Communication systems for meters - Part 7: Transport and security services

This draft European Standard specifies Transport and Security Services for communication systems for meters and remote reading of meters.
This draft European Standard specifies secure communication capabilities by design and supports the building of a secure system architecture.
This draft European standard is applicable to the protection of consumer data to ensure privacy.
This draft European Standard is intended to be used with the lower layer specifications determined in EN 13757-2, EN 13757-3, EN 13757-4, EN 13757-5 and EN 13757-6.

Kommunikationssysteme für Zähler - Teil 7: Transport- und Sicherheitsdienste

Systèmes de communication pour compteurs - Partie 7 : Services de transport et de sécurité

La présente Norme européenne spécifie les services de transport et de sécurité pour les systèmes de communication pour compteurs.
La présente Norme européenne spécifie des fonctionnalités de communication sécurisées par conception et supporte la réalisation d’une architecture de systèmes sécurisés.
La présente Norme européenne s’applique à la protection des données relatives aux consommateurs afin d’assurer la confidentialité.
La présente Norme européenne est destinée à être utilisée avec les spécifications relatives aux couches inférieures déterminées dans les normes EN 13757 2, EN 13757 3, EN 13757 4, EN 13757 5 et EN 13757 6.

Komunikacijski sistemi za merilnike - 7. del: Prevoz in varnostne službe

Ta osnutek evropskega standarda določa transportne in varnostne storitve za komunikacijske sisteme za merilnike in oddaljeno odbiranje merilnikov.
Ta osnutek evropskega standarda določa zasnovo z zmožnostjo zagotavljanja varne komunikacije in podpira izgradnjo sistema z varno arhitekturo.
Ta osnutek evropskega standarda se uporablja za zaščito potrošniških podatkov za ohranjanje zasebnosti.
Ta osnutek evropskega standarda je namenjen uporabi v povezavi s specifikacijami spodnje plasti, ki so določene v standardih EN 13757-2, EN 13757-3, EN 13757-4, EN 13757-5 in EN 13757-6.

General Information

Status
Published
Public Enquiry End Date
30-Sep-2016
Publication Date
18-Apr-2018
Technical Committee
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
12-Apr-2018
Due Date
17-Jun-2018
Completion Date
19-Apr-2018

Relations

Buy Standard

Standard
EN 13757-7:2018
English language
91 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Draft
prEN 13757-7:2016
English language
81 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Komunikacijski sistemi za merilnike - 7. del: Prevoz in varnostne službeKommunikationssysteme für Zähler - Teil 7: Transport- und SicherheitsdiensteSystèmes de communication pour compteurs - Partie 7 : Services de transport et de sécuritéCommunication systems for meters - Part 7: Transport and security services35.100.20Podatkovni povezovalni slojData link layer35.100.10Physical layer33.200Daljinsko krmiljenje, daljinske meritve (telemetrija)Telecontrol. TelemeteringICS:Ta slovenski standard je istoveten z:EN 13757-7:2018SIST EN 13757-7:2018en,fr,de01-junij-2018SIST EN 13757-7:2018SLOVENSKI
STANDARDSIST EN 13757-3:20131DGRPHãþD



SIST EN 13757-7:2018



EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 13757-7
April
t r s z ICS
u uä t r râ
u wä s r rä s râ
u wä s r rä t r Supersedes EN
s u y w yæ uã t r s uEnglish Version
Communication systems for meters æ Part
yã Transport and security services Systèmes de communication pour compteurs æ Partie
y ã Services de transport et de sécurité
Kommunikationssysteme für Zähler æ Teil
yã Transportæ und Sicherheitsdienste This European Standard was approved by CEN on
z February
t r s zä
egulations which stipulate the conditions for giving this European Standard the status of a national standard without any alterationä Upætoædate lists and bibliographical references concerning such national standards may be obtained on application to the CENæCENELEC Management Centre or to any CEN memberä
translation under the responsibility of a CEN member into its own language and notified to the CENæCENELEC Management Centre has the same status as the official versionsä
CEN members are the national standards bodies of Austriaá Belgiumá Bulgariaá Croatiaá Cyprusá Czech Republicá Denmarká Estoniaá Finlandá Former Yugoslav Republic of Macedoniaá Franceá Germanyá Greeceá Hungaryá Icelandá Irelandá Italyá Latviaá Lithuaniaá Luxembourgá Maltaá Netherlandsá Norwayá Polandá Portugalá Romaniaá Serbiaá Slovakiaá Sloveniaá Spainá Swedená Switzerlandá Turkey and United Kingdomä
EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre:
Rue de la Science 23,
B-1040 Brussels
9
t r s z CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Membersä Refä Noä EN
s u y w yæ yã t r s z ESIST EN 13757-7:2018



EN 13757-7:2018 (E) 2 Contents Page
European foreword . 5 Introduction . 7 1 Scope . 9 2 Normative references . 9 3 Terms and definitions . 10 4 Abbreviations and symbols . 12 4.1 Abbreviations . 12 4.2 Symbols . 14 5 Layer model . 14 5.1 M-Bus Layers . 14 5.2 The CI-field principle . 15 6 Authentication and Fragmentation Sublayer (AFL) . 19 6.1 Introduction . 19 6.2 Overview of the AFL-Structure . 20 6.3 Components of the AFL. 21 6.3.1 AFL Length Field (AFL.AFLL) . 21 6.3.2 AFL Fragmentation Control Field (AFL.FCL) . 21 6.3.3 AFL Message Control Field (AFL.MCL) . 22 6.3.4 AFL Key Information-Field (AFL.KI) . 23 6.3.5 AFL Message counter field (AFL.MCR) . 23 6.3.6 AFL MAC-field (AFL.MAC) . 24 6.3.7 AFL Message Length Field (AFL.ML) . 24 7 Transport Layer (TPL) . 24 7.1 Introduction . 24 7.2 Structure of none TPL header . 25 7.3 Structure of short TPL header . 25 7.4 Structure of long TPL header . 25 7.5 CI-field dependent elements . 25 7.5.1 Identification number . 25 7.5.2 Manufacturer identification . 26 7.5.3 Version identification . 26 7.5.4 Device type identification . 26 7.5.5 Access number . 28 7.5.6 Status byte in meter messages . 30 7.5.7 Status byte in partner messages . 31 7.5.8 Configuration field . 32 7.6 Configuration field dependent structure. 33 7.6.1 General . 33 7.6.2 Configuration field extension . 34 7.6.3 Optional TPL-header fields . 34 7.6.4 Optional TPL Trailer fields . 34 7.6.5 Partial encryption . 34 SIST EN 13757-7:2018



EN 13757-7:2018 (E) 3 7.7 Security mode specific TPL-fields . 34 7.7.1 Shared subfields of configuration field and configuration field extension . 34 7.7.2 Configuration field of Security mode 0 . 37 7.7.3 Configuration field of Security modes 2 and 3 . 38 7.7.4 Configuration field of Security mode 5 . 39 7.7.5 Configuration field of Security mode 7 . 40 7.7.6 Configuration field of Security mode 8 . 41 7.7.7 Configuration field of Security mode 9 . 44 7.7.8 Configuration field of Security mode 10 . 46 8 Management of lower layers . 48 8.1 General . 48 8.2 Switching baud rate for M-Bus Link Layer according to EN 13757-2 . 48 8.3 Address structure if used together with the wireless Data Link Layer according to EN 13757-4 . 48 8.4 Selection and secondary addressing . 48 8.5 Generalized selection procedure . 49 8.6 Searching for installed slaves . 50 8.6.1 Primary addresses . 50 8.6.2 Secondary addresses . 50 8.6.3 Wildcard searching procedure . 50 9 Security Services . 51 9.1 General . 51 9.2 Message counter. 52 9.2.1 Overview . 52 9.2.2 Message counter CM transmitted by the meter . 52 9.2.3 Message counter CCP transmitted by the communication partner . 53 9.2.4 Message counter C’CP received by the meter . 53 9.2.5 Message counter C’M and C”M received by the communication partner . 53 9.3 Authentication methods in the AFL . 54 9.3.1 Overview . 54 9.3.2 Authentication method AES-CMAC-128 . 54 9.3.3 Authentication method AES-GMAC-128 . 54 9.4 Encryption and Authentication methods in the TPL . 55 9.4.1 Overview about TPL-Security mechanisms. 55 9.4.2 Manufacturer specific Security mechanism (Security mode 1) . 57 9.4.3 Security mechanism DES-CBC (Security mode 2 and 3) . 57 9.4.4 Security mechanism AES-CBC-128 (Security mode 5) . 58 9.4.5 Security mechanism AES-CBC-128 (Security mode 7) . 59 9.4.6 Security mechanism AES-CTR-128 (Security mode 8) . 59 9.4.7 Security mechanism AES-GCM-128 (Security mode 9) . 61 9.4.8 Security mechanism AES-CCM-128 (Security mode 10) . 64 9.5 Reaction to security failure . 66 9.6 Key derivation. 67 9.6.1 General . 67 9.6.2 Key derivation function A . 67 9.7 Key Exchange . 68 Annex A (normative)
Security Information Transfer Protocol . 69 A.1 Introduction. 69 A.2 SITP Services . 69 A.2.1 Transfer security information . 69 SIST EN 13757-7:2018



EN 13757-7:2018 (E) 4 A.2.2 Activate security information . 70 A.2.3 Deactivate security information . 70 A.2.4 Destroy security information . 70 A.2.5 Combined activation/deactivation of security information . 70 A.2.6 Generate security information . 70 A.2.7 Get security information . 70 A.2.8 Get list of all key information . 70 A.2.9 Get list of active key information . 70 A.2.10 Transfer end to end secured application data . 70 A.3 CI-Fields . 71 A.4 SITP structure . 71 A.5 Block Control Field . 71 A.6 Block parameters . 72 A.7 Overview about Data Structures / Mechanisms. 73 A.8 Data structures for Security Information . 74 A.8.1 General . 74 A.8.2 Data Structure 00h. 75 A.8.3 Data Structure 01h. 75 A.8.4 Data Structure 02h. 75 A.8.5 Data Structure 03h . 76 A.8.6 Data Structure 20h . 77 A.8.7 Data Structure 21h . 77 A.8.8 Data Structure 22h . 78 A.9 Data structures for secured application data . 79 A.9.1 General . 79 A.9.2 Data Structure 30h — AES Key-Wrap . 80 A.9.3 Data Structure 31h — HMAC-SHA256. 81 A.9.4 Data Structure 32h and 33h — CMAC . 82 A.9.5 Data Structure 34h — AES-GCM . 82 A.9.6 Data Structure 35h — AES-GMAC . 84 A.9.7 Data Structure 36h and 37h — AES-CCM . 85 Annex B (informative)
Message counter example. 87 Bibliography . 91
SIST EN 13757-7:2018



EN 13757-7:2018 (E) 5 European foreword This document (EN 13757-7:2018) has been prepared by Technical Committee CEN/TC 294 “Communication systems for meters”, the secretariat of which is held by DIN. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by October 2018, and conflicting national standards shall be withdrawn at the latest by October 2018. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN shall not be held responsible for identifying any or all such patent rights. This document together with EN 13757-3:2018 and CEN/TR 17167:2018 supersedes EN 13757-3:2013. This document has been prepared under a mandate given to CEN by the European Commission and the European Free Trade Association. The following significant technical changes have been incorporated in the new edition of this European Standard: — new security modes (formerly “encryption mode”) 7, 8, 9 and 10 supporting encrypted and authenticated messages have been added; — support of Key Derivation Function for the generation of ephemeral keys; — new Authentication and Fragmentation Layer has been introduced. EN 13757 is currently composed with the following parts: — Communication systems for meters — Part 1: Data exchange; — Communication systems for meters — Part 2: Wired M-Bus communication; — Communication systems for meters — Part 3: Application protocols; — Communication systems for meters and remote reading of meters — Part 4: Wireless meter readout (Radio meter reading for operation in SRD bands); — Communication systems for meters — Part 5: Wireless M-Bus relaying; — Communication systems for meters — Part 6: Local Bus; — Communication systems for meters — Part 7: Transport and security services; — CEN/TR 17167:2018, Communication systems for meters — Accompanying TR to EN 13757-2á
¯ y and
¯ }á Examples and supplementary information. This document falls under the Mandate EU M/441 “Standardisation mandate to CEN, CENELEC and ETSI in the field of measuring instruments for the development of an open architecture for utility meters involving communication protocols enabling interoperability” by providing the relevant definitions and SIST EN 13757-7:2018



EN 13757-7:2018 (E) 6 methods for meter data transmission on application layer level. The M/441 Mandate is driving significant development of standards in smart metering. This document is in accordance with CEN/CLC/ETSI/TR 50572 [4]. According to the CEN-CENELEC Internal Regulations, the national standards organisations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. SIST EN 13757-7:2018



EN 13757-7:2018 (E) 7 Introduction This European Standard belongs to the EN 13757 series, which covers communication systems for meters. EN 13757-1 contains generic descriptions and a communication protocol. EN 13757-2 contains a physical and a Link Layer for twisted pair based Meter-Bus (M-Bus). EN 13757-3 contains detailed description of the application protocols especially the M-Bus Protocol. EN 13757-4 describes wireless communication (often called wireless M-Bus or wM-Bus). EN 13757-5 describes the wireless network used for repeating, relaying and routing for the different modes of EN 13757-4. EN 13757-6 describes a twisted pair local bus for short distance (Lo-Bus). EN 13757-7 describes transport mechanism and security methods for data. The Technical Report CEN/TR 17167 contains informative annexes from EN 13757-2, EN 13757-3 and EN 13757-7. These upper M-Bus protocol layers can be used with various Physical Layers and with Data Link Layers and Network Layers, which support the transmission of variable length binary transparent messages. Frequently, the Physical and Link Layers of EN 13757-2 (twisted pair) and EN 13757-4 (wireless) as well as EN 13757-5 (wireless with routing function) or the alternatives described in EN 13757-1 are used. These upper M-Bus protocol layers have been optimized for minimum battery consumption of meters, especially for the case of wireless communication, to ensure long battery lifetimes of the meters. Secondly, it is optimized for minimum message length to minimize the wireless channel occupancy and hence the collision rate. Thirdly, it is optimized for minimum requirements towards the meter processor regarding requirements of RAM size, code length and computational power. An overview of communication systems for meters is given in EN 13757-1, which also contains further definitions. This standard concentrates on the meter communication. The meter communicates with one (or occasionally several) fixed or mobile communication partners which again might be part of a private or public network. These further communication systems might use the same or other application layer protocols, security, privacy, authentication, and management methods. To facilitate common communication systems for CEN-meters (e.g. gas, water, thermal energy and heat cost allocators) and for electricity meters, in this standard occasionally electricity meters are mentioned. All these references are for information only and are not standard requirements. The definition of communication standards for electricity meters (possibly by a reference to CEN standards) remains solely in the responsibility of CENELEC. NOTE 1 CEN/TR 17167:2018, Annex C specifies how parts of this standard and of EN 13757–2 and EN 13757–4 can be used to implement smart meter functionalities. Similar functionalities could also be implemented using other Physical and Link Layers. NOTE 2 For information on installation procedures and their integration in meter management systems, see CEN/TR 17167:2018, Annex D. The operator of a smart metering network needs to secure the network to ensure the data protection and data privacy of the consumer (see EC-Recommendation C1342 (2012)). Securing a system requires a security policy, which should address in general all constraints on functions, information flow between functions, access by external systems and threats, including software and access to data by third persons from an organizational viewpoint. The security policy is under the responsibility of organizations according to their business processes. The major elements of a security policy, in combination with rules, will determine the overall security that is achieved. The security policy defines goals and elements of the system to be supported by organizational policy and technical implementations of security services. Establishing and executing security policies are outside the scope of this standard; however the standard provides security services supporting those policies when implemented. SIST EN 13757-7:2018



EN 13757-7:2018 (E) 8 A security concept refers mainly to an architectural model, which represents data flows between role-based data processing functions. Requirements for the security concept result from the overall security objectives in combination with the derived security services and best practice. This standard provides a set of security services allowing the design of a secure system, which is likely to resist attacks within the lifetime of the meter. The limitation to symmetrical cipher methods for data transmission allow energy and memory efficient solutions. This is advantageous for long-term battery operated meters. It enables as well integration of unidirectional meter communication. Services like key derivation and key distribution solves the conflict between short key lifetime and long lifetime of a meter. SIST EN 13757-7:2018



EN 13757-7:2018 (E) 9 1 Scope This European Standard specifies Transport and Security Services for communication systems for meters. This European Standard specifies secure communication capabilities by design and supports the building of a secure system architecture. This European standard is applicable to the protection of consumer data to ensure privacy. This draft European Standard is in
...

SLOVENSKI STANDARD
oSIST prEN 13757-7:2016
01-september-2016
Komunikacijski sistemi za merilnike - 7. del: Prevoz in varnostne službe
Communication systems for meters - Part 7: Transport and security services
Kommunikationssysteme für Zähler - Teil 7: Transport- und Sicherheitsdienste
Systèmes de communication pour compteurs - Partie 7 : Services de transport et de
sécurité
Ta slovenski standard je istoveten z: prEN 13757-7
ICS:
33.200 Daljinsko krmiljenje, daljinske Telecontrol. Telemetering
meritve (telemetrija)
35.100.10 )L]LþQLVORM Physical layer
35.100.20 Podatkovni povezovalni sloj Data link layer
oSIST prEN 13757-7:2016 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN 13757-7:2016

---------------------- Page: 2 ----------------------
oSIST prEN 13757-7:2016


DRAFT
EUROPEAN STANDARD
prEN 13757-7
NORME EUROPÉENNE

EUROPÄISCHE NORM

July 2016
ICS 33.200; 35.100.10; 35.100.20 Will supersede EN 13757-3:2013
English Version

Communication systems for meters - Part 7: Transport and
security services

This draft European Standard is submitted to CEN members for enquiry. It has been drawn up by the Technical Committee
CEN/TC 294.

If this draft becomes a European Standard, CEN members are bound to comply with the CEN/CENELEC Internal Regulations
which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.

This draft European Standard was established by CEN in three official versions (English, French, German). A version in any other
language made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC
Management Centre has the same status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and
United Kingdom.

Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are
aware and to provide supporting documentation.

Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change without
notice and shall not be referred to as a European Standard.


EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2016 CEN All rights of exploitation in any form and by any means reserved Ref. No. prEN 13757-7:2016 E
worldwide for CEN national Members.

---------------------- Page: 3 ----------------------
oSIST prEN 13757-7:2016
prEN 13757-7:2016 (E)
Contents Page
European foreword . 7
Introduction . 8
1 Scope . 10
2 Normative references . 10
3 Terms and definitions . 11
4 Abbreviations and symbols . 13
4.1 Abbreviations . 13
4.2 Symbols . 15
5 Layer model . 15
5.1 M-Bus Layers . 15
5.2 The CI-field principle . 16
6 Authentication and Fragmentation Sublayer (AFL) . 20
6.1 Introduction . 20
6.2 Overview of the AFL-Structure . 20
6.3 Components of the AFL. 21
6.3.1 AFL Length Field (AFL.AFLL) . 21
6.3.2 AFL Fragmentation Control Field (AFL.FCL) . 21
6.3.3 AFL Message Control Field (AFL.MCL) . 22
6.3.4 AFL Key Information-Field (AFL.KI) . 23
6.3.5 AFL Message Counter Field (AFL.MCR) . 23
6.3.6 AFL MAC-field (AFL.MAC) . 24
6.3.7 AFL Message Length Field (AFL.ML) . 24
7 Transport Layer (TPL) . 24
7.1 Introduction . 24
7.2 Structure of none TPL header . 25
7.3 Structure of short TPL header . 25
7.4 Structure of long TPL header . 25
7.5 CI-field dependent elements . 26
7.5.1 Identification number . 26
7.5.2 Manufacturer identification . 26
7.5.3 Version identification . 26
7.5.4 Device type identification . 26
7.5.5 Access number . 28
7.5.6 Status byte in meter messages . 29
7.5.7 Status byte in partner messages . 30
7.5.8 Configuration field . 31
7.6 Configuration field dependent structure. 33
7.6.1 General . 33
7.6.2 Configuration field extension . 34
7.6.3 Optional TPL-header fields . 34
7.6.4 Optional TPL Trailer fields . 34
7.6.5 Partial encryption . 34
7.7 Security mode specific TPL-fields . 35
7.7.1 Shared subfields of configuration field and configuration field extension . 35
7.7.2 Configuration field of Security mode 0 . 38
2

---------------------- Page: 4 ----------------------
oSIST prEN 13757-7:2016
prEN 13757-7:2016 (E)
7.7.3 Configuration field of Security modes 2 and 3 . 39
7.7.4 Configuration field of Security mode 5 . 40
7.7.5 Configuration field of Security mode 7 . 41
7.7.6 Configuration field of Security mode 8 . 43
7.7.7 Configuration field of Security mode 9 . 46
7.7.8 Configuration field of Security mode 10 . 47
8 Management of lower layers . 49
8.1 General . 49
8.2 Switching baud rate for M-Bus Link Layer according to EN 13757-2 . 50
8.3 Address structure if used together with the wireless Data Link Layer according to
EN 13757-4 . 50
8.4 Selection and secondary addressing . 50
8.5 Generalized selection procedure . 51
8.6 Searching for installed slaves . 52
8.6.1 Primary addresses . 52
8.6.2 Secondary addresses . 52
8.6.3 Wildcard searching procedure . 52
9 Security Services . 53
9.1 General . 53
9.2 Message counter . 54
9.2.1 Overview . 54
9.2.2 Message counter C transmitted by the meter . 54
M
9.2.3 Message counter C transmitted by the communication partner . 55
CP
9.2.4 Message counter C’ received by the meter . 55
CP
9.2.5 Message counter C’ and C” received by the communication partner . 55
M M
9.3 Authentication methods in the AFL . 56
9.3.1 Overview . 56
9.3.2 Authentication method AES-CMAC-128 . 56
9.3.3 Authentication method AES-GMAC-128 . 56
9.4 Encryption and Authentication methods in the TPL . 57
9.4.1 Overview about TPL-Security mechanisms . 57
9.4.2 Manufacturer specific Security mechanism (Security mode 1) . 59
9.4.3 Security mechanism DES-CBC (Security mode 2 and 3). 59
9.4.4 Security mechanism AES-CBC-128 (Security mode 5) . 60
9.4.5 Security mechanism AES-CBC-128 (Security mode 7) . 61
9.4.6 Security mechanism AES-CTR-128 (Security mode 8) . 61
9.4.7 Security mechanism AES-GCM-128 (Security mode 9) . 63
9.4.8 Security mechanism AES-CCM-128 (Security mode 10) . 66
9.5 Reaction to security failure . 68
9.6 Key derivation . 68
9.6.1 General . 68
9.6.2 Key derivation function A . 68
9.7 Key Exchange. 69
Annex A (informative) The structure of higher protocol layers . 70
A.1 General . 70
A.2 Transport and Application Layer without a TPL-header (none) . 70
A.3 Transport and Application Layer with a short TPL-header . 70
A.4 Transport and Application Layer with a long TPL-header . 71
A.5 Transport Layer with none TPL-header (no user data) . 71
A.6 Transport Layer with a short TPL-header (no user data) . 71
A.7 Transport Layer with a long TPL-header (no user data) . 71
3

---------------------- Page: 5 ----------------------
oSIST prEN 13757-7:2016
prEN 13757-7:2016 (E)
Annex B (normative) Security Information Transfer Protocol . 73
B.1 Introduction . 73
B.1.1 General . 73
B.1.2 Transfer security information . 73
B.1.3 Activate security information . 73
B.1.4 Deactivate security information . 73
B.2 Protocol Definitions . 74
B.2.1 General . 74
B.2.2 SITP structure . 74
B.2.3 Block Control Field . 74
B.2.4 SITP Commands . 75
B.2.5 SITP Responses . 75
B.2.6 Wrapping . 76
Annex C (informative) Message counter example . 79
Bibliography . 81

Figures
Figure 1 — GCM algorithm input and output . 63
Figure C.1 — Message counter control flow (part 1) . 79
Figure C.2 — Message counter control flow (part 2) . 80

Tables
Table 1 — Order of M-Bus Layer . 15
Table 2 — CI-field codes used by the master or the slave . 17
Table 3 — Overview of all AFL Fields . 21
Table 4 — AFL Fragmentation Control Field – bit field definitions . 22
Table 5 — AFL Message Control Field - bit field definitions . 22
Table 6 — AT-subfield of AFL.MCL . 23
Table 7 — AFL Key Information Field – bit field definitions . 23
Table 8 — AFL Message Counter Field - bit field definitions . 23
Table 9 — AFL Message Length Field - bit field definitions . 24
Table 10 — General structure of TPL . 24
Table 11 — Short TPL header . 25
Table 12 — Long TPL header . 25
Table 13 — Device type identification . 27
Table 14 — Coding of the status field . 30
Table 15 — Application errors coded with the status field . 30
Table 16 — Meaning of status byte for partner messages . 31
Table 17 — Meaning of bits 0 to 5 in status byte for partner messages . 31
Table 18 — General definition of the two mandatory configuration field bytes. 32
Table 19 — Definition of the mode bits in the configuration field (Security mode) . 33
4

---------------------- Page: 6 ----------------------
oSIST prEN 13757-7:2016
prEN 13757-7:2016 (E)
Table 20 — TPL structure of a secured message . 33
Table 21 — Contents of meter message . 35
Table 22 — Contents of partner message . 35
Table 23 — Accessibility of a meter . 36
Table 24 — The Key ID . 37
Table 25 — KDF-Selection . 38
Table 26 —Configuration field and subsequent fields with Security mode 0 . 38
Table 27 — Definition of the configuration field for Security mode 0. 38
Table 28 — Configuration field and subsequent fields with Security mode 2 and 3 . 39
Table 29 — Definition of the configuration field for Security modes 2 and 3 . 39
Table 30 — Configuration field and subsequent fields with Security mode 5 . 40
Table 31 — Definition of the configuration field for Security mode 5. 40
Table 32 — Configuration field and subsequent fields with Security mode 7 . 41
Table 33 — Definition of the configuration field for Security mode 7. 41
Table 34 — Definition of the configuration field extension for Security mode 7 . 42
Table 35 — Configuration field and subsequent fields with Security mode 8 . 43
Table 36 — Definition of the configuration field for mode 8 . 43
Table 37 — Definition of the configuration field extension for Security mode 8 . 45
Table 38 — Configuration field and subsequent fields with Security mode 9 . 46
Table 39 —Definition of the configuration field for Security mode 9 . 46
Table 40 — Configuration field and subsequent fields with Security mode 10 . 47
Table 41 — Definition of the configuration field for Security mode 10 . 48
Table 42 — Definition of the configuration field extension for Security mode 10 . 49
Table 43 — Address structure of the wireless Link Layer . 50
Table 44 — Structure of a datagram for selecting a slave . 50
Table 45 — Application Layer structure of a datagram for enhanced selection (mode 1) . 52
Table 46 — Security Services and Security objectives . 53
Table 47 — Security mechanisms for meter reading. 58
Table 48 — Initialization vector of Security mode 5 . 60
Table 49 — Structure of Initialization vector in Security mode 8 . 62
Table 50 — GCM functions input and output details . 64
Table 51 — Structure of Initialization vector in Security mode 9 . 65
Table 52 — Structure of the nonce, N . 67
Table 53 — Constant D for the key derivation . 69
Table A.1 — Transport and Application Layer without a TPL-header (none) . 70
Table A.2 — Transport and Application Layer with a short TPL-header . 71
Table A.3 — Transport and Application Layer with a long TPL-header . 71
5

---------------------- Page: 7 ----------------------
oSIST prEN 13757-7:2016
prEN 13757-7:2016 (E)
Table A.4 — Transport Layer with none TPL-header . 71
Table A.5 — Transport Layer with a short TPL-header. 71
Table A.6 — Transport Layer with a long TPL-header . 72
Table B.1 — Security Information Transfer Protocol CI-fields . 74
Table B.2 — Internal Block structure of SITP . 74
Table B.3 — Block Control Field . 75
Table B.4 — Block parameter structure of SITP Commands . 75
Table B.5 — Response status definition . 76
Table B.6 — List of wrapped data structures . 76
Table B.7 — Wrapped data structure 01h . 77
Table B.8 — Wrapped data structure 02h . 77

6

---------------------- Page: 8 ----------------------
oSIST prEN 13757-7:2016
prEN 13757-7:2016 (E)
European forewor
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.