iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
CEN

CEN/TR 16968:2016

(Main)

Electronic Fee Collection - Assessment of security measures for applications using Dedicated Short-Range Communication

Electronic Fee Collection - Assessment of security measures for applications using Dedicated Short-Range Communication

This Technical Report includes a threat analysis, based on ISO/TS 19299 (EFC - Security Framework), of the CEN DSRC link as used in EFC applications according to the following Standards and Technical Specification
-   EN 15509:2014,
-   ISO 12813:2015,
-   ISO 13141:2015,
-   CEN/TS 16702-1:2014.
This Technical Report contains:
-   a qualitative risk analysis in relation to the context (local tolling system, interoperable tolling environment, EETS);
-   an assessment of the current recommended or defined security algorithms and measures to identify existing and possible future security leaks;
-   an outline of potential security measures which might be added to those already defined for DSRC;
-   an analysis of effects on existing EFC systems and interoperability clusters;
-   a set of recommendations on how to revise the current standards, or proposal for new work items, with already made implementations taken into account.
The security analysis in this Technical Report applies only to Security level 1, with Access Credentials and Message authentication code, as defined in EN 15509:2014.
It is outside the scope of this Technical Report to examine Non DSRC (wired or wireless) interfaces to the OBE and RSE.

Elektronische Gebührenerhebung - Beurteilung von Sicherheitsmaßnahmen für Anwendungen mit dedizierter Nahbereichskommunikation

Perception de télépéage - Évaluation des mesures de sécurité pour les applications utilisant les communications dédiées à courte portée

Elektronsko pobiranje pristojbin - Ocena varnostnih ukrepov za aplikacije z uporabo posebne komunikacije kratkega dosega

To tehnično poročilo navaja primere, uradne dokumente in pojasnjevalno gradivo za lažje razumevanje uporabe in izvedbe vseh delov NeTEx. To bo v pomoč ponudnikom in odjemalcem sistema EPTIS, saj zagotavlja funkcionalni obseg, smernice in terminološka pojasnila, ki so potrebni za uvedbo sistema. S tem bo enostavnejša tudi formalizacija zahtev za postopke javnih naročil.

General Information

Status
Published
Publication Date
03-May-2016
ICS
35.240.60 - IT applications in transport
Technical Committee
CEN/TC 278 - Road transport and traffic telematics
Drafting Committee
CEN/TC 278/WG 1 - Electronic fee collection and access control (EFC)
Current Stage
6060 - Definitive text made available (DAV) - Publishing
Start Date
04-May-2016
Due Date
02-Jan-2017
Completion Date
04-May-2016
Ref Project
SIST-TP CEN/TR 16968:2016 - Electronic Fee Collection - Assessment of security measures for applications using Dedicated Short-Range Communication

Buy Standard

TP CEN/TR 16968:2016TP CEN/TR 16968:2016
PreviousNext
Technical report
TP CEN/TR 16968:2016
English language
45 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-september-2016
Elektronsko pobiranje pristojbin - Ocena varnostnih ukrepov za aplikacije z
uporabo posebne komunikacije kratkega dosega
Electronic Fee Collection - Assessment of security measures for applications using
Dedicated Short-Range Communication
Elektronische Gebührenerhebung - Beurteilung von Sicherheitsmaßnehmen für
Anwendungen mit dedizierter Nahbereichskommunikation
Perception de télépéage - Évaluation des mesures de sécurité pour les applications
utilisant les communications dédiées à courte portée
Ta slovenski standard je istoveten z: CEN/TR 16968:2016
ICS:
35.240.60 Uporabniške rešitve IT v IT applications in transport
prometu
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

CEN/TR 16968
TECHNICAL REPORT
RAPPORT TECHNIQUE
May 2016
TECHNISCHER BERICHT
ICS 35.240.60
English Version
Electronic Fee Collection - Assessment of security
measures for applications using Dedicated Short-Range
Communication
Elektronische Gebührenerhebung - Beurteilung von
Sicherheitsmaßnahmen für Anwendungen mit
dedizierter Nahbereichskommunikation

This Technical Report was approved by CEN on 11 April 2016. It has been drawn up by the Technical Committee CEN/TC 278.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2016 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TR 16968:2016 E
worldwide for CEN national Members.

Contents Page
European foreword . 4
Introduction . 5
1 Scope . 6
2 Terms and definitions . 6
3 Abbreviations . 9
4 Method . 10
5 Security Objectives and Functional Requirements . 13
5.1 Target of evaluation . 13
5.2 Security objectives . 14
5.2.1 Introduction . 14
5.2.2 Confidentiality . 14
5.2.3 Availability . 14
5.2.4 Accountability . 14
5.2.5 Data integrity . 14
5.3 Functional security requirements . 15
5.3.1 Introduction . 15
5.3.2 Confidentiality . 15
5.3.3 Availability . 17
5.3.4 Accountability . 18
5.3.5 Data integrity . 20
5.4 Inventory of assets . 21
5.4.1 Functional Assets . 21
5.4.2 Data Assets. 22
6 Threat analysis . 22
7 Qualitative risk analysis . 24
7.1 Introduction . 24
7.1.1 General . 24
7.1.2 Likelihood of a threat . 24
7.1.3 Impact of a threat . 25
7.1.4 Classification of Risk . 26
7.2 Risk determination . 26
7.2.1 Definition of high and low risk context . 26
7.2.2 Threat T1: Access Credentials keys can be obtained . 27
7.2.3 Threat T2: Authentication keys can be obtained . 27
7.2.4 Threat T3: OBU can be cloned . 28
7.2.5 Threat T4: OBU can be faked. 28
7.2.6 Threat T5: Authentication of OBU data can be repudiated . 29
7.2.7 Threat T6: Application data can be modified after the transaction . 29
7.2.8 Threat T7: Data in the VST is not secure . 30
7.2.9 Threat T8: DSRC Communication can be eavesdropped . 30
7.2.10 Threat T9: Correctness of application data are repudiated . 31
7.2.11 Threat T10: Master keys may be obtained from RSE . 31
7.3 Summary . 31
8 Proposals for new security measures . 32
8.1 Introduction. 32
8.2 Security measures to counter risks related to key recovery . 32
8.3 Recommended countermeasures . 34
8.4 Qualitative cost benefit analysis . 35
9 Impact of proposed countermeasures . 35
9.1 Current situation and level of fraud in existing EFC systems using CEN DSRC link . 35
9.2 EETS legislation . 36
9.3 Analysis of effects on existing EFC systems . 36
9.3.1 Affected roles . 36
9.3.2 The CEN DSRC equipment Manufacturers . 36
9.3.3 The Toll Service Providers . 37
9.3.4 The Toll Chargers . 37
10 Recommendations . 38
10.1 Add security levels and procedures to EN ISO 14906 . 38
10.2 Recommendation for other EFC standards . 39
10.3 New standards . 39
Annex A (informative) Current status of the DEA cryptographic algorithm . 40
A.1 Overview . 40
A.2 ISO/IEC 9797-1 (MAC Algorithm 1) . 40
A.3 FIPS 46 (DEA Specification – DES) . 40
A.4 ENISA recommendations . 41
Annex B (informative) Security considerations regarding DSRC in EFC Standards . 42
B.1 Security vulnerabilities in EN 15509 and EN ISO 14906 . 42
B.2 Security vulnerabilities in EN ISO 12813 (CCC) . 42
B.3 Security vulnerabilities in EN ISO 13141 (LAC) . 43
B.4 Security vulnerabilities in CEN/TS 16702-1 (SM-CC) . 43
Bibliography . 44

European foreword
This document (CEN/TR 16968:2016) has been prepared by Technical Committee CEN/TC 278
“Intelligent transport systems”, the secretariat of which is held by NEN.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent
rights.
Introduction
Security for dedicated short-range communication (DSRC) applications in the context of electronic fee
collection (EFC) has a long history in standardization. Currently the area is covered by several
standards and technical specifications, successively developed over time:
— EN ISO 14906 (Electronic fee collection - Application interface definition for dedicated short-range
communication) provides a toolbox of functions and security measures which can be used for DSRC
application.
— CEN ISO/TS 19299 (Electronic fee collection - Security framework) analyzes the threats to an EFC
system as a whole, and not specifically for the DSRC technology.
— EN ISO 12813 (Electronic fee collection - Compliance check communication for autonomous
systems) and EN ISO 13141 (Electronic fee collection - Localisation augmentation communication
for autonomous systems) mirrors the best-practice security measures of EN 15509.
— CEN/TS 16702-1 (Electronic fee collecti
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

CEN
EN ISO 14823-1:2024(Main)
Intelligent transport systems - Graphic data dictionary - Part 1: Specification (ISO 14823-1:2024)
SIST EN ISO 14823-1:2024

This document specifies a graphic data dictionary (GDD), a system of standardized codes for existing road traffic signs and pictograms used to deliver traffic and traveller information (TTI). The coding system can be used in the formation of messages within intelligent transport systems (ITS).

  • Standard
    81 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 21177:2024(Main)
Intelligent transport systems - ITS station security services for secure session establishment and authentication between trusted devices (ISO 21177:2024)
SIST EN ISO 21177:2024

This document contains specifications for a set of ITS station security services required to ensure the authenticity of the source and integrity of information exchanged between trusted entities, i.e.:
—     between devices operated as bounded secured managed entities, i.e. "ITS Station Communication Units" (ITS-SCU) and "ITS station units" (ITS-SU) as specified in ISO 21217; and
—     between ITS-SUs (composed of one or several ITS-SCUs) and external trusted entities such as sensor and control networks.
These services include the authentication and secure session establishment which are required to exchange information in a trusted and secure manner.
These services are essential for many intelligent transport system (ITS) applications and services, including time-critical safety applications, automated driving, remote management of ITS stations (ISO 24102-2), and roadside/infrastructure-related services.

  • Standard
    113 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 13141:2024(Main)
Electronic fee collection - Localization augmentation communication for autonomous systems (ISO 13141:2024)
SIST EN ISO 13141:2024

This document establishes requirements for short-range communication for the purposes of augmenting the localization in autonomous electronic fee collection (EFC) systems. Localization augmentation serves to inform on-board equipment (OBE) about geographical location and the identification of a charge object. This document specifies the provision of location and heading information and security means to protect against the manipulation of the OBE with false RSE.
The localization augmentation communication (LAC) takes place between an OBE in a vehicle and fixed RSE. This document is applicable to OBE in an autonomous mode of operation.
This document specifies attributes and functions for the purpose of localization augmentation, by making use of the dedicated short-range communications (DSRC) communication services provided by DSRC Layer 7, and makes these LAC attributes and functions available to the LAC applications at the RSE and the OBE. Attributes and functions are specified on the level of application data units (ADUs; see Figure 1).
As depicted in Figure 1, this document is applicable to:
—     the application interface definition between OBE and RSE;
—     the interface to the DSRC application layer, as specified in ISO 15628 and EN 12834;
—     the use of the DSRC stack.
The LAC is suitable for a range of short-range communication media. This document provides specific definitions regarding the CEN-DSRC stack as specified in EN 15509. Annexes C, D, E and H provide for the use of the Italian DSRC as specified in ETSI/ES 200 674-1, ISO CALM IR ARIB DSRC and WAVE DSRC.
This document contains a protocol implementation conformance statement (PICS) proforma in Annex B and transaction examples in Annex F. Annex G highlights how to use this document for the European Electronic Toll Service (EETS).
Test specifications are not within the scope of this document.

  • Standard
    45 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 12813:2024(Main)
Electronic fee collection - Compliance check communication for autonomous systems (ISO 12813:2024)
SIST EN ISO 12813:2024

This document specifies requirements for short-range communication for the purposes of compliance checking in autonomous electronic fee collecting systems. Compliance checking communication (CCC) takes place between a road vehicle's on-board equipment (OBE) and an interrogator [fixed and mobile roadside equipment (RSE) or hand-held unit] and serves to establish whether the data that are delivered by the OBE correctly reflect the road usage of the corresponding vehicle according to the rules of the pertinent toll regime.
The operator of the compliance checking interrogator is assumed to be part of the toll charging role as defined in ISO 17573-1. The CCC permits identification of the OBE, vehicle and contract, and verification of whether the driver has fulfilled their obligations and the checking status and performance of the OBE. The CCC reads, but does not write, OBE data.
This document is applicable to OBE in an autonomous mode of operation. It is not applicable to compliance checking in dedicated short-range communication (DSRC)-based charging systems.
It specifies data syntax and semantics, but not a communication sequence. All the attributes specified herein are required in any OBE claimed to be compliant with this document, even if some values are set to “not specified” in cases where a certain functionality is not present in an OBE. The interrogator is free to choose which attributes are read in the data retrieval phase, as well as the sequence in which they are read. In order to achieve compatibility with existing systems, the communication makes use of the attributes specified in ISO 17573-3 wherever useful.
The CCC is suitable for a range of short-range communication media. Specific definitions are given for the CEN-DSRC as specified in EN 15509, as well as for the use of ISO CALM IR, the Italian DSRC as specified in ETSI ES 200 674-1, ARIB DSRC, and WAVE DSRC as alternatives to the CEN-DSRC. The attributes and functions specified are for compliance checking by means of the DSRC communication services provided by DSRC application layer, with the CCC attributes and functions made available to the CCC applications at the RSE and OBE. The attributes and functions are specified on the level of application data units (ADUs).
The definition of the CCC includes:
—     the application interface between OBE and RSE (as depicted in Figure 2);
—     use of the generic DSRC application layer as specified in ISO 15628 and EN 12834;
—     CCC data type specifications given in Annex A;
—     a protocol implementation conformance statement (PICS) proforma is given in Annex B;
—     use of the CEN-DSRC stack as specified in EN 15509, or other equivalent DSRC stacks as described in Annex C, Annex D, Annex E and Annex F;
—     security services for mutual authentication of the communication partners and for signing of data (see Annex H);
In addition, an example CCC transaction is presented in Annex G and Annex I highlights how to use this document for the European Electronic Toll Service (EETS).
Test specifications are not within the scope of this document.

  • Standard
    71 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 17419:2018/A1:2024(Amendment)
Intelligent transport systems - Cooperative systems - Globally unique identification - Amendment 1: Regions of a closed polygon in a plane (ISO 17419:2018/Amd 1:2024)
SIST EN ISO 17419:2018/A1:2024
  • Amendment
    10 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 17905:2023(Main)
Intelligent transport systems - eSafety - eCall HLAP in hybrid circuit switched/packet switched network environments
SIST EN 17905:2024

In respect of 112-eCall (pan-European eCall) (operating requirements defined in EN 16072), this document defines the additional high level application protocols, procedures and processes required to provide the eCall service whilst there are still both circuit switched and packet switched wireless communication networks in operation.
NOTE    The objective of implementing the pan-European in-vehicle emergency call system (eCall) is to automate the notification of a traffic accident, wherever in Europe, with the same technical standards and the same quality of services objectives by using a PLMN (such as ETSI prime medium) which supports the European harmonized 112/E112 emergency number (TS12 ETSI TS 122 003 or IMS packet switched network) and to provide a means of manually triggering the notification of an emergency incident.

  • Standard
    21 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 16454:2023(Main)
Intelligent transport systems - ESafety - ECall end to end conformance testing
SIST EN 16454:2024

This European Standard defines the key actors in the eCall chain of service provision as:
1) In-Vehicle System (IVS)/vehicle,
2) Mobile network Operator (MNO),
3) Public safety assistance point [provider](PSAP),
in some circumstances may also involve:
4) Third Party Service Provider (TPSP),
and to provide conformance tests for actor groups 1) - 4).
NOTE Conformance tests are not appropriate nor required for vehicle occupants, although they are the recipient of the service.
This European Standard covers conformance testing (and approval) of new engineering developments, products and systems, and does not imply testing associated with individual installations in vehicles or locations.

  • Standard
    264 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 16062:2023(Main)
Intelligent transport systems - ESafety - eCall high level application requirements (HLAP) using GSM/UMTS circuit switched networks
SIST EN 16062:2023

In respect of pan-European eCall (operating requirements defined in EN 16072), this document defines the high-level application protocols, procedures and processes required to provide the eCall service using a TS12 emergency call over a circuit-switched mobile communications network.
NOTE 1   The objective of implementing the pan-European in-vehicle emergency call system (eCall) is to automate the notification of a traffic accident, wherever in Europe, with the same technical standards and the same quality of services objectives by using a PLMN (such as ETSI prime medium) which supports the European harmonized 112/E112 emergency number (TS12 ETSI TS 122 003) and to provide a means of manually triggering the notification of an emergency incident.
NOTE 2   HLAP requirements for third-party services supporting eCall can be found in EN 16102, and have been developed in conjunction with the development of this work item, and is consistent in respect of the interface to the PSAP. This deliverable makes reference to those provisions but does not duplicate them.

  • Standard
    44 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 17573-3:2023(Main)
Electronic fee collection - System architecture for vehicle-related tolling - Part 3: Data dictionary (ISO 17573-3:2023)
SIST EN ISO 17573-3:2023

This document specifies the syntax and semantics of data objects in the field of electronic fee collection (EFC). The definitions of data types and assignment of semantics are provided in accordance with the abstract syntax notation one (ASN.1) technique, as specified in ISO/IEC 8824-1. This document defines:
—     ASN.1 (data) types within the fields of EFC;
—     ASN.1 (data) types of a more general use that are used more specifically in standards related to EFC.
This document does not seek to define ASN.1 (data) types that are primarily related to other fields that operate in conjunction with EFC, such as cooperative intelligent transport systems (C-ITS), the financial sector, etc.

  • Standard
    59 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 17870:2023(Main)
Intelligent transport systems - eSafety - eCall additional data concept for equipment limitations
SIST EN 17870:2023

This document defines an additional data concept that can be transferred as the ‘optional additional data’ part of an eCall MSD, as defined in EN 15722, that can be transferred from a vehicle to a PSAP in the event of a crash or emergency via an eCall communication session.
The purpose of this document is to provide means to notify the PSAP of any limitations to the sending equipment that are endorsed by other standards, but not (immediately) apparent to the receiver. Lack of knowledge about these limitations can hamper the emergency process. This document describes an additional data concept which facilitates the inclusion of information about such limitations in a consistent and usable matter.
This document can be seen as an addendum to EN 15722; it contains as little redundancy as possible.
NOTE 1   The communications media protocols and methods for the transmission of the eCall message are not specified in this document.
NOTE 2   Additional data concepts can also be transferred, and it is advised to register any such data concepts using a data registry as defined in EN ISO 24978 [1]. See www.esafetydata.com for an example.

  • Standard
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day