Cross-vendor data and protocol layer published by the WIA Standards working group. The standard exposes four PHASE documents covering the data format, API interface, protocol, and integration concerns.
Implementations declare their conformance tier in the OpenAPI document via x-wia-conformance-tier. Three tiers: Surface (self-attested), Verified (annual third-party audit), Anchored (continuous evidence package).
This standard cites only ALLOW sources per the WIA citation policy: ISO/IEC, IEEE, RFC, W3C. Schemas use JSON Schema 2020-12 and OpenAPI 3.1. Signatures use Sigstore (DSSE envelope, Rekor transparency log).
Implementations follow Semantic Versioning 2.0.0. Major version bumps require at least a 90-day overlap with the prior major version on every WIA-published reference implementation. Patch releases are editorial only.
Issues and proposals are tracked at github.com/WIA-Official/wia-standards/issues with the digital-content label. The WIA Standards working group reviews open issues at the start of every minor release cycle.
Every implementation publishes a manifest containing a stable slug, a build digest (commit SHA or container image digest), and a link to the SBOM (CycloneDX 1.5 or SPDX 2.3). The manifest is signed using Sigstore (DSSE envelope) and the signing key is rotated per the deployment policy.
Conformance evidence consists of the test vector matrix (positive + negative vectors per normative requirement), the OpenAPI document checksum, and a signed manifest. Vendors publish the evidence bundle quarterly even when no source change has occurred so that consumers can detect environmental drift.
Implementations declare an interoperability profile (single-tenant, multi-tenant, federated, air-gapped) in the manifest. Profiles are versioned with the same Semantic Versioning rules as the standard itself.
Implementations MUST report negative results with the same fidelity as positive ones. A test that is skipped without a recorded justification is treated by auditors as a failure.
Additive changes (new optional fields, new error codes) are non-breaking and require a minor version bump. Renaming or removing fields, even in error payloads, MUST trigger a major version bump and the deprecation procedure described in Annex H.
A 7-year retention window is sufficient to satisfy ISO/IEC 17065:2012 audit expectations in most jurisdictions. Some regulators require longer retention; in that case the deployment policy MUST extend the retention window rather than relying on the defaults.
Sub-second deadlines depend on synchronized clocks. NTPv4 with stratum-2 servers is sufficient for most deadlines; PTP is recommended for sites that require deterministic interlocks.
The reference implementation topologies validated by the WIA Standards working group are: single-tenant edge, multi-tenant gateway, federated mesh, and air-gapped batch. Each topology ships with reference test vectors so that implementations can validate their deployment matches the canonical pattern.
The reference test vectors and conformance package conventions described above are non-normative; the normative requirements live in the four PHASE documents under spec/. Vendors that claim WIA-conformance for this standard publish the manifest described above and verify it against the WIA Standards public registry.
εΌηδΊΊι (Hongik Ingan) β Benefit All Humanity
The simulator recognizes the following reference profiles:
The simulator assumes synchronized clocks (NTPv4 stratum-2 or PTP) and SHA-256 hash integrity checks. The manifest signing key is rotated per the deployment policy; the previous key is preserved in a published key history so that auditors can verify historical manifests.
The simulators source code is published under the same MIT license as the rest of the WIA Standards project. Bugs and feature requests are tracked at github.com/WIA-Official/wia-standards/issues with the appropriate label.
The simulator implements the structural layer of the JSON Schema 2020-12 validator. Full constraint-level validation (pattern, format, additionalProperties) is performed only by the canonical validator hosted at the WIA Standards public registry.
For technical questions: standards@wiastandards.com. For press: press@wiastandards.com. For security disclosures (responsible disclosure window 90 days): security@wiastandards.com.
Last reviewed: 2026-04-26 β WIA Standards working group