Electronic Fee Collection - Assessment of security measures for applications using Dedicated Short-Range Communication

This Technical Report includes a threat analysis, based on ISO/TS 19299 (EFC - Security Framework), of the CEN DSRC link as used in EFC applications according to the following Standards and Technical Specification
-   EN 15509:2014,
-   ISO 12813:2015,
-   ISO 13141:2015,
-   CEN/TS 16702-1:2014.
This Technical Report contains:
-   a qualitative risk analysis in relation to the context (local tolling system, interoperable tolling environment, EETS);
-   an assessment of the current recommended or defined security algorithms and measures to identify existing and possible future security leaks;
-   an outline of potential security measures which might be added to those already defined for DSRC;
-   an analysis of effects on existing EFC systems and interoperability clusters;
-   a set of recommendations on how to revise the current standards, or proposal for new work items, with already made implementations taken into account.
The security analysis in this Technical Report applies only to Security level 1, with Access Credentials and Message authentication code, as defined in EN 15509:2014.
It is outside the scope of this Technical Report to examine Non DSRC (wired or wireless) interfaces to the OBE and RSE.

Elektronische Gebührenerhebung - Beurteilung von Sicherheitsmaßnahmen für Anwendungen mit dedizierter Nahbereichskommunikation

Perception de télépéage - Évaluation des mesures de sécurité pour les applications utilisant les communications dédiées à courte portée

Elektronsko pobiranje pristojbin - Ocena varnostnih ukrepov za aplikacije z uporabo posebne komunikacije kratkega dosega

To tehnično poročilo navaja primere, uradne dokumente in pojasnjevalno gradivo za lažje razumevanje uporabe in izvedbe vseh delov NeTEx. To bo v pomoč ponudnikom in odjemalcem sistema EPTIS, saj zagotavlja funkcionalni obseg, smernice in terminološka pojasnila, ki so potrebni za uvedbo sistema. S tem bo enostavnejša tudi formalizacija zahtev za postopke javnih naročil.

General Information

Status
Published
Publication Date
03-May-2016
Current Stage
6060 - Definitive text made available (DAV) - Publishing
Start Date
04-May-2016
Due Date
02-Jan-2017
Completion Date
04-May-2016

Buy Standard

Technical report
TP CEN/TR 16968:2016
English language
45 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-september-2016
Elektronsko pobiranje pristojbin - Ocena varnostnih ukrepov za aplikacije z
uporabo posebne komunikacije kratkega dosega
Electronic Fee Collection - Assessment of security measures for applications using
Dedicated Short-Range Communication
Elektronische Gebührenerhebung - Beurteilung von Sicherheitsmaßnehmen für
Anwendungen mit dedizierter Nahbereichskommunikation
Perception de télépéage - Évaluation des mesures de sécurité pour les applications
utilisant les communications dédiées à courte portée
Ta slovenski standard je istoveten z: CEN/TR 16968:2016
ICS:
35.240.60 Uporabniške rešitve IT v IT applications in transport
prometu
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

CEN/TR 16968
TECHNICAL REPORT
RAPPORT TECHNIQUE
May 2016
TECHNISCHER BERICHT
ICS 35.240.60
English Version
Electronic Fee Collection - Assessment of security
measures for applications using Dedicated Short-Range
Communication
Elektronische Gebührenerhebung - Beurteilung von
Sicherheitsmaßnahmen für Anwendungen mit
dedizierter Nahbereichskommunikation

This Technical Report was approved by CEN on 11 April 2016. It has been drawn up by the Technical Committee CEN/TC 278.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2016 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TR 16968:2016 E
worldwide for CEN national Members.

Contents Page
European foreword . 4
Introduction . 5
1 Scope . 6
2 Terms and definitions . 6
3 Abbreviations . 9
4 Method . 10
5 Security Objectives and Functional Requirements . 13
5.1 Target of evaluation . 13
5.2 Security objectives . 14
5.2.1 Introduction . 14
5.2.2 Confidentiality . 14
5.2.3 Availability . 14
5.2.4 Accountability . 14
5.2.5 Data integrity . 14
5.3 Functional security requirements . 15
5.3.1 Introduction . 15
5.3.2 Confidentiality . 15
5.3.3 Availability . 17
5.3.4 Accountability . 18
5.3.5 Data integrity . 20
5.4 Inventory of assets . 21
5.4.1 Functional Assets . 21
5.4.2 Data Assets. 22
6 Threat analysis . 22
7 Qualitative risk analysis . 24
7.1 Introduction . 24
7.1.1 General . 24
7.1.2 Likelihood of a threat . 24
7.1.3 Impact of a threat . 25
7.1.4 Classification of Risk . 26
7.2 Risk determination . 26
7.2.1 Definition of high and low risk context . 26
7.2.2 Threat T1: Access Credentials keys can be obtained . 27
7.2.3 Threat T2: Authentication keys can be obtained . 27
7.2.4 Threat T3: OBU can be cloned . 28
7.2.5 Threat T4: OBU can be faked. 28
7.2.6 Threat T5: Authentication of OBU data can be repudiated . 29
7.2.7 Threat T6: Application data can be modified after the transaction . 29
7.2.8 Threat T7: Data in the VST is not secure . 30
7.2.9 Threat T8: DSRC Communication can be eavesdropped . 30
7.2.10 Threat T9: Correctness of application data are repudiated . 31
7.2.11 Threat T10: Master keys may be obtained from RSE . 31
7.3 Summary . 31
8 Proposals for new security measures . 32
8.1 Introduction. 32
8.2 Security measures to counter risks related to key recovery . 32
8.3 Recommended countermeasures . 34
8.4 Qualitative cost benefit analysis . 35
9 Impact of proposed countermeasures . 35
9.1 Current situation and level of fraud in existing EFC systems using CEN DSRC link . 35
9.2 EETS legislation . 36
9.3 Analysis of effects on existing EFC systems . 36
9.3.1 Affected roles . 36
9.3.2 The CEN DSRC equipment Manufacturers . 36
9.3.3 The Toll Service Providers . 37
9.3.4 The Toll Chargers . 37
10 Recommendations . 38
10.1 Add security levels and procedures to EN ISO 14906 . 38
10.2 Recommendation for other EFC standards . 39
10.3 New standards . 39
Annex A (informative) Current status of the DEA cryptographic algorithm . 40
A.1 Overview . 40
A.2 ISO/IEC 9797-1 (MAC Algorithm 1) . 40
A.3 FIPS 46 (DEA Specification – DES) . 40
A.4 ENISA recommendations . 41
Annex B (informative) Security considerations regarding DSRC in EFC Standards . 42
B.1 Security vulnerabilities in EN 15509 and EN ISO 14906 . 42
B.2 Security vulnerabilities in EN ISO 12813 (CCC) . 42
B.3 Security vulnerabilities in EN ISO 13141 (LAC) . 43
B.4 Security vulnerabilities in CEN/TS 16702-1 (SM-CC) . 43
Bibliography . 44

European foreword
This document (CEN/TR 16968:2016) has been prepared by Technical Committee CEN/TC 278
“Intelligent transport systems”, the secretariat of which is held by NEN.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent
rights.
Introduction
Security for dedicated short-range communication (DSRC) applications in the context of electronic fee
collection (EFC) has a long history in standardization. Currently the area is covered by several
standards and technical specifications, successively developed over time:
— EN ISO 14906 (Electronic fee collection - Application interface definition for dedicated short-range
communication) provides a toolbox of functions and security measures which can be used for DSRC
application.
— CEN ISO/TS 19299 (Electronic fee collection - Security framework) analyzes the threats to an EFC
system as a whole, and not specifically for the DSRC technology.
— EN ISO 12813 (Electronic fee collection - Compliance check communication for autonomous
systems) and EN ISO 13141 (Electronic fee collection - Localisation augmentation communication
for autonomous systems) mirrors the best-practice security measures of EN 15509.
— CEN/TS 16702-1 (Electronic fee collecti
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.