Alpine IO-WP2-Technical Interoperability

Download Report

Transcript Alpine IO-WP2-Technical Interoperability 

EG 11
Definition of the EFC Application
for the EETS based on
Microwave Technologies
Bernhard Oehry
Partner
Rapp Trans AG
Basel, Switzerland
[email protected]
Objectives (1)
“Expert Group 1 has promoted the idea of a
single European EFC application for the European
EFC service based on microwave technologies.
This idea seems to be well accepted by the
majority of the EFC Expert Group. The basic aim of
EG 11 is now to define the general specifications
for this Application.
…
2
Objectives (2)
…
It might start from the achievements of such
European projects as CARDME, MEDIA, CESARE.
Its report will be submitted to the Regulatory
Committee created by the Directive 2004/52/CE,
through the "EFC Expert Group". It should
coordinate its work with the project CESARE III.
Furthermore, it will study the requirements for
security of the transactions, and especially the
question of security keys.”
3
EG 11 Members
• Anton Sieber
AT
• Bernhard Oehry
CH
• Joan Marti Riola
ES
• François Malbrunot
FR
• Paolo Giorgi
IT
• Bjarne Olav Tveit
NO
• Paulo Marques
PT
• Johan Hedin
SE
• Simon Smith
UK
4
Scope
• Dual DSRC stack (CEN and UNI)

according to EG1 recommendation
• For all vehicles (commercial and private)
• Only for the EETS


free choice of the user to subscribe
shall not replace national services
• Central account only


on-board account not feasible without widespread
electronic purse / electronic money infrastructure
not considered by PISTA, CESARE, CARDME, …
• Including enforcement in DSRC systems


5
transaction shall be useful for enforcement of the
DSRC part of the EETS
transaction not designed for enforcement of
GPS/GSM part of the EETS
Relation of EG 11 to other work
European
Projects and
Initiatives
National EFC
Specifications
CEN and UNI
DSRC
Standards
Expert
Group 11
EETS Definition
annexed to
Directive
6
European
Standards
Organisations
CEN
EFC
Standards
Input: Standards and Specifications
• CEN TC278 WG1 SG2:
“Interoperability Application Profile for DSRC”
• Report of EG 1 (and EG 8) on DSRC
• Report of EG 2 on Classification
• CEN DSRC and EFC standards

especially EN ISO 14906
• UNI DSRC standards
• DSRC transactions from international projects



PISTA / CESARE II
CARDME-4
MEDIA
• National DSRC transactions

7
Austria, France, Norway, Sweden, UK, Spain, Portugal
Input: CESARE III Model for Interoperability
Interoperability
Manager
EETS
Provider
Toll
Charger
Service
User
8
Requirements from the CESARE Model
• EETS Providers issue OBE independent from
Toll Chargers
 need for an interoperable Personal Account Number
• EETS Provider and Toll Chargers independently
need proof of validity of the transaction data
 separate security elements for EETs Provider and
Toll Charger
• Toll Charger is responsible for enforcement
 DSRC transaction needs to support both charging
and enforcement
9
Constraints
• Equal treatment / non discrimination
EETS users and national users must be treated equally
 all national requirements must be fully covered

• Must work in an international environment


Scale of the service might be very large
A multitude of actors
• Minimal change to existing equipment


If possible there should be no need to replace RSE
Upgrades of software will be necessary
• Performance suitable for all charging systems

10
Transaction time must remain low
The Challenge
Find the balance between
subsidiarity and interoperability:
• Subsidiarity asks for a maximum solution that
enables all and everything
• Interoperability as a commercial product requires
restriction of the solution to an affordable minimum
 Our approach:
Define what has to be defined,
and leave the rest open
11
What needs to be defined ?
• DSRC Link

according to EG 1: dual DSRC stack
DSRC
DATA
SECURITY
DSRC
- CEN DSRC
- Telepass DSRC
• OBU Data Content




Contract / Payment
Vehicle (according to EG 2 on Classification)
OBU
Receipts (Entry and Exit Tickets)
• Security Elements

12
Including key management / ownership
DATA
SECURITY
What can be left open
• Transaction Flow


No need for a fixed definition
“read and write as you like”
• OBE and RSE Requirements


OBE initialisation
RSE list management
• Technical detail
bit-level coding, security calculations, state
transitions, …
 TC278 WG1

• Test specifications for approval of conformance
 Recommendation 4
13
DSRC
DATA
SECURITY
DSRC Requirements
EETS Definitions of EG 11
(functions, data, security)
and mapping to DSRC stacks
14
EN ISO 14906
UNI 10607-4:2006
EN 12834
UNI 10607-3:2006
EN 12795
UNI 10607-2:2006
EN 12253
UNI 10607-1:2006
CEN DSRC
UNI DSRC
DSRC
DATA
SECURITY
Data Requirements (1)
X
X
ContractSerialNumber
1
ContractValidity
2
ContractAuthenticator
4
Telepass Id
-
EG 11
Austria
X
Telepass
CARDME
0
MEDIA
PISTA /
CESARE
EFCContextMark
(EN 14906 Attributes)
TIS PL
France
EFC
Sweden
OMISS
UK
Attr
ID
OBE DATA
Contract
X
X
X
X
X
X
X
X
X
Payment
Payment Means
32
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
Vehicle
15
VehicleLicencePlateNumber
16
VehicleClass
17
X
X
VehicleDimensions
18
X
X
VehicleAxles
19
X
X
VehicleWeightLimits
20
X
VehicleSpecificCharacteristics
22
X
“VehicleSuspensionType”
?
VehicleAuthenticator
23
X
X
X !?
X
X
X
X
DSRC
DATA
SECURITY
Data Requirements (2)
X
X
X
X
X
X
X
ReceiptData2
34
X
X
X
X
X
X
X
X
ReceiptText
12
X
X
X
X
X
X
X
X
X
X
X
EG 11
Austria
X
Telepass
CARDME
33
MEDIA
PISTA /
CESARE
ReceiptData1
(EN 14906 Attributes)
TIS PL
France
EFC
Sweden
OMISS
UK
Attr
ID
OBE DATA
Receipt
X
Equipment
EquipmentOBUId
24
X
EquipmentStatus
26
X
X
X
X
X
Private Attributes
16
TransactionLog
99
X
D-PASS (Journey following)
124
X
D-GES (Grey list management)
116
X
D-EVE (Data of OBE)
125
X
Data Requirements: “EETS Contract”
DSRC
DATA
SECURITY
BST
BST
BST
BST
VST
17
VST has to contain
the information:
“I have an EETS
contract”
Data Requirements: “EETS Contract”
DSRC
DATA
SECURITY
Options to say “EETS Contract” in VST
• Agree on a coding for “EETS Contract”

Collisions with existing coding
• Define EETS-Providers on a European basis

No existing code for “Europe”
• No agreed coding
 Use look-up tables in the RSE
Proposed EG 11 solution
The proposed solution also allows to individually
blacklist non-compliant EETS-Providers
18
Security Requirements
DSRC
DATA
SECURITY
• Static Authenticators


e.g. Contract Authenticator, Vehicle Authenticator
not foreseen
• Dynamic Authenticators



Mechanism: GET Stamped
foreseen: 2 individual authenticators
migration strategy to avoid changes to existing RSE
• Access restrictions


All data except Receipt and Eq.Status are read only
Access credentials not foreseen for the time being
(see Recommendation 7)
• Transaction Counter

19
foreseen
Table of contents of EG11 Report
1 Objectives, Scope
2 Principles
3 Processes
4 Proposed Solution
5 Implementation / Migration
6 Summary of Recommendations
Annex
Annex
Annex
Annex
Annex
20
A
B
C
D
E
DSRC Transaction Specification
Compatibility with Other Specifications
References
Glossary of Terms
Expert Group Members
EG 11 Recommendations (1)
R1
The specification in Annex A should be
accepted as the technical basis of the EETS
for DSRC based charging systems.
R2
The specification should be forwarded as
input to European Standardisation.
R3
The European Commission should establish a
mechanism to maintain the specification in
harmony with European Standards.
21
EG 11 Recommendations (2)
R4
The European Commission should establish a
mechanism that defines test procedures for
conformity evaluation of EETS equipment.
R5
The process for key management for keys
common to Toll Chargers should be defined
as part of the CESARE work.
R6
Blacklist content and the relation between
PAN and EquipmentOBUId should be
addressed from an operational point of view,
e.g. by the project CESARE III.
22
EG 11 Recommendations (3)
R7
The specification does not foresee the use of
OBE Access Credentials for the time being.
It is recommended that Toll Chargers ready
their equipment for key handling and the
dynamic calculation of Access Credentials
when they replace or update RSE.
Introduction of Access Credentials on a
mandatory basis shall be decided at a later
point in time.
23
EG 11 Recommendations (4)
R8
EETS security issues should be investigated in
detail, e.g. by an Expert Group.
A proper threat analysis should be undertaken
and a system-wide coherent and
comprehensive security framework be
proposed. Migration issues, like the coexistence of different security levels, should
also be looked into.
24
Will the colour go away ?
Bernhard Oehry
Tel.: +41 / 61 / 335 78 46
Fax.: +41 / 61 / 335 77 00
Mail: [email protected]
Web: www.rapp.ch
25