Skip to main content
Jira progress: loading…

STTF™

Certification Framework Technical Specification

1. Purpose

The STTF™ Certification Framework defines how devices, gateways, platforms and audit systems can be evaluated for conformance with the Sustainability Telemetry Trust Framework™.

The framework verifies whether an implementation can produce, preserve, transmit and validate sustainability telemetry in a way that is:

  • Semantically standardized
  • Cryptographically attributable
  • Evidence-linked
  • Audit-ready
  • Suitable for sustainability reporting workflows
  • Compatible with downstream ESG, CSRD, ESRS and carbon accounting systems

STTF™ Certification does not certify the environmental performance of an organization.

It certifies the trustworthiness, traceability and interoperability of sustainability telemetry infrastructure.


2. Certification Categories

2.1. STTF Device Certified™

Applies to:

  • Energy meters
  • Water meters
  • CO₂ sensors
  • Temperature sensors
  • Humidity sensors
  • HVAC controllers
  • Industrial sensors
  • Matter-enabled devices
  • OPC-UA / BACnet / Modbus-compatible devices

Purpose:

Verify that a device can expose sustainability-relevant measurements with sufficient identity, metadata and signal compatibility.


2.2. STTF Gateway Certified™

Applies to:

  • Edge gateways
  • Z-Edge implementations
  • Industrial telemetry concentrators
  • Matter hubs
  • Building automation gateways
  • Protocol translation devices

Purpose:

Verify that a gateway can receive raw telemetry, enrich it, map it to sustainability signals, generate evidence and transmit trusted telemetry envelopes.


2.3. STTF Platform Certified™

Applies to:

  • ESG software platforms
  • Cloud telemetry platforms
  • Carbon accounting systems
  • Sustainability reporting platforms
  • Data lakes and integration platforms

Purpose:

Verify that platforms can ingest, validate, preserve and expose STTF-compliant telemetry and evidence records.


2.4. STTF Audit Certified™

Applies to:

  • Assurance portals
  • Evidence repositories
  • Auditor tools
  • Verification systems
  • Regulatory evidence platforms

Purpose:

Verify that audit systems can reconstruct telemetry lineage, inspect trust metadata, validate evidence and export audit-ready records.


3. Certification Levels

3.1. STTF Compatible™

Minimum interoperability level.

An implementation can produce or consume valid STTF envelopes.

Required Capabilities

  • Supports STTF Telemetry Envelope
  • Supports mandatory signal metadata
  • Supports organization / site / asset references
  • Supports timestamped measurement records
  • Supports schema versioning
  • Supports basic validation status

3.2. STTF Verified™

Trusted source level.

An implementation verifies identity, origin and timing.

Additional Required Capabilities

  • Device or source identity verification
  • Cryptographic signature support
  • Time synchronization validation
  • Transport security
  • Evidence ID creation
  • Basic audit events

3.3. STTF Trusted™

Enterprise-grade telemetry level.

An implementation supports trust scoring, evidence generation and traceability.

Additional Required Capabilities

  • Trust score calculation or trust score preservation
  • Signal mapping version control
  • Calibration metadata
  • Data quality flags
  • Evidence hash generation
  • Audit trail reconstruction
  • Local buffering and replay protection where applicable

3.4. STTF Assurance™

Regulatory-grade sustainability telemetry level.

An implementation supports independent assurance workflows.

Additional Required Capabilities

  • Full chain-of-custody export
  • Independent verification support
  • Evidence package generation
  • Tamper-evident audit trail
  • Retention policy support
  • Auditor access model
  • Conformance report generation

4. Core Data Objects

STTF certification is based on the following primary data objects:

  1. TelemetryEnvelope
  2. SourceIdentity
  3. SignalMetadata
  4. TrustProfile
  5. EvidenceRecord
  6. AuditTrailRecord
  7. CertificationClaim
  8. ConformanceReport

5. Telemetry Envelope

The TelemetryEnvelope is the primary transmission object.

<Snippet file="telemetry-envelope.json" showLineNumbers />

6. Required Fields by Certification Level

Field GroupCompatibleVerifiedTrustedAssurance
sttf_versionRequiredRequiredRequiredRequired
envelope_idRequiredRequiredRequiredRequired
created_atRequiredRequiredRequiredRequired
source.source_idRequiredRequiredRequiredRequired
source.protocolRequiredRequiredRequiredRequired
source.attestation_statusOptionalRequiredRequiredRequired
organization.eco_numberRequiredRequiredRequiredRequired
organization.facility_idRequiredRequiredRequiredRequired
organization.asset_idOptionalRequiredRequiredRequired
signal.signal_idRequiredRequiredRequiredRequired
signal.valueRequiredRequiredRequiredRequired
signal.unitRequiredRequiredRequiredRequired
quality.quality_flagsOptionalOptionalRequiredRequired
quality.calibration_statusOptionalOptionalRequiredRequired
trust.trust_scoreOptionalOptionalRequiredRequired
evidence.evidence_idOptionalRequiredRequiredRequired
evidence.evidence_hashOptionalOptionalRequiredRequired
audit.audit_chain_idOptionalOptionalRequiredRequired

Below is a production-ready MDX technical specification draft for the STTF™ Certification Framework.


7. Source Identity Object

source-identity-object.jsonGitHub ↗
{
"source_id": "dev_matter_8fa2f5e8",
"source_type": "device",
"manufacturer": "Example Manufacturer",
"model": "Smart Energy Meter X1",
"serial_number_hash": "sha256:9a7d...",
"protocol": "matter",
"protocol_version": "1.3",
"attestation": {
"attestation_status": "verified",
"attestation_method": "matter-dac-pai-chain",
"attestation_verified_at": "2026-06-09T10:12:00Z",
"certificate_fingerprint": "sha256:df83a..."
}
}

Accepted attestation_status Values

accepted-attestation-status-values.jsonGitHub ↗
[
"not_applicable",
"not_verified",
"pending",
"verified",
"failed",
"revoked",
"expired"
]

8. Signal Metadata Object

signal-metadata-object.jsonGitHub ↗
{
"signal_id": "energy.electricity.imported",
"signal_name": "Imported Electricity",
"signal_domain": "energy",
"signal_class": "electricity",
"value": 125.43,
"unit": "kWh",
"measurement_type": "cumulative",
"sampling_period_seconds": 300,
"source_mapping": {
"mapping_standard": "USO",
"mapping_version": "uso-0.1",
"source_path": "matter.cluster.0x0406.attribute.imported_energy"
}
}

Required Signal Principles

All certified implementations must:

  • Use stable signal identifiers
  • Preserve source mapping information
  • Declare unit of measure
  • Declare measurement type
  • Avoid embedding final carbon accounting results at device level

9. Carbon Accounting Boundary

STTF telemetry may carry carbon-accounting context, but must not claim final emissions unless certified as a calculation platform.

Permitted at Device / Gateway Level

permitted-at-device.jsonGitHub ↗
{
"carbon_context": {
"carbon_accounting_ready": true,
"calculation_required": true,
"energy_type": "electricity",
"scope_candidate": "scope_2",
"facility_country": "NO",
"grid_region": "NO1"
}
}

Not Permitted at Device Level

not-permitted-at-device.jsonGitHub ↗
{
"estimated_co2e": 2.1
}

Final emissions calculations must be performed by certified calculation systems or platforms.


10. Trust Profile Object

trust-profile-object.jsonGitHub ↗
{
"trust_score": 96,
"trust_level": "A",
"trust_method": "sttf-trust-model-v0.1",
"trust_factors": {
"source_identity": 25,
"time_integrity": 10,
"calibration_status": 15,
"signal_quality": 15,
"transport_security": 10,
"historical_consistency": 25
},
"trust_exceptions": []
}

Trust Levels

ScoreTrust LevelMeaning
95–100A+Highest trust
85–94AHigh trust
70–84BAcceptable trust
50–69CLimited trust
0–49DLow trust
N/AUUnknown / unscored

11. Evidence Record

evidence-record.jsonGitHub ↗
{
"evidence_id": "ev_01HX7M49VMW9R6KMG3ZP9E7YQC",
"evidence_type": "measurement_evidence",
"created_at": "2026-06-09T10:15:32Z",
"subject_envelope_id": "env_01HX7M3Z8F6KQ9A2P1D7C4R0TV",
"hash_algorithm": "sha256",
"evidence_hash": "sha256:6f8c9b7f4e1a3d...",
"signature": {
"signature_algorithm": "ed25519",
"signature_value": "base64:MEUCIQD...",
"signing_key_id": "key_zedge_001"
},
"storage": {
"evidence_uri": "s3://example-bucket/evidence/ev_01HX7M49.json",
"retention_policy": "7_years"
}
}

12. Audit Trail Record

audit-trail-record.jsonGitHub ↗
{
"audit_record_id": "atr_01HX7M5B2R9K7X3ZQW4K8V1N0A",
"audit_chain_id": "audit_01HX7M4KQ2VZ0S2G8X9K4A7YQF",
"timestamp": "2026-06-09T10:15:32Z",
"actor_type": "gateway",
"actor_id": "zedge_oslo_001",
"action": "signal_mapped",
"input": {
"source_path": "matter.cluster.0x0406.attribute.imported_energy"
},
"output": {
"signal_id": "energy.electricity.imported",
"unit": "kWh"
},
"rule": {
"rule_id": "map_matter_energy_imported_v1",
"rule_version": "1.0"
},
"previous_hash": "sha256:91ac...",
"record_hash": "sha256:b88e..."
}

Required Audit Events

For STTF Trusted™ and above:

  • source_registered
  • attestation_verified
  • signal_received
  • signal_mapped
  • quality_checked
  • trust_scored
  • evidence_generated
  • telemetry_published
  • telemetry_replayed, where applicable
  • configuration_changed, where applicable

13. Certification Claim

A vendor submits a CertificationClaim when applying for certification.

certification-claim.jsonGitHub ↗
{
"claim_id": "claim_01HX7M6Z3P4T2X8A9V0M1C5N7B",
"applicant": {
"organization_name": "Example Gateway Ltd",
"organization_id": "org_example_gateway",
"contact_email": "certification@example.com"
},
"product": {
"product_name": "Example Sustainability Gateway",
"product_type": "gateway",
"version": "1.2.0",
"deployment_model": "edge_gateway"
},
"certification_target": {
"category": "gateway",
"requested_level": "STTF Trusted"
},
"supported_capabilities": [
"telemetry_envelope",
"source_identity",
"signal_mapping",
"trust_scoring",
"evidence_generation",
"audit_trail"
],
"submitted_artifacts": [
"sample_telemetry_envelopes",
"evidence_records",
"audit_trail_export",
"architecture_document",
"security_document"
]
}

14. Conformance Report

conformance-report.jsonGitHub ↗
{
"report_id": "conf_01HX7M7R8Q1X5F2D9A0Z3B6C4E",
"claim_id": "claim_01HX7M6Z3P4T2X8A9V0M1C5N7B",
"tested_at": "2026-06-09T12:00:00Z",
"tested_by": "Viroway Standards Initiative",
"result": "pass",
"certification_awarded": {
"category": "gateway",
"level": "STTF Trusted",
"valid_from": "2026-06-09",
"valid_until": "2027-06-09",
"certificate_id": "sttf-gw-trusted-2026-000001"
},
"test_summary": {
"total_tests": 128,
"passed": 126,
"failed": 0,
"warnings": 2
},
"findings": [
{
"severity": "warning",
"code": "CLOCK_DRIFT_MARGIN",
"message": "Clock drift remained within limits but approached warning threshold."
}
]
}

15. Automated Verification System

The STTF Automated Verification System validates certification claims using machine-readable test suites.

15.1. Verification Stages

Submission

Schema Validation

Semantic Validation

Security Validation

Evidence Validation

Audit Reconstruction

Certification Decision

15.2. Test Categories

Test CategoryPurpose
Schema TestsValidate required JSON structure
Signal TestsValidate USO / SSSR signal compatibility
Identity TestsValidate source identity and attestation metadata
Trust TestsValidate trust score and trust factor logic
Evidence TestsValidate evidence hash and signature
Audit TestsReconstruct chain-of-custody
Resilience TestsVerify replay handling and buffering
Security TestsValidate encryption, signatures and key metadata

16. Example Automated Test Definition

example-automated-test-definition.jsonGitHub ↗
{
"test_id": "STTF-GW-TRUSTED-001",
"name": "Gateway emits valid telemetry envelope",
"category": "schema",
"required_for": ["STTF Compatible", "STTF Verified", "STTF Trusted", "STTF Assurance"],
"input": "sample_telemetry_envelope.json",
"assertions": [
{
"path": "$.sttf_version",
"operator": "exists"
},
{
"path": "$.signal.signal_id",
"operator": "matches_registry",
"registry": "SSSR"
},
{
"path": "$.signal.unit",
"operator": "exists"
}
],
"failure_severity": "critical"
}

17. Certification Decision Rules

17.1. Pass

Certification awarded when:

  • All critical tests pass
  • No unresolved high-severity failures remain
  • Required artifacts are complete
  • Evidence chain can be reconstructed

17.2. Conditional Pass

May be issued when:

  • No critical failures exist
  • Minor warnings remain
  • Remediation plan is accepted

17.3. Fail

Issued when:

  • Critical schema failures occur
  • Evidence cannot be verified
  • Audit chain cannot be reconstructed
  • Identity or signature validation fails
  • Required security controls are missing

18. Certification Validity

LevelValidity
STTF Compatible™24 months
STTF Verified™18 months
STTF Trusted™12 months
STTF Assurance™12 months

Recertification is required after:

  • Major software update
  • Firmware trust model change
  • Cryptographic subsystem change
  • Signal mapping model change
  • Evidence generation change
  • Ownership or product identity change

19. Academy Integration

Certification candidates may complete training through:

academy.ecoworld.ai

Recommended Courses

For Developers

  • STTF Fundamentals
  • Sustainability Telemetry Envelope Design
  • Signal Semantics and USO Mapping
  • Evidence Generation and Audit Trails

For Gateway Vendors

  • Z-Edge Reference Implementation
  • Device Attestation and Edge Trust
  • Gateway Certification Preparation

For ESG Platforms

  • STTF Platform Integration
  • Regulatory Telemetry Mapping
  • Carbon Accounting Data Boundaries

For Auditors

  • Evidence Review
  • Chain-of-Custody Reconstruction
  • Trust Score Interpretation
  • Assurance-Ready Telemetry

20. Reference Implementation: Z-Edge™

Z-Edge™ is the reference implementation of STTF for gateway environments.

Z-Edge demonstrates:

  • Multi-protocol telemetry ingestion
  • Signal semantic mapping
  • Trust scoring
  • Evidence generation
  • Audit trail creation
  • Secure cloud publication
  • STTF certification readiness

Z-Edge is not required for STTF certification.

Any implementation may be certified if it conforms to the STTF specification.


21. Minimum Submission Package

Applicants must submit:

minimum-submission-package.jsonGitHub ↗
{
"required_submission_package": {
"architecture_document": true,
"security_document": true,
"sample_telemetry_envelopes": true,
"sample_evidence_records": true,
"sample_audit_trail": true,
"source_identity_records": true,
"signal_mapping_table": true,
"version_manifest": true,
"known_limitations": true
}
}

22. Version Manifest

version-manifest.jsonGitHub ↗
{
"product_name": "Example Sustainability Gateway",
"product_version": "1.2.0",
"sttf_version_supported": "0.1",
"schema_versions": {
"telemetry_envelope": "0.1",
"evidence_record": "0.1",
"audit_trail_record": "0.1",
"trust_profile": "0.1"
},
"supported_protocols": [
"matter",
"mqtt",
"opcua",
"bacnet",
"modbus"
],
"supported_certification_levels": [
"STTF Compatible",
"STTF Verified",
"STTF Trusted"
]
}

23. Initial Certification Roadmap

Phase 1: Internal Draft

  • Define schemas
  • Define test suites
  • Validate against Z-Edge prototype
  • Align with USO / SSSR

Phase 2: Private Pilot

  • Test with selected gateway/device/platform partners
  • Validate automated verification
  • Produce first internal conformance reports

Phase 3: Public Candidate

  • Publish STTF specification
  • Publish certification criteria
  • Launch public documentation
  • Open partner intake

Phase 4: Formal Certification

  • Issue first STTF Certified™ badges
  • Launch certified product directory
  • Launch training and assessor pathways

24. Certification Badge Metadata

Each certified product must expose badge metadata.

certification-badge-metadata.jsonGitHub ↗
{
"certification_badge": {
"badge_name": "STTF Gateway Certified™",
"level": "STTF Trusted",
"certificate_id": "sttf-gw-trusted-2026-000001",
"issued_to": "Example Gateway Ltd",
"product_name": "Example Sustainability Gateway",
"product_version": "1.2.0",
"valid_from": "2026-06-09",
"valid_until": "2027-06-09",
"verification_url": "https://standards.viroway.org/certificates/sttf-gw-trusted-2026-000001"
}
}

25. Core Rule

STTF certification validates the integrity of sustainability telemetry infrastructure.

It does not replace:

  • Legal assurance
  • Financial audit
  • CSRD assurance
  • Carbon accounting methodology review
  • Regulatory reporting responsibility

STTF provides the technical evidence layer that makes those processes more trustworthy, automated and scalable.


© Viroway Standards Initiative 2026

STTF™ and related certification marks are trademarks of Viroway Ltd.


The following are the base technical standard behind standards.viroway.org.

JSON Schema Artifacts (stored in AWS S3):




GitHub RepoRequest for Change (RFC)