Providing standards, tools and services
for the automotive supply chain

Cybersecurity resources

Reference EN01

Version 3.0

Published Mar 2006

OFTP2 Implementation Guideline

The ODETTE File Transfer Protocol 2 (OFTP2) has become one of the most widely used and trusted protocols for secure information exchange over the internet.

This publication contains comprehensive technical guidelines on implementing and operating OFTP2, including use of digital certificates, archiving and integrating into existing IT infrastructures.

Developer guidelines are included for software vendors who wish to add OFTP2 functionality to their products.

Reference OP08

Version 2.6

Published Jul 2019

OFTP2 Interoperability Testing Service

Test Cases

Odette tests OFTP2 software products against established Test Cases to ensure that the software complies with the OFTP2 specification (RFC5024) and inter-operates successfully with reference implementations of OFTP2.

This document describes the tests that an OFTP2 software must successfully pass in order to obtain the certificate of "OFTP2 Tested Software" from Odette.

Reference OP09

Version 2.4

Published Jul 2019

Reference -

Version -

Published Jul 2019

Security Certificate Exchange (SCX)

This publication details Odette recommendations on establishing trust between business partners by enabling the automated exchange and renewal of digital Security Certificates and the use of a Trust Service Status List (TSL). These recommendations cover processes, interfaces and protocols for certificate exchange, trust and verification and for achieving the security levels required by business partners for data exchange processes in their commercial and product development relationships.

Reference SE01

Version 1.0

Published Jan 2009

Security and Risk Reduction (S2R)

This publication defines common security policies, measures and techniques to be implemented between partners with regards to security certificate use. The recommendations cover roles and responsibilities, common risk schema and classification of data, basic security requirements, password policies and data privacy considerations for business partners across the supply chain.

Reference SE02

Version 1.0

Published Apr 2006