# Agriculture compliance: ISO 24882, AEF 040, the Data Act & ADT

**ISO 24882, AEF Guideline 040, the EU Data Act, Ag Data Transparent, and the FSMA 204 / EUDR traceability wave all ask one thing of a connected-agriculture backend: which party is this, is it authorised, and can you prove it and shut it off?**

A backend gated by bearer tokens and shared, NAT'd egress IPs can't answer that. A routable, DANE-provable, owner-revocable IPv6 `/128` per party can. It produces the log, the attribution and the kill-switch those frameworks want as evidence, and it gives the sector's oldest promise, *farmers own their farm data*, its first checkable network fact.

## What every framework is really asking

- **Identity**: who or what is on the other end of this machine-to-cloud connection, and can a third party, including the farmer, verify it without trusting your word for it?
- **Attribution & monitoring**: what did that party do, to which destinations, and can you show a continuous record of it?
- **Response**: when one party turns hostile, can you contain it, provably and fast, and can the owner see it happened?

None of these is a logging problem. They are *identity* problems: you cannot attribute, monitor or contain an actor that has no stable, provable identity in the first place.

## The evidence: real and shipped

### A device-derived `/128` identity

Whisper derives a deterministic IPv6 `/128` from the machine's *public* SubjectPublicKeyInfo (secure element / TPM) plus the 17-character equipment PIN (and an optional implement/ECU serial): tenant-bound, DNSSEC-anchored, DANE-EE `3 1 1` pinned, RDAP-registered.

```sh
# Provision the machine/ECU identity from the key it already holds (control plane, live).
curl -sS https://graph.whisper.security/api/query \
  -H 'X-API-Key: whisper_live_xxx' \
  -H 'content-type: application/json' \
  --data '{"query":"CALL whisper.agents({op:\"connect\", args:{tier:\"wireguard\", identity_public_key:\"<base64 SPKI>\", vin:\"1AGCM82633A004352\"}}) YIELD op, ok, status, result, error RETURN op, ok, status, result, error"}'
# -> the deterministic /128 + a WireGuard config. Same key+PIN -> same /128 (idempotent).
#    A different PIN on the same tenant -> 409; a non-string identifier -> 400.
```

> `1AGCM82633A004352` is a placeholder in the familiar 17-character format; no real machine or manufacturer is implied. The `--pin` CLI flag isn't shipped yet, so machine provisioning is shown via the control-plane call above (the PIN rides in the `vin` argument), which **is** live.

### Per-`/128` egress logs

```
CALL whisper.agents({op:'logs', args:{agent:'<the /128>', kind:'conn', from:'-24h'}})
# -> per-event records: timestamp, kind (dns/conn/alloc), destination, decision, bytes

whisper logs --agent <the /128> --from -24h --kind conn
```

### One-call, owner-thrown revoke

```
CALL whisper.agents({op:'revoke', args:{agent:'<the /128>'}})
# after it runs:
dig -x <the /128> +short            # -> empty
curl -s https://whisper.online/verify-identity/<the /128>   # -> {"is_whisper_agent": false}
```

Because the act is visible in public DNS, it is the accountable form of the kill-switch agriculture already knows exists.

### The attribution graph

```sh
curl -s https://graph.whisper.security/api/query \
  -H 'X-API-Key: whisper_live_xxx' \
  --data-urlencode "q=CALL whisper.identify('185.220.101.1')"
# -> what the address is, who it belongs to, threat-intel reputation, relationships
```

The sector needs it: ransomware against food and agriculture roughly doubled in 2025 by the Food & Ag-ISAC's own count, after years in which a ransomware attack halted an equipment maker's production in planting season and an $11M ransom restarted plants behind about a fifth of US meat.

## The map, at a glance

| Framework | What it requires | Whisper evidence (shipped) |
|---|---|---|
| **ISO 24882** (DIS) | Cybersecurity engineering for agricultural machinery: monitoring, detection, response | Per-`/128` egress logs (monitoring) · attribution graph (detection) · `revoke` (response) |
| **AEF Guideline 040** | ISOBUS security principles: know what is on the bus and what it talks to | The provable `/128` counterpart to the self-declared ISOBUS `NAME`, at the IP boundary |
| **EU Data Act** | Fair, transparent, consent-bound, revocable third-party access to machine data | Each authorised party = one verifiable, revocable `/128` + a who-accessed-what record |
| **Ag Data Transparent** | Farmers own their farm data; consent-based ATP use | The per-identity access trail that makes the certification's promise checkable |
| **FSMA 204 · EUDR** | Traceability records (due 20 Jul 2028) · geolocated plots | Harvest and telemetry events attributable to a verified machine identity |

## ISO 24882: monitor, detect, respond, for ag machinery

ISO 24882 is the agricultural sector's product-cybersecurity standard, developed in ISO/TC 23/SC 19 with its DIS registered in October 2025, deliberately carrying the lineage of the automotive rules (UN R155's CSMS thinking, ISO/SAE 21434's lifecycle) into tractors, implements and their backends. We state its stage honestly: it is a DIS, not yet published, and it is precisely the right moment to build the evidence trail it will ask for.

- **Monitor**: the per-`/128` egress log is a continuous, per-party record of every destination a machine reached.
- **Detect**: the attribution graph turns a destination in that log into a verdict.
- **Respond**: `revoke` is the containment action, provable worldwide at DNS-TTL speed, thrown by the registered owner.

```
# Monitor
CALL whisper.agents({op:'logs', args:{agent:'<the machine /128>', kind:'conn', from:'-24h'}})
# Detect
curl -s https://graph.whisper.security/api/query -H 'X-API-Key: whisper_live_xxx' \
  --data-urlencode "q=CALL whisper.identify('<suspect destination>')"
# Respond
CALL whisper.agents({op:'revoke', args:{agent:'<the machine /128>'}})
```

## AEF Guideline 040: the ISOBUS security principles

AEF Guideline 040 sets out security principles for ISOBUS, the ISO 11783 implement network that rides SAE J1939 framing on CAN. Its starting observation is the one this vertical is built on: the 64-bit ISOBUS `NAME` that identifies a device on the bus is a self-declared claim, and the bus has no cryptographic way to check it.

**Whisper does not put cryptography on the bus.** What it adds is the provable counterpart at the boundary the guideline points toward: the same physical device, identified on the wire by a `/128` derived from its sealed hardware key, verifiable by anyone against the IANA root. Claim on the bus, proof on the wire.

```sh
whisper verify --trustless a6f1007b9e2d30c8.<tenant>.agents.whisper.online
# dnssec   pass   DNSSEC-root
# dane     pass   DNSSEC-root   served leaf SPKI-SHA256 == TLSA pin
```

## EU Data Act: the authorised/unauthorised line

The EU Data Act entered into force on 12 September 2025, and its access rights reach connected products squarely including farm machinery: manufacturers must open machine-generated data to the *user's* chosen third parties. That multiplies the parties touching the backend at the exact moment the sector is standardizing how to control them.

An authorised third party is one that holds a `/128` it can prove (via DANE and RDAP, keylessly, to you, to the farmer, or to a regulator) and that can be revoked in one call. A pile of interchangeable bearer tokens with 365-day refresh lifetimes cannot draw that line at all.

```sh
whisper verify --trustless <the third party's /128>
curl -s https://graph.whisper.security/api/query -H 'X-API-Key: whisper_live_xxx' \
  --data-urlencode "q=CALL whisper.identify('<the third party's /128>')"
```

## Ag Data Transparent: making the promise checkable

Ag Data Transparent is the US industry's certification for ag-data contracts: farmers own their farm data, ag tech providers use it only with consent, and certified companies display the ADT seal. What the certification cannot do, because no contract can, is prove *at the network layer* that the promise held.

Whisper is that missing layer: each provider and sanctioned consumer is one verifiable `/128`; the per-identity access log is the who-accessed-what record the consent model presupposes; and withdrawn consent has technical teeth: revoke the party's identity and the access provably ends. The EU is moving the same direction, with Agdatahub, Gaia-X-aligned data spaces and the Common European Agricultural Data Space (CEADS) all presupposing per-party, consent-bound identity.

```
CALL whisper.agents({op:'logs', args:{agent:'<the provider /128>', kind:'conn', from:'-90d'}})
CALL whisper.agents({op:'revoke', args:{agent:'<the provider /128>'}})
```

## FSMA 204 & EUDR: trustworthy origin behind the records

FDA's FSMA 204 food-traceability records come due on 20 July 2028, and the EU Deforestation Regulation requires geolocated plot coordinates behind in-scope commodities. **Whisper does not keep FSMA records and does not assess deforestation.** What it adds is the credibility of the origin data those records are built from: when the machine that produced a harvest event holds a verifiable `/128`, the record inherits a checkable fact.

```sh
curl -s https://whisper.online/verify-identity/<the harvester's /128>
# {"is_whisper_agent": true, "dane_ok": true, …}
```

## SIEM & threat-intel export

| Destination | Status |
|---|---|
| Splunk | **Shipped** |
| Microsoft Sentinel connector | **Shipped** |
| OpenCTI | **Shipped** |
| STIX 2.1 / TAXII feed · sector-ISAC sharing formats for food & agriculture | Roadmap |

Until the roadmap items land, the same records are already reachable: the exports are a convenience layer over evidence you can pull today.

## What this is (and is not)

- It is **not** your cybersecurity management system, your FSMA record-keeping, or your deforestation due diligence. It is the identity-and-attribution layer those systems consume.
- It does **not** sit on the ISOBUS/J1939 bus, in TIM functional safety, or on a drone's Remote-ID air interface.
- These platform integrations are *proposed*, not vendor-endorsed. ISO 24882's stage (DIS, October 2025) is stated as-is.

Everything described as working is checkable, today, with `dig`, `curl` and one control-plane call. Everything on the roadmap is labelled as such.

## Next

- [Equipment & ECU identity](/docs/equipment-identity): how the device-derived `/128` is computed
- [Equipment API-abuse cure](/docs/equipment-api-abuse-cure): the same identity at the API ingress
- [Agritech integrations](/docs/agritech-integrations): where the `/128` plugs into the stack

---

← [Agritech integrations](/docs/agritech-integrations) · [Agriculture recipes →](/docs/agriculture-recipes)
