to the details you may have missed.

Monthly Overview: May 2025

May 2025 proved to be a pivotal month for Information Technology standards, signaling both continuity and transformation in key digital arenas. The breadth of releases spanned from foundational interoperability layers in smart buildings to advanced security for biometrics and cryptography. Vendor neutrality, field assurance, and structured digital identity management were at the forefront, underscoring the sector’s response to increasing digitization across both public and private domains.

Compared to earlier months, May’s cadence reflects a shift towards harmonizing operational security, providing concrete frameworks for data and identity management, and accelerating digital transformation in sectors such as intelligent transportation and land administration. Collectively, these standards indicate robust support for practical implementation, regulatory compliance, and international collaboration.

Standards Published This Month

EN 50090-4-4:2025 - HBES IoT Point API

Home and Building Electronic Systems (HBES) – Part 4-4: HBES IoT Point API

EN 50090-4-4:2025 expands the Home and Building Electronic Systems framework with a standardized Internet of Things (IoT) Point API, enabling vendor-independent communication across smart home and building devices over IPv6 networks. This extension to the EN 50090 series aligns building automation with the wider landscape of smart, sustainable infrastructure, reducing vendor lock-in and paving the way for interoperable device ecosystems. The standard details the application protocol, device and resource models, bootstrapping, configuration, software updates, profiles, and security frameworks—including certificate enrollment and application-level encryption.

Organizations in residential and commercial building automation, device manufacturers, and IoT solution integrators represent the primary audience for compliance. The API’s reliance on open protocols like CoAP, CBOR, and standardized certificate management aligns with broader smart city and smart infrastructure initiatives. Noteworthy are the requirements for group communication, device identity enrollment, and concise binary data representation for efficiency in resource-constrained environments.

Key highlights:

• Enables seamless, vendor-neutral device integration for HBES on IPv6
• Details robust security lifecycle from identity enrollment to access control
• Supports scalable device configuration, interworking, and secure software updates

Access the full standard:View EN 50090-4-4:2025 on iTeh Standards

ISO/IEC TS 20540:2025 – Field Testing Cryptographic Modules

Information Security, Cybersecurity and Privacy Protection – Testing Cryptographic Modules in Their Field

ISO/IEC TS 20540:2025 equips organizations with operational guidance for specifying, validating, and field testing cryptographic modules—particularly crucial for trusted data processing environments. Building on the security ratings defined in ISO/IEC 19790:2025, this technical specification introduces a rigorous approach to assessing cryptographic modules’ effectiveness in the context of real-world deployment, spanning from low-sensitivity data to life-critical and high-value transfers.

The document targets field testers, security assurance leads, and authorizing officials in regulated sectors such as banking, government, and critical infrastructure operations. It supplies detailed procedures, competency criteria for testers, reporting requirements, and tailored checklists for each security level. While it restricts scope to module assurance (not field environment risk), it complements an organization’s holistic security posture and regulatory obligations tied to cryptographic effectiveness. Of particular relevance is the detailed treatment of key management, module configuration validation, residual vulnerabilities, and audit mechanisms.

Key highlights:

• Outlines field evaluation criteria for cryptographic modules at all four ISO/IEC 19790 security levels
• Provides comprehensive guidance, checklists, and reporting frameworks for field testing
• Supports compliance with operational and regulatory security mandates

Access the full standard:View ISO/IEC TS 20540:2025 on iTeh Standards

ISO 17419:2025 – Intelligent Transport Systems Unique Identification

Intelligent Transport Systems – Globally Unique Identification

ISO 17419:2025 presents a comprehensive, structured approach to creating and managing globally unique identifiers within Intelligent Transport Systems (ITS). The standard defines ITS-S object identifiers—facilitating both internal and external identification for ITS stations—and details usage throughout the application lifecycle, from classification and registration to secure real-time operations. Anchored in ISO 21217’s station architecture, it covers ASN.1 modules, management procedures, and the structure of a Global Cooperative Management Authority (GCMA) for robust registration and compliance.

Stakeholders in ITS design and deployment, regulatory authorities, application developers, and equipment manufacturers will find ISO 17419:2025 pivotal in supporting interoperability, regulatory accountability, and the expansion of connected infrastructure. The standard critically addresses challenges around unique addressing, registry-based management, and seamless integration across multiple jurisdictions—vital as transport networks become more automated and interconnected.

Key highlights:

• Standardizes unique ITS-S object identifiers for secure station/application management
• Sets out a global framework for registration, protocol integration, and compliance
• Specifies ASN.1 modules for identifier definition and data dictionary interoperability

Access the full standard:View ISO 17419:2025 on iTeh Standards

ISO 19152-2:2025 – Land Administration Domain Model (Part 2: Land Registration)

Geographic Information – Land Administration Domain Model (LADM) – Part 2: Land Registration

The second part of the LADM series, ISO 19152-2:2025, delivers a conceptual model for digital land registration, establishing a reference framework that supports interoperable information integration across jurisdictions and administrative systems. The standard defines core packages pertinent to parties, rights, responsibilities, restrictions (RRRs), and spatial units—including extensive terminology, class structures, and surveying sub-packages.

Mapping agencies, land registries, geospatial solution providers, urban planners, legal professionals, and government authorities are among those who will see core benefits. Notably, the model’s structure supports both formal and informal tenure practices, allowing for consistent monitoring, analysis, and comparison on national and regional scales. The model acts as a foundation for systems seeking INSPIRE alignment and integration with other geospatial standards, while expressly excluding scope-overlaps with non-land administration data systems.

Key highlights:

• Defines universal conceptual structure and data types for land registration processes
• Facilitates integration of legal, spatial, and party information across systems
• Provides a robust basis for national, regional, and cross-border land administration profiles

Access the full standard:View ISO 19152-2:2025 on iTeh Standards

ISO/IEC 18584-1:2025 – On-Card Biometric Comparison Applications

Information Technology – Test Methods for On-Card Biometric Comparison Applications – Part 1: General Principles and Specifications

ISO/IEC 18584-1:2025 lays out test conformance principles for on-card biometric comparison, focusing on applications where biometric matching is performed securely within the integrated circuit card (ICC). Building on ISO/IEC 24787-1, the standard addresses both sensor-off-card configurations and biometric system-on-card solutions, detailing required security policy adherence rather than performance benchmarking.

It sets essential requirements for national ID, banking, travel, and other secure credential applications that demand privacy-preserving, on-device matching. The emphasis is on conformance testing, defining test environments, ICC configuration profiles, security processes (such as retry counter management), and reporting structures. Whilst algorithmic performance metrics are out of scope, this standard is pivotal for vendors, test labs, and authorities seeking robust, interoperable biometric systems.

Key highlights:

• Specifies framework for conformity assessment of on-card biometric applications
• Defines security requirements for sensor-off-card and biometric system-on-card solutions
• Clarifies test case structure, outcomes, and reporting methodology for compliance

Access the full standard:View ISO/IEC 18584-1:2025 on iTeh Standards

Common Themes and Industry Trends

A clear set of themes emerged from May 2025’s Information Technology standards publications:

• Interoperability and Vendor Neutrality: Standards like EN 50090-4-4:2025 and ISO 17419:2025 emphasize frameworks that transcend vendor boundaries, guiding a move toward open ecosystems in smart buildings and intelligent mobility.
• Operational Security Assurance: ISO/IEC TS 20540:2025 and ISO/IEC 18584-1:2025 put the spotlight on robust assurance processes for both data security (cryptographic modules) and identity verification (biometrics), indicating a regulatory push for defensible, auditable controls.
• Structured Digital Transformation: ISO 19152-2:2025’s land registration model and ISO 17419:2025’s identifier architecture signal wider adoption of structured, standardized information governance underpinning key digital transformation initiatives.
• Global and Regional Alignment: Many of these standards are designed for international application, offering a foundation for compliance, cross-border interoperability, and scalable governance.

These trends mirror core industry priorities—solving complexity through standardization, mitigating risk, and fostering greater integration across legacy and digital-native systems alike.

Compliance and Implementation Considerations

For organizations and professionals impacted by these standards, practical steps include:

• Assess Applicability: Evaluate each standard’s scope versus your compliance obligations and product/service roadmap.
• Gap Analysis: Conduct a gap analysis against existing systems for security modules, device interoperability, land information systems, and biometric infrastructure.
• Prioritize Implementation: Focus initial compliance on high-risk/high-value contexts such as cryptographic field testing and digital identity (biometrics), where regulatory or customer requirements are pressing.
• Training and Policy Update: Ensure technical and operational staff are trained on new requirements and that policies/guidance align with updated standards.
• Engage with Stakeholders: Collaborate across IT, security, operations, and legal domains to ensure changes are integrated holistically—especially where standards affect cross-functional processes.
• Timeline Planning: Take advantage of the typical adoption and transition dates provided in each standard, noting that some may stipulate national adoption windows or withdrawal timelines for conflicting standards.
• Use Authoritative Resources: Leverage direct access to standards through platforms like iTeh Standards for authoritative copies, implementation guides, and updates.

Conclusion: Key Takeaways from May 2025

May 2025 brought substantive progress in Information Technology and Office Equipment standardization. From the enabling of vendor-independent smart spaces, through improved cryptographic assurance, to globally-structured digital registries in transport and land use, this period reflected real momentum toward secure, open, and agile digital ecosystems. Professionals in system integration, compliance, security, procurement, and R&D benefit by staying abreast of these standards—turning conformance into competitive advantage and risk mitigation.

We recommend reviewing each standard in detail to identify the implications for your organization. Staying current with such standards is essential to support agility, regulatory alignment, and the sustainable growth of smart, secure, and interoperable digital services.

Explore all the latest Information Technology standards and authoritative resources:Visit iTeh Standards