This ETS defines the Terrestrial Trunked Radio system (TETRA) Direct Mode of operation. It specifies the basic Air Interface (AI)@ the interworking between Direct Mode Groups via Repeaters@ and interworking with the TETRA trunked system via Gateways. It also specifies the security aspects in TETRA Direct Mode@ and the intrinsic services that are supported in addition to the basic bearer and teleservices. This part describes the security mechanisms in TETRA Direct Mode. It provides mechanisms for confidentiality of control signalling and user speech and data at the AI. - Clause 4 describes the general condition for which security of calls at the AI can be met. This introduces conditions that all other clauses must follow. - Clause 5 describes authentication mechanisms for direct mode. The differences between peer-topeer authentication mechanisms and client-server authentication mechanisms are covered by this clause as are the principles of operation in gateway mode. - Clause 6 describes the confidentiality mechanisms using encryption on the AI@ for circuit mode speech@ circuit mode data@ packet (short) data and control information. This clause then details the protocol concerning control of encryption at the AI. The use of AI encryption gives confidentiality protection against eavesdropping only. The addition of a synchronized time variant initialization value for the encryption algorithm gives a restrictive degree of replay protection. - Clause 7 describes the key management mechanism@ and includes a description of the OTAR mechanism and protocol. - Clause 8 describes the enable/disable mechanism and includes a description of the protocol. - Clause 9 describes the mechanism to be used to support end-to-end encryption using synchronous stream cipher units for U-plane traffic by means of a frame stealing device for synchronization of the units. - Annex A defines the mapping of protocols in TETRA V+D Security to those of DMO Security for each of OTAR and Enable/Disable.