SIST EN 16312:2013

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.HOHNWURQVNHWXQJVUHJLVWULHUXQJURQLVFKH1DKEHUHLFKVNRPPXQLNDWLRQIntelligent transport systems - Automatic Vehicle and Equipment Registration (AVI/AEI) - Interoperable application profile for AVI/AEI and Electronic Register Identification using dedicated short range communication35.240.60Uporabniške rešitve IT v transportu in trgoviniIT applications in transport and tradeICS:Ta slovenski standard je istoveten z:EN 16312:2013SIST EN 16312:2013en,fr,de01-april-2013SIST EN 16312:2013SLOVENSKI
STANDARD



SIST EN 16312:2013



EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 16312
January 2013 ICS 35.240.60 English Version
Intelligent transport systems - Automatic Vehicle and Equipment Registration (AVI/AEI) - Interoperable application profile for AVI/AEI and Electronic Register Identification using dedicated short range communication
Systèmes de transport intelligents - Identification automatique des véhicules et des équipements (AVI/AEI) -Profil d'application d'interopérabilité pour AVI/AEI et identification d'enregistrement électronique en utilisant des systèmes de communication dédiés à courte portée
Intelligente Transportsysteme - Automatische Fahrzeug und Ausstattungsregistrierung (AVI/AEI) - Interoperables Anwendungsprofil für AVI/AEI und elektronische Registrierungsidentifikation unter Verwendung von dedizierter Nahbereichskommunikation This European Standard was approved by CEN on 27 October 2012.
CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same status as the official versions.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
Management Centre:
Avenue Marnix 17,
B-1000 Brussels © 2013 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN 16312:2013: ESIST EN 16312:2013



EN 16312:2013 (E) 2 Contents Page Foreword .4 Introduction .5 1 Scope .7 2 Normative references .9 3 Terms and definitions . 10 4 Abbreviations . 12 5 Conformance . 13 5.1 ERT requirements . 13 5.1.1 General . 13 5.1.2 DSRC requirements . 13 5.1.3 DSRC L7 and ERI functions . 13 5.1.4 Data requirements . 14 5.1.5 Security requirements . 14 5.1.6 ERI session requirements . 15 5.2 ERR requirements. 15 5.2.1 General . 15 5.2.2 DSRC requirements . 15 5.2.3 DSRC L7 and ERI functions . 16 5.2.4 Data requirements . 16 5.2.5 Security requirements . 16 5.2.6 ERI session requirements . 17 Annex A (normative)
Data specification . 18 A.1 General . 18 A.2 Data tables . 18 Annex B (normative)
ICS proforma . 23 B.1 General . 23 B.2 Guidance for completing the ICS proforma . 23 B.2.1 Purposes and structure . 23 B.2.2 Abbreviations and conventions . 23 B.3 Instructions for completing the ICS proforma . 25 B.4 ICS proforma for ERT . 26 B.4.1 Identification implementation . 26 B.4.2 Identification of the standard . 26 B.4.3 Global statement of conformance . 26 B.4.4 ICS proforma for ERT . 27 B.4.5 Profile requirement list for ERT . 28 B.5 ICS proforma for ERR . 32 B.5.1 Identification implementation . 32 B.5.2 Identification of the standard . 32 B.5.3 Global statement of conformance . 32 B.5.4 ICS proforma for ERR . 33 B.5.5 Profile requirement list for ERR . 34 Annex C (normative)
IAP taxonomy and numbering for AVI/AEI . 38 C.1 General . 38 C.2 Contents of an Interoperable Application Profile (IAP) . 38 C.3 IAP referencing and numbering . 39 C.3.1 IAP numbering . 39 SIST EN 16312:2013



EN 16312:2013 (E) 3 C.3.2 Security levels numbering . 39 C.3.3 Numbering and referencing examples . 39 Annex D (informative)
Security computation examples . 40 D.1 General . 40 D.2 Computation of Attribute Authenticator . 40 D.3 Computation of Access Credentials . 41 D.4 Key derivation . 42 D.4.1 Authenticator Key . 42 D.4.2 Access Key . 42 Annex E (informative)
Security considerations . 43 E.1 General . 43 E.2 Specific security recommendations . 43 Annex F (informative)
Using this European Standard for other DSRC-based transactions . 45 F.1 General . 45 F.2 Specific purposes for data attributes and the transactions . 45 F.2.1 Access control applications . 45 F.2.2 Private freight management applications . 45 F.2.3 Simple traffic management applications . 45 F.2.4 Dangerous good tracking application . 45 Bibliography . 46
SIST EN 16312:2013



EN 16312:2013 (E) 4 Foreword This document (EN 16312:2013) has been prepared by Technical Committee CEN/TC 278 “Road transport and traffic telematics”, the secretariat of which is held by NEN. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by July 2013, and conflicting national standards shall be withdrawn at the latest by July 2013. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent rights. This draft European Standard defines an Application Profile based on a set of base standards according to the concept of "International Standardised Profiles (ISP)" as defined in ISO/IEC TR 10000-1. The objective is to support technical interoperability between AVI/AEI DSRC-based systems. The principles of Application Profiling and relations to underlying base standards are defined in the Introduction. According to the CEN/CENELEC Internal Regulations, the national standards organisations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.
SIST EN 16312:2013



EN 16312:2013 (E) 5 Introduction CEN/TC 278 has produced a set of standards that supports interoperable automatic vehicle identification and automatic equipment identification using dedicated short-range communication (DSRC)-based systems (e.g. EN ISO 17264:2009, a “toolbox” for defining automatic vehicle identification and automatic equipment identification (AVI/AEI)-application transactions). However, these standards are necessary but not sufficient to ensure technical interoperability. This European Standard provides for a coherent set of requirements of the AVI/AEI-application intended to serve as a common technical platform for AVI/AEI-interoperability.
This European Standard defines an Interoperable Application Profile for AVI/AEI and electronic registration identification (ERI) using CEN DSRC-. The main objective is to support technical interoperability between ERI systems within the scope of the standard (as defined in Clause 1 below). This includes equipment compatibility between equipment suppliers and technical compatibility between different AVI/AEI systems compliant with this standard. This Standard is based on AVI/AEI standards such as ISO 14816, ISO 17264 and ISO 24534. Therefore, this Interoperable Application Profile enables other AVI/AEI application implementations to use the elements of this Standard as a basis for technical interoperability. In order to enable multipurpose equipment where AVI/AEI applications share resources with other applications such as EFC, this standard is patterned on EN 15509:2007, which is the interoperability application profile for EFC over CEN DSRC. This ensures that the AVI/AEI application implementations feature equivalent services as EFC.
This European Standard only defines a basic level of technical interoperability for ERI equipment, i.e. Electronic Registration Tag (ERT) and ERI Reader/Writer (ERR) using DSRC. It does not provide a full solution for interoperability, and it does not define other parts of the EFC-system, other services, other technologies and non-technical elements of interoperability. Although there are already numerous existing base standards and specifications, there are specific needs that motivate this Interoperable Application Profile standard. This standard:  defines the necessary and sufficient -DSRC requirements to support technical interoperability;  enables multi-application equipment;  fulfils the necessary additional DSRC-requirements;  provides a choice of data elements including vehicle data;  gives an extended definition of the use of some data elements, including semantics and coding;  lays down clear choices for security implementation;  facilitates a complementing test specification (with clear relations between the conformance requirements; and evaluation tests);  provides good support for procurements.
The Application Profile is described using the concept of "International Standardised Profiles (ISP)" as defined in ISO/IEC TR 10000-1. The ISP-concept is specifically suited for defining interoperability specifications where a set of base standards can be used in different ways. This is exactly the case in AVI/AEI, where a set of toolbox base standards allows for different choices that are not interoperable. The principles of the ISP-concept can be summarised as follows: SIST EN 16312:2013



EN 16312:2013 (E) 6  an ISP shall make references only to base standards or other ISPs;  the profile shall restrict the choice of base standard options to the extent necessary to maximize the probability of interoperability (e.g. chosen classes, conforming subsets, options and parameter values of base standards);  the ISP shall not copy content of the base standards (in order to void consistency problems with the base standards);  the profile shall not specify any requirements that would contradict or cause non-conformance to the base standards;  the profile may contain conformance requirements that are more specific and limited in scope than those of the base standards;  conformance to a profile implies by definition conformance to a set of base standards, whereas conformance to that set of base standards does not necessarily imply conformance to the profile. On this background, this Standard uses the structure and approach of existing IAP definitions, such as EN 15509:2007, made by other ITS application working groups. The Interoperable Application Profile is defined in terms of conformance requirements as given in Clause 5. To facilitate easy referencing, testing and look-up, these requirements are divided into two parts; Electronic Registration Tag (ERT) requirements (5.1) and ERI Reader/Writer (ERR) requirements (5.2). In addition, the standard also includes various annexes that provide further detailed specifications as well as background, motivation and examples for the conformance requirements. The intention is that these enhance readability and understanding of the standard. This European Standard is complemented by a set of standards defining Conformity Evaluation of the Conformance Requirements for Layer 1, Layer 2 and Layer 7 of the CEN DSRC Stack and elements of the application definition in this European Standard, patterned on EN 15509:2007. SIST EN 16312:2013



EN 16312:2013 (E) 7 1 Scope The scope for this European Standard is limited to:  physical systems: ERT, ERR and the DSRC interface between them (all functions and information flows related to these parts);  DSRC-link requirements;  ERI session over the DSRC interface;  data elements to be used by ERT and ERR used in ERI session;  security mechanisms for ERT and ERR used in ERI session.
Figure 1 — Scope for this European Standard
It is outside the scope of this European Standard to define:  contractual and procedural interoperability requirements;  provisions for electronic payments such as EFC;  conformance procedures and test specification;  setting-up of operating organisations (e.g. application service provider, issuing, trusted third party etc.); SIST EN 16312:2013



EN 16312:2013 (E) 8  legal issues;  use of other communication technologies (e.g. RFID such as ISO 18000 series); and  other interfaces or functions in ERI-systems than those specified above (i.e. information flows and data exchange between ERI Application providers or personalisation, initialisation and customisation of the OBU). Some of these issues are subject to separate standards prepared by CEN/TC 278, ISO/TC 204 or ETSI ERM. The following figure shows the scope of this European Standard from a DSRC-stack perspective.
Figure 2 — Relations between this European Standard and DSRC-stack elements
NOTE For interlayer management, see EN 15509:2007, Annex G. This European Standard defines an Application Profile based on the ISP-concept. The base standards that this Application Profile is based upon are:  EN ISO 14906:2011 and ISO 17264:2009 on ERI application interface definition for DSRC (this implies indirect references to EN ISO 14816 on Numbering and data structures);  EN 12834: on DSRC application layer (L7);  EN 13372 on DSRC profiles (this implies indirect references to the DSRC L1, L2 and L7 standards:
EN 12253, EN 12795 and EN 12834);  EN 15509:2007: Interoperable Application Profile for EFC using CEN DSRC;  ISO 24534 on ERI application. SIST EN 16312:2013



EN 16312:2013 (E) 9
Figure 3 — Relation and references between base standards and EN 16312 (this European Standard)
2 Normative references The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. EN 12834, Road transport and traffic telematics — Dedicated Short Range Communication (DSRC) — DSRC application layer EN 13372, Road Transport and Traffic Telematics (RTTT) — Dedicated short-range communication — Profiles for RTTT applications EN 15509:2007, Road transport and traffic telematics — Electronic fee collection — Interoperability application profile for DSRC EN ISO 14816, Road transport and traffic telematics — Automatic vehicle and equipment identification — Numbering and data structure (ISO 14816) EN ISO 14906:2011, Electronic fee collection — Application interface definition for dedicated short-range communication (ISO 14906:2011:2011) EN ISO 17264:2009, Intelligent transport systems - Automatic vehicle and equipment identification — Interfaces (ISO 17264:2009) ISO/IEC 9646-7, Information technology — Open Systems Interconnection — Conformance testing methodology and framework — Part 7: Implementation Conformance Statements SIST EN 16312:2013



EN 16312:2013 (E) 10 3 Terms and definitions For the purposes of this document, the following terms and definitions apply. 3.1 access credentials data that is transferred to Electronic Registration Tag (ERT), in order to establish the claimed identity of a ERI Reader/Writer (ERR) application process entity
Note 1 to entry: The access credentials carry information needed to fulfil access conditions in order to perform the operation on the addressed element in the OBE. The access credentials can carry passwords as well as cryptographic based information such as authenticators. [SOURCE: EN ISO 14906:2011, definition 3.1] 3.2 action function that an application process resident at the ERI Reader/Writer can invoke in order to make the on-board equipment execute a specific operation during the transaction [SOURCE: adapted from EN ISO 14906:2011, definition 3.2]
3.3 attribute application information formed by one or by a sequence of data elements, and is managed by different actions used for implementation of a transaction
[SOURCE: EN ISO 14906:2011, definition 3.3] 3.4 authenticator data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and/or the integrity of the data unit and protect against forgery
[SOURCE: EN ISO 14906:2011, definition 3.4] 3.5 AVI/AEI attribute an attribute specifically defined for the AVI/AEI application [SOURCE: adapted from ISO 17264:2009, definition 4.3] 3.6 base standard an approved international standard or ITU-T Recommendation
[SOURCE: ISO/IEC TR 10000:1998] 3.7 CEN DSRC profile a set of parameters constituting a certain international standardised profile of the DSRC protocol stack (L1, L2 and L7) [SOURCE: EN 13374] SIST EN 16312:2013



EN 16312:2013 (E) 11 3.8 cryptography discipline which embodies principles, means, and methods for the transformation of data in order to hide its information content, prevent its undetected modification and/or prevent its unauthorised use
[SOURCE: EN ISO 14906:2011, definition 3.8] 3.9 data group collection of closely related ERI data attributes which together describe a distinct part of an ERI transaction
[SOURCE: adapted from EN ISO 14906:2011:2011, definition 3.9] 3.10 data integrity property that data has not been altered or destroyed in an unauthorised manner
[SOURCE: EN ISO 14906:2011, definition 3.10] 3.11 Electronic Registration Reader / Writer ERR
device used to read/write data from or to an ‘Electronic Registration Tag’ [SOURCE: ISO 24534-1:2010, definition 2.7] 3.12 ERI Operator
entity responsible for facilitating the ERR for a defined purpose 3.13 Electronic Registration Tag ERT
onboard ERI device that contains the ERI data, including relevant secuirty promisions and one or more interfaces to access that data [SOURCE: ISO 24534-1:2010, definition 2.8] 3.14 element in the context of DSRC, a directory containing application information in form of attributes
[SOURCE: adapted from EN ISO 14906:2011, definition 3.11] 3.15 international standardised profile an internationally agreed-to, harmonised document which describes one or more profiles
[SOURCE: ISO/IEC TR 10000:1998] 3.16 interoperability the ability of two or more IT systems to exchange information and to make mutual use of the information that has been exchanged [SOURCE: ISO/IEC TR 10000:1998] SIST EN 16312:2013



EN 16312:2013 (E) 12 3.17 ERI application provider
entity responsible for issuing the ERI application including personalisation of mandatory AVI/AEI attributes in the ERT 3.18 profile a set of one or more base standards and/or ISP, and where applicable, the identification of chosen classes, conforming subsets, options and parameters of those base standards, or ISPs necessary to accomplish a particular function [SOURCE: ISO/IEC TR 10000:1998] 3.19 ERI session an instance of a ’Vehicle Identification’ using a harmonised air interface protocol known as ‘CEN DSRC profile’, using a distinct set of ‘AVI/AEI attributes’, retrieved by ‘service primitives (communication)’ and ‘security mechanisms’ defined in Annex B of this Standard 3.20 session counter
data value in the on-board unit that is incremented by the ERI Reader/Writer at each ERI session 3.21 user vehicle/equipment or person carrying the OBE though the point of identification with the objective of unambiguous identification of the OBE being carried [SOURCE: EN ISO 14814:2006, definition 3.28] 3.22 vehicle identification
action or act of establishing the identity of a vehicle [SOURCE: EN ISO 24534-1:2010, definition 2.15] 4 Abbreviations For the purpose of this document, the following abbreviations apply throughout the document unless otherwise specified. AcK
Access Key AC_CR
Access Credentials
[EN ISO 14906:2011] ADU
Application Data Unit [EN ISO 14906:2011] APDU
Application Protocol Data Unit [EN ISO 14906:2011] AP
Application Process [EN ISO 14906:2011] ASN.1
Abstract Syntax Notation One [ISO/IEC 8824-1:2008] AuK
AuKEY BST
Beacon Service Table [EN ISO 14906:2011] SIST EN 16312:2013



EN 16312:2013 (E) 13 DEA
Data Encryption Algorithm DES
Data Encryption Standard DSRC
Dedicated Short-Range Communication [EN ISO 14906:2011] e [key] (value) encryption of the value using the key [EN 15509:2007] ede [key] (value) chained encryption, decryption and encryption of the value using the key [EN 15509:2007] EID
Element Identifier [EN ISO 14906:2011] ERI
Electronic Registration Identification [EN ISO 24534-1:2010] IAP
Interoperable Application Profile [EN 15509:2007] ICS
Implementation Conformance Statement [ISO/IEC TR 10000:1998] ISP
International Standardised Profile [ISO/IEC TR 10000:1998] IUT
Implementaton Under Test [CEN ISO/TS 14907-1:2010] L1
Layer 1 of DSRC (Physical Layer) [EN ISO 14906:2011] L2
Layer 2 of DSRC (Physical Layer) [EN ISO 14906:2011] L7
Layer 7 of DSRC (Application Layer Core of DSRC) [EN ISO 14906:2011] LLC
Logical Link Control [EN ISO 14906:2011] LID
Logical Link Control identifier [EN ISO 14906:2011] MAC
Media Access Control [EN ISO 14906:2011] T-APDU
Transfer-Application Protocol Data Unit [EN ISO 14906:2011] VST
Vehicle Service Table [EN ISO 14906:2011] 5 Conformance 5.1 ERT requirements 5.1.1 General This clause contains the normative conformance requirements on the ERT in terms of OBU requirements from the base standards. 5.1.2 DSRC requirements The ERT shall comply with EN 15509:2007, 5.1.2. 5.1.3 DSRC L7 and ERI functions The ERT shall comply with EN 15509:2007, 5.1.3.
SIST EN 16312:2013



EN 16312:2013 (E) 14 NOTE EN 15509:2007, 5.1.3 requires the implementation of the GET_STAMPED and SET_MMI commands. According to EN ISO 14906:2011, Container t
...