SIST EN 50131-3:2026

SLOVENSKI STANDARD
01-april-2026
Nadomešča:
SIST EN 50131-3:2009
Alarmni sistemi - Sistemi za javljanje vloma in ropa - 3. del: Kontrolna in
indikacijska oprema
Alarm systems - Intrusion and hold-up systems - Part 3: Control and indicating
equipment
Alarmanlagen - Einbruch- und Überfallmeldeanlagen - Teil 3: Befehls- und Meldegeräte
Systèmes d’alarme - Systèmes d’alarme contre l’intrusion et les hold-up - Partie 3:
Équipement de contrôle et de signalisation
Ta slovenski standard je istoveten z: EN 50131-3:2026
ICS:
13.310 Varstvo pred kriminalom Protection against crime
13.320 Alarmni in opozorilni sistemi Alarm and warning systems
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD EN 50131-3
NORME EUROPÉENNE
EUROPÄISCHE NORM February 2026
ICS 13.320 Supersedes EN 50131-3:2009; EN 50131-
3:2009/corrigendum Dec. 2010
English Version
Alarm systems - Intrusion and hold-up systems - Part 3: Control
and indicating equipment
Systèmes d'alarme - Systèmes d'alarme contre l'intrusion et Alarmanlagen - Einbruch- und Überfallmeldeanlagen - Teil
les hold-up - Partie 3: Équipement de contrôle et de 3: Befehls- und Meldegeräte
signalisation
This European Standard was approved by CENELEC on 2026-01-01. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Türkiye and the United Kingdom.

European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2026 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN 50131-3:2026 E
Contents Page
European foreword . 5
Introduction . 6
1 Scope . 7
2 Normative references . 7
3 Terms, definitions and abbreviations . 8
3.1 Terms and definitions . 8
3.2 Abbreviations .11
4 Equipment attributes .12
4.1 General .12
4.2 Functionality .12
5 CIE topology .12
6 Security grade .13
7 Environmental performance .13
7.1 Requirements .13
7.2 Environmental and EMC tests .13
8 Functional requirements .13
8.1 Inputs .13
8.1.1 General .13
8.1.2 Intruder detection .13
8.1.3 Hold-up device .13
8.1.4 Tamper .13
8.1.5 Fault .14
8.1.6 User input .14
8.1.7 Masking .14
8.1.8 Non-I&HAS inputs .14
8.2 Outputs .14
8.3 Operation .15
8.3.1 General .15
8.3.2 Access levels .15
8.3.3 Authorization .15
8.3.4 Setting procedures .18
8.3.5 Unsetting procedure .19
8.3.6 Restore function .19
8.3.7 Inhibit function .19
8.3.8 Isolate operation .19
8.3.9 Verification of I&HAS functions .19
8.3.10 Soak test function .20
8.3.11 Other functions .20
8.4 Processing.20
8.4.1 General .20
8.4.2 Processing of input signals or messages .20
8.4.3 Processing of user inputs .21
8.4.4 Monitoring of CIE processing.21
8.5 Indication .21
8.5.1 General .21
8.5.2 Priority of indications .22
8.6 Notification outputs .23
8.6.1 General .23
8.6.2 Other notification . 23
8.7 Tamper security (detection/protection) . 23
8.7.1 Tamper protection . 23
8.7.2 Tamper detection . 24
8.7.3 Monitoring of substitution . 25
8.8 Interconnections . 25
8.9 Timing . 26
8.10 Event recording . 26
8.10.1 General . 26
8.10.2 Event recording at the CIE . 26
8.10.3 Event recording at the ARC or other remote location . 27
8.11 Power supply . 27
9 Product documentation . 27
9.1 Installation and maintenance . 27
9.2 Operating instructions . 28
10 Marking and labelling . 29
11 Tests . 29
11.1 Test conditions . 29
11.1.1 Laboratory conditions and tolerance . 29
11.1.2 Mounting . 29
11.1.3 CIE test configuration . 30
11.1.4 Power supply . 30
11.1.5 Event log checks . 30
11.1.6 Documentation . 31
11.2 Test procedures . 31
11.2.1 Tolerances . 31
11.2.2 Wire-free devices . 31
11.3 Reduced functional test . 31
11.4 Functional tests . 32
11.4.1 Processing intruder alarm signals or messages . 32
11.4.2 Processing of hold-up signals or messages . 34
11.4.3 Processing of tamper signals or messages . 36
11.4.4 Processing of fault signals or messages. 38
11.4.5 Processing masking signals or messages . 40
11.4.6 CIE Processing in the presence of non-I&HAS inputs . 42
11.5 Access level . 43
11.5.1 Access to the functions and controls . 43
11.6 Authorization requirements . 44
11.6.1 Key tests . 44
11.6.2 Additional key tests based on key type . 45
11.6.3 Invalid authorization attempts . 47
11.7 Operational tests . 49
11.7.1 Setting procedures . 49
11.7.2 Prevention of setting and overriding of prevention of setting procedures . 51
11.7.3 The set state . 53
11.7.4 Unsetting procedures . 53
11.7.5 Setting and/or unsetting automatically at pre-determined times . 55
11.7.6 Inhibit and isolate functions . 57
11.7.7 Test functions . 58
11.7.8 Other functions . 59
11.7.9 Monitoring of CIE processing . 59
11.7.10 Availability of Indications . 60
11.8 Tamper security tests . 61
11.8.1 Verification of a basic DCC . 61
11.8.2 Tamper protection . 61
11.8.3 Tamper detection – Access to the inside of the housing. 62
11.8.4 Tamper detection – Removal from mounting . 62
11.8.5 Tamper detection – Penetration of the housing . 63
11.9 Substitution tests .64
11.9.1 Tests for monitoring of substitution of components .64
11.9.2 Tests for monitoring of substitution – Timing requirements .64
11.10 Testing of I&HAS timing performance .64
11.11 Testing for interconnections .64
11.11.1 Monitoring of interconnections .64
11.11.2 Testing of monitoring of periodic communication.65
11.11.3 Testing of verification during setting procedure.65
11.11.4 Test for security of communication .66
11.12 Event log .66
11.13 Marking and documentation .68
11.14 Environmental and EMC tests .68
Annex A (informative) CIE topology .70
Annex B (informative) Summary of timing requirements .71
Annex C (normative) Use of non-I&HAS interface (Indirect connection).72
Annex D (normative) Use of non-I&HAS interface (Direct connection) .74
Annex E (informative) Summary of function cross-references .77
Bibliography .81
European foreword
This document (EN 50131-3:2026) has been prepared by CLC/TC 79 “Alarm systems”.
The following dates are fixed:
• latest date by which this document has to be (dop) 2027-02-28
implemented at national level by publication of
an identical national standard or by
endorsement
• latest date by which the national standards (dow) 2029-02-28
conflicting with this document have to be
withdrawn
This document supersedes EN 50131-3:2009 and all of its amendments and corrigenda (if any).
— refined and aligned requirements to EN 50131-1:2006 ;
— refinement and clarification of test section;
— clarified and refined the use of distributed components with a CIE;
— Annex A has been expanded to include the topology of the CIE;
— Annex C has been re-written to expand on the use of non-I&HAS interfaces over an indirect connection;
— Annex D has been added to cover the use of non-I&HAS interfaces over a direct connection.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
Any feedback and questions on this document should be directed to the users’ national committee. A complete
listing of these bodies can be found on the CENELEC website.

As impacted by EN 50131-1:2006/A1:2009, EN 50131-1:2006/A2:2017 and EN 50131-1:2006/A3:2020.
Introduction
Repetition of definitions and requirements contained in EN 50131-1 have been eliminated from this EN 50131-3,
in order to minimize conflict in the event of changes to EN 50131-1, except where repetition is deemed essential
for the clarity of this document.
Reference has been included to various implications arising from the detector standards. Full detail of the
interconnection requirements could be the subject of a future standard.
A number of requirements are contained in this document for which a formal test procedure can only be written
by defining (and hence restricting) the technology by which the requirement is achieved. Accordingly, it has
been recognized that such functions can be tested only by agreement between manufacturer and test house,
according to documented information relating to how the required functionality has been achieved.
In Annex E a table has been included to cross reference EN 50131-1 requirements against this document and
tests.
1 Scope
This document specifies the requirements, performance criteria and testing procedures for control and indicating
equipment (CIE) intended for use in intrusion and hold-up alarm systems (I&HAS) installed in buildings. This
document also applies to CIE to be used in IAS or HAS.
The CIE can incorporate processing functions of other I&HAS components or its processing requirements can
be distributed among such components.
This document specifies the requirements for CIE installed in buildings using specific or non-specific wired
interconnections or wire-free interconnections. These requirements also apply to basic DCC which can be
installed outside of the supervised premises and mounted in indoor or outdoor environments.
Where CIE shares means of detection, interconnection, control, communication, processing and/or power
supplies with other applications, these requirements apply to I&HAS functions only.
This document specifies performance requirements for CIE at each of the four security grades identified in
EN 50131-1. Requirements are also specified for four environmental classes covering applications for indoor
and outdoor locations.
This document includes mandatory functions for all CIE for the appropriate security grade, as well as optional
functions that can additionally be provided.
This document does not cover requirements for compliance with EU regulatory Directives, such as the EMC
Directive, Low Voltage Directive, etc. except in that it specifies the equipment operating conditions for EMC
susceptibility testing as required by EN 50130-4.
NOTE 1 In this document reference to the term “I&HAS” is used throughout, except where there is specific need to
differentiate between the IAS and HAS portions of a system. The term is intended to include IAS and HAS when such
systems are installed separately.
NOTE 2 For products which integrate functions from, and which the manufacturer is claiming compliance to, several
EN 50131 standards, the requirements of this document apply as well as any additional requirements from other relevant
EN 50131 standards (e.g. a CIE with integral Warning Device is expected to meet the requirements of EN 50131-3 and
EN 50131-4).
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references, the
latest edition of the referenced document (including any amendments) applies.
EN 50130-5, Alarm systems - Part 5: Environmental test methods
EN 50131-1:2006, Alarm systems - Intrusion and hold-up systems - Part 1: System requirements
EN 50131-5-3, Alarm systems - Intrusion systems - Part 5-3: Requirements for interconnections equipment
using radio frequency techniques
EN 50131-6, Alarm systems - Intrusion and hold-up systems - Part 6: Power supplies
EN 60068-2-75, Environmental testing - Part 2-75: Tests - Test Eh: Hammer tests (IEC 60068-2-75)
EN 60529, Degrees of protection provided by enclosures (IP Code)(IEC 60529)
CLC/TS 50136-10:2022, Alarm systems - Alarm transmission systems and equipment - Part 10: Requirements
for remote access
As impacted by EN 50131-1:2006/A1:2009, EN 50131-1:2006/A2:2017 and EN 50131-1:2006/A3:2020.
3 Terms, definitions and abbreviations
3.1 Terms and definitions
For the purposes of this document, the terms and definitions given in EN 50131-1 and the following apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https://www.iso.org/obp/
— IEC Electropedia: available at https://www.electropedia.org/
3.1.1
acknowledge
action of a user to accept an indication
3.1.2
alarm point
one or more detector(s) providing a common signal or message, at the CIE or at the DCC for the purpose of
indication or processing
3.1.3
alarm signal or message
signal or message generated by an alarm point
3.1.4
distributed component of the CIE
DCC
individual component of the CIE which provides one or more mandatory functions of the CIE
EXAMPLES keypads, expanders and control panels
Note 1 to entry: The CIE may be formed by multiple DCC that are distributed within different housings.
Note 2 to entry: When viewing EN 50131-1, Ancillary Control Equipment should be interpreted as DCC.
3.1.5
basic DCC
DCC which is only used for indication, or used as a user input device that does not authenticate a user, and
access to internal elements resulting from damage to the housing could not enable the status of any part of the
I&HAS to be changed or prevent the initiation of mandatory notification
EXAMPLES:
That do meet the basic DCC criteria:
—  A prox reader which passes the details of the prox tag to the CIE or DCC for user authentication
—  A keypad which passes the key presses to the CIE or DCC for user authentication
—  A biometric reader which passes biometric information to the CIE or DCC for user authentication
That do NOT meet the basic DCC criteria:
—  A mechanical keyswitch
—  A device with inputs for connection to detectors
—  A standalone biometric reader which authenticates the user directly.
Note 1 to entry: It is permitted for a basic DCC user input device to also provide indication.
Note 2 to entry: Unless stated otherwise, the requirements for DCC apply to basic DCC.
3.1.6
biometric key
biometric characteristic of an authorized user
EXAMPLE finger print or iris recognition
3.1.7
conditioning
exposure of the Equipment Under Test (EUT) to environmental conditions in order to determine the effect of
such conditions on the EUT
3.1.8
detector
device designed to generate an alarm signal or message in response to the sensing of an abnormal condition
indicating the presence of a hazard
3.1.9
digital key
portable device containing digitally coded information used by an authorized user
EXAMPLE magnetic card, electronic token, radio fob
3.1.10
entry route facility
means to ignore signals or messages from specified detectors during unsetting for a specified time period
3.1.11
entry time
time permitted for unsetting procedure where entry route is used
3.1.12
exit route facility
means to ignore signals or messages from specified detectors during setting for a specified period
3.1.13
external power source
EPS
energy supply external to the I&HAS which may be non-continuous
EXAMPLE main power supply
Note 1 to entry:  For Type A and Type B PS only. The EPS is derived as described in EN 50131-6.
3.1.14
fail to set
condition when defined setting procedure has not been completed within a specific time so that I&HAS is left in
the “setting mode”
3.1.15
false acceptance rate
FAR
proportion of biometric verification transactions with wrongful claims of identity that are incorrectly accepted
when 1:1 comparison is performed
3.1.16
false rejection rate
FRR
proportion of biometric verification transactions with truthful claims of identity that are incorrectly denied when
1:1 comparison is performed
3.1.17
intrusion
entry into the supervised premises by an unauthorised person(s)
3.1.18
logical key
logical information used by an authorized user to gain access to restricted functions or parts of an I&HAS
EXAMPLE PIN code, or information held on magnetic card or similar, biometric key
3.1.19
mechanical key
implement relying solely on physical shape to determine its uniqueness, used by an authorized user to gain
access to restricted functions or parts of an I&HAS
EXAMPLE Metal door key
Note 1 to entry: physical item used by an authorized user
3.1.20
non-I&HAS interface
user interface which is not necessarily dedicated to the I&HAS
EXAMPLES computer, mobile device and/or application, BMS, indicator (mimic) panel
3.1.21
operating mode
one of four operating modes, i.e. set, unset, setting and unsetting
3.1.22
open by normal means
open the equipment housing following the procedure defined by the manufacturer
3.1.23
Personal Identification Number code
PIN code
code used by an authorized user (example, numeric or alphanumeric)
3.1.24
portable ACE
ACE designed to be in operation while being carried
Note 1 to entry: The concept of portable ACE is not used within this document and where EN 50131-1 refers to portable
ACE this shall be read as a Digital key and is not a DCC.
3.1.25
storage device
SD
device which stores energy
EXAMPLE a battery
3.1.26
supervised premises transceiver
SPT
ATE at the supervised premises including the interface to the AS and the interface to one or more transmission
networks and being part of one or more ATPs
[SOURCE: EN 50136-1]
3.1.27
test condition
condition of an alarm system in which the normal functions are modified for test purposes
3.1.28
user input
command generated by a deliberate user action
3.1.29
user input device
device used for user input
EXAMPLES Keypad, Prox reader, physical lock with electrical contacts
3.1.30
non-dedicated self-powered digital key
device or piece of equipment with an internal power source and with primary functions unrelated to an I&HAS,
but which nevertheless may be used to provide user authorisation via a direct communication link to an I&HAS
EXAMPLE Mobile phone (using NFC, Bluetooth)
3.1.31
dedicated self-powered digital key
device or piece of equipment with an internal power source and with functions only related to an I&HAS, which
is used to provide user authorisation via a direct communication link to an I&HAS
3.2 Abbreviations
For the purposes of this document the following abbreviations apply:
APS Alternative power source
ARC Alarm receiving centre
ATS Alarm transmission system
CIE Control and indicating equipment
DCC Distributed Component of a CIE
EPS External power source
EUT Equipment under test
FAR False acceptance rate
FRR False rejection rate
HAS Hold-up alarm system
IAS Intrusion alarm system
I&HAS Intrusion and hold-up alarm system
PIN Personal identification number
PS Power supply
SD Storage device
SPT Supervised premises transceiver
WD Warning device
4 Equipment attributes
4.1 General
CIE shall include attributes for the reception of signals and/or messages, processing the information, notification
and indication as appropriate. The detailed requirements are provided in Clause 8.
If a function is provided that is optional for a particular grade and a claim of compliance is made, it shall meet
the applicable requirements for the grade for which compliance is claimed (if any are given). If there are no
specifications for the function at the grade in question, the requirements for any higher grade (as identified by
the manufacturer) shall apply.
Compliance with this document shall be demonstrated by assessment of Clause 4 through to Clause 10 and
the application of the tests of Clause 11.
Annex D provides a cross reference between the requirements of EN 50131-1 and the requirements and tests
of this document.
CIE which include the coerciveness principle in accordance with EN 50131-1:2006, 8.8.2.2 shall comply with
the requirements, and meet the tests, of CLC/TS 50131-12.
4.2 Functionality
Functions additional to the mandatory functions specified in this document may be included in I&HAS providing
they do not influence the correct operation of the mandatory functions.
Where provided, these additional functions shall not affect compliance with the requirements of this document,
except as permitted by EN 50131-1:2006, 8.3.13.
If use of a function(s) or combination of functions within the CIE would result in the installed I&HAS not being
compliant with EN 50131-1 or being compliant at a lower security grade (e.g. function(s) reducing the security
of the I&HAS) the manufacturer shall, either:
a) detail the configuration(s) which are compliant with EN 50131-1;
or
b) detail the function(s) or combination of functions that would result in the installed I&HAS not being compliant
with EN 50131-1.
A non-I&HAS interface may be used to carry out CIE functions if the conditions specified in Annex C or D are
met. A non-I&HAS interface shall not be the only means of providing mandatory functions of the CIE.
5 CIE topology
The CIE may be in a single housing or be distributed across multiple DCCs.
If the CIE is distributed in multiple DCCs, these collectively achieve the CIE functions described in this
document.
NOTE Annex A shows an example of how DCCs combine to form the CIE.
CIE or DCC may be combined with other I&HAS components.
6 Security grade
Any CIE or DCC shall meet the relevant requirements for one of four security grades for which it is declared to
comply. The grade of a CIE shall be that of the lowest graded component. The CIE shall meet all the
requirements of that grade.
The requirements for the performance of the CIE will vary depending upon its grade. Any testing will be carried
out according to the grade declared in the CIE documentation and marking.
7 Environmental performance
7.1 Requirements
Any CIE or DCC shall be suitable for use in at least one of the environmental classes defined in EN 50131-1.
When the requirements of the four environmental classes are inadequate, due to the extreme conditions
experienced in certain geographic locations, special national conditions are given in EN 50131-1:2006,
Annex A.
7.2 Environmental and EMC tests
EN 50130-4 specifies EMC susceptibility tests relevant to I&HAS components. The operating conditions for
these tests are specified in Table 32.
EN 50130-5 describes environmental test methods relevant to I&HAS components. The tests applicable are
specified in Table 32.
NOTE Other environmental aspects, covered by EU regulatory Directives, are outside the scope of this document.
8 Functional requirements
8.1 Inputs
8.1.1 General
Depending on the grade of the CIE means shall be provided to receive signals or messages from detectors,
hold-up trigger devices and information from user input devices as specified in the following subclauses.
NOTE 1 This document does not specify details of interconnections or the format of these signals or messages. Details
of possible means of transfer of the information are included in some of the component standards within the EN 50131
series.
NOTE 2 Some system components can require up to 180 s to initialise before normal functionality is available, (e.g.
detectors).
8.1.2 Intruder detection
The CIE shall provide the means to receive signals or messages from intruder detectors.
8.1.3 Hold-up device
When a CIE provides hold-up facilities, means shall be provided to receive signals or messages from hold-up
devices.
8.1.4 Tamper
The CIE shall provide the means to receive tamper signals or messages.
8.1.5 Fault
Dependent on the grade, CIE shall include means to recognize the fault conditions as specified in
EN 50131-1:2006, Table 1 and in addition those faults shown in Table 1.
Table 1 — Recognition of additional fault conditions
Faults Grade 1 Grade 2 Grade 3 Grade 4
a
Battery change required M M M M
b
Power output fault Op Op M M
Monitoring of processing Op Op M M
M = Mandatory    Op = Optional
a
= applies to type “C” PS only as defined in EN 50131-6.
b
= see EN 50131-6
8.1.6 User input
The CIE shall provide the means for user input in order to operate the I&HAS.
EXAMPLE a keypad
8.1.7 Masking
The CIE shall provide the means to receive masking signals or messages, according to grade.
8.1.8 Non-I&HAS inputs
When a CIE receives signals or messages or other information not necessary to meet the requirements of this
document (e.g. monitoring of non-I&HAS equipment) this shall not affect the ability of the CIE to meet the
requirements of this document.
8.2 Outputs
Notification output requirements are detailed in 8.6
The CIE may need to provide output signals or messages to interface with other I&HAS components, as required
by other relevant component standards. The installation documentation shall identify which configurations are
available.
EXAMPLES
a)  indication enable for detector or other component;
b)  set/unset status information for detector, security fog device, etc.;
c)  to trigger audible or visual alarm confirmation equipment;
d)  to trigger security fog devices, etc.;
e)  to enable functional test mode of detector;
f)  to trigger remote self-test of detector or other component;
g)  to restore detectors or other devices.
If the restore involves removal of power from detectors, up to 180 s should be allowed for the detector to resume
normal operation (see EN 50131-2-series).
Output signals or messages may additionally be provided to interface to equipment outside of the I&HAS.
EXAMPLE lighting
8.3 Operation
8.3.1 General
The CIE shall provide the means necessary to enable authorized users to access the functions of the CIE.
Access to these functions shall be restricted by access levels and corresponding authorisations according to
8.3.2 and 8.3.3.
EXAMPLE by using a keypad or lock
8.3.2 Access levels
Access to the functions of a CIE shall be restricted according to the requirements of EN 50131-1:2006, 8.3.1. If
the CIE includes security functions additional to those identified in EN 50131-1:2006, Table 2 the access levels
necessary to operate those functions shall be specified by the manufacturer. Access levels for any non-security
functions shall be specified in the manufacturer’s documentation.
Access at level 3 shall be authorized by access level 2 such that:
a) access remains authorized until manually removed,
or
b) access requires authorization for each occasion it is used.
Access at level 4 shall be authorized by access level 2 and 3 for each occasion it is used.
If level 3 access is granted without level 2 authorization, as permitted by EN 50131-1:2006, 8.3.1, the internal
warning device shall be time limited, either to a fixed time quoted by the manufacturer or until silenced by the
level 3 user.
8.3.3 Authorization
8.3.3.1 Access to functions
Access to the functions of a CIE at levels 2, 3 and 4 shall be restricted as required by EN 50131-1:2006, 8.3.2.
Authorization is not required for access at level 1.
At least one of the methods in 8.3.3.2 or 8.3.3.3 shall be provided by the CIE.
Authorization shall be validated by the CIE.
If means to provide temporary authorization is provided (e.g. a PIN code valid for a limited time or valid for use
a specified number of times), details should be included in the manufacturer’s documentation.
8.3.3.2 Use of mechanical key
Where mechanical keys are used, the manufacturer shall supply sufficient information to establish the number
of differs available.
8.3.3.3 Use of logical keys
8.3.3.3.1 General
Where logical keys are used, the manufacturer shall supply sufficient information to establish the number of
differs available.
Additionally, the following apply to specific types of logical key. This does NOT restrict use of other types.
8.3.3.3.2 Use of PIN codes
Where PIN codes are used, the number of differs not available shall be identified by the manufacturer and shall
be disallowed from calculation of codes available.
Means shall be provided to prevent reading of authorization codes.
EXAMPLE Codes should not be displayed during code entry and or edit.
Entry of a code shall be completed within 60 s. If the code entry is not completed in that time, it shall be treated
as invalid in the context of 8.3.3.6.
8.3.3.3.3 Digital keys
Where a user can complete the setting or unsetting procedure from a location more than 1 m from the CIE or
DCC, digital keys used for I&HAS of grades 3 and 4 shall include means to prevent acceptance of keys copied
from intercepted data.
EXAMPLE rolling codes
Where the operation can be performed other than at the point of exit from the premises, means shall be provided
to make the “prevention of setting” and “complet
...