EN ISO TS 21719-2-2018 en Electronic fee collection - Personalization of on-board equipment (OBE) - Part 2 Using dedicated short-range communication.pdf

1、BSI Standards PublicationWB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06Electronic fee collection - Personalization of on-board equipment (OBE)Part 2: Using dedicated short-range communication (ISO/TS 21719-2:2018)PD CEN ISO/TS 21719-2:2018National forewordThis Published Document is the UK

2、implementation of CEN ISO/TS 21719-2:2018. It is identical to ISO/TS 21719-2:2018.The UK participation in its preparation was entrusted to Technical Committee EPL/278, Intelligent transport systems.A list of organizations represented on this committee can be obtained on request to its secretary.This

3、 publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2018 Published by BSI Standards Limited 2018ISBN 978 0 580 98138 8ICS 03.220.20; 35.240.60Compliance with a British Standard canno

4、t confer immunity from legal obligations. This Published Document was published under the authority of the Standards Policy and Strategy Committee on 31 March 2018.Amendments/corrigenda issued since publicationDate Text affectedPUBLISHED DOCUMENTPD CEN ISO/TS 21719-2:2018TECHNICAL SPECIFICATIONSPCIF

5、ICATION TECHNIQUETECHNISCHE SPEZIFIKATIONCEN ISO/TS 21719-2February 2018ICS 03.220.20; 35.240.60EUROPEAN COMMITTEE FOR STANDARDIZATIONCOMIT EUROPEN DE NORMALISATIONEUROPISCHES KOMITEE FR NORMUNGCEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels 2018 CEN Ref. No. CEN ISO/TS 21719-2:2018

6、: EAll rights of exploitation in any form and by any means reserved worldwide for CEN national MembersElectronic fee collection - Personalization of on-board equipment (OBE) - Part 2: Using dedicated short-range communication (ISO/TS 21719-2:2018)Perception de tlpage - Personnalisation des quipement

7、s embarqus - Partie 2: Utilisation des communications ddies courte porte (ISO/TS 21719-2:2018)Elektronische Gebhrenerhebung - Personalisierung von Onboard Einrichtungen - Teil 2: Verwendung von dedizierter Nahbereichskommunikation (ISO/TS 21719-2:2018)This Technical Specification (CEN/TS) was approv

8、ed by CEN on 2 February 2018 for provisional application.The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard

9、.CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to the CEN/TS) until the final decision a

10、bout the possible conversion of the CEN/TS into an EN is reached.CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,

11、Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom.English VersionCEN ISO/TS 21719-2:2018 (E)European forewordThis document (CEN ISO/TS 21719-2:2018) has been prepared by Technical Co

12、mmittee ISO/TC 204 “Intelligent transport systems“ in collaboration with Technical Committee CEN/TC 278 “Intelligent transport systems”, the secretariat of which is held by NEN.Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN s

13、hall not be held responsible for identifying any or all such patent rights.According to the CEN/CENELEC Internal Regulations, the national standards organisations of the following countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republi

14、c, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.

15、Endorsement noticeThe text of ISO/TS 21719-2:2018 has been approved by CEN as CEN ISO/TS 21719-2:2018 without any modification.2PD CEN ISO/TS 21719-2:2018ISO/TS 21719-2:2018Foreword ivIntroduction v1 Scope . 12 Normative references 23 Terms and definitions . 34 Abbreviated terms and symbols 55 Confo

16、rmance . 65.1 General . 65.2 Base standards 65.3 Main contents of an EFC Personalization AP 76 Personalization overview 76.1 Process . 76.2 System architecture 77 OBE requirements . 77.1 General . 77.2 DSRC lower layer requirements . 77.2.1 Supported DSRC stacks 77.2.2 CEN DSRC stack . 87.3 OBE pers

17、onalization functions 87.3.1 General 87.3.2 Initialization and termination 97.3.3 Retrieving OBE identifier . 97.3.4 Writing of data . 97.4 Security requirements . 117.5 Transaction requirements 138 Personalization equipment requirements .138.1 General 138.2 DSRC lower layer requirments . 138.2.1 Su

18、pported DSRC stacks .138.2.2 CEN DSRC stack 138.3 PE personalization functions . 138.4 Security requirements . 138.5 Transaction requirements 14Annex A (normative) Security calculations 15Annex B (normative) PICS proforma .20Annex C (normative) Personalization of ES 200 674-1 compliant OBEs 25Annex

19、D (informative) Transaction example 30Annex E (informative) Security computation example 35Bibliography .39 ISO 2018 All rights reserved iiiContents PagePD CEN ISO/TS 21719-2:2018ISO/TS 21719-2:2018ForewordISO (the International Organization for Standardization) is a worldwide federation of national

20、 standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. Internationa

21、l organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.The procedures used to develop this document and those intended fo

22、r its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of ISO documents should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.or

23、g/directives).Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be

24、in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement.For an explanation on the voluntary nature of standards, the meaning of I

25、SO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following URL: www.iso.org/iso/foreword.html.This document was prepared by Technical Commi

26、ttee ISO/TC 204, Intelligent transport systems.A list of all parts in the ISO 21719 series can be found on the ISO website.iv ISO 2018 All rights reservedPD CEN ISO/TS 21719-2:2018ISO/TS 21719-2:2018IntroductionOn-board equipment (OBE) is an in-vehicle device that is able to contain one or more appl

27、ication instances in order to support different intelligent transportation system (ITS) implementations such as electronic fee collection (EFC). Examples of EFC applications are road toll collection/road charging, local augmentation (LAC) or compliance checking (CCC).To assign the EFC application in

28、 the OBE to a certain user and/or vehicle, personalization should be performed. This means that unique user and vehicle related data, needs to be transferred to the OBE.The CEN/TR 16152 already assessed many aspects of the personalization process and it also defined the overall personalization asset

29、s as; application data, application keys and vehicle data.Different communication media may be used for transferring the personalization assets to the OBE but for all media, common procedures may be applied such as an overall message exchange framework and necessary security functionality in order t

30、o ensure data protection and integrity.By standardizing the personalization procedure, compatibility of personalization equipment is supported, and the entity responsible for the personalization, e.g. a toll service provider, will further be able to outsource parts of, or a complete, personalization

31、 to a third party or to another service provider or personalization agent.This document defines a complete application profile using the personalization functionality described in ISO/TS 217191, on top of a CEN DSRC stack according to the RTTT communication profiles in EN 13372 and using the EFC App

32、lication Interface according to ISO 14906.This document further defines in the annexes the use of this application profile on top of other DSRC communication stacks that are compliant with the application layer interfaces as defined in ISO 14906 and EN 12834.This document may be complemented by a se

33、t of standards defining conformity evaluation of the conformance requirements. ISO 2018 All rights reserved vPD CEN ISO/TS 21719-2:2018This page deliberately left blankElectronic fee collection - Personalization of on-board equipment (OBE) Part 2: Using dedicated short-range communication (ISO/TS 21

34、719-2:2018)1 ScopeThis document specifies personalization interface: dedicated short-range communication (DSRC), physical systems: on-board equipment and the personalization equipment, DSRC-link requirements, EFC personalization functions according to ISO/TS 217191 when defined for the DSRC interfac

35、e, and security data elements and mechanisms to be used over the DSRC interface.Protcol information conformance statement (PICS) proforma is provided in Annex B, whereas security computation examples are provided in Annex E.The scope of the personalization functionality is illustrated in Figure 1 an

36、d it is limited to the DSRC interface between the personalization equipment (PE) and the OBE.Domain of the entity responsible for personalizationCentralSystem PersonalizationEquipment (PE)On Board Equipment (OBE)Scope of this documentDSRCFigure 1 Scope for this document (box delimited by a dotted li

37、ne)It is outside the scope of this document to define conformance procedures and test specification (this is provided in a separate set of standards), setting-up of operating organizations (e.g. toll service provider, personalization agent, trusted third party, etc.), and legal issues.NOTE Some of t

38、hese issues are subject to separate standards prepared by CEN/TC 278, ISO/TC 204 or ETSI ERM.Figure 2 shows the scope of this document from a DSRC-stack perspective.TECHNICAL SPECIFICATION ISO/TS 21719-2:2018 ISO 2018 All rights reserved 1PD CEN ISO/TS 21719-2:2018ISO/TS 21719-2:2018DSRC managementA

39、PApplication functions and datasecurity algorithmsDSRC L7RequestfunctionsDSRC L2 LLCDSRC L2 MACDownlink framesDSRC L1APApplication functions and datasecurity algorithmsDSRC L7ResponsefunctionsDSRC L2 LLCDSRC L2 MACUplinkframesDSRC L1DSRC L1 parametersDSRC L1 parametersADUT-APDULPDUPPDUEFC personaliz

40、ation transaction and DSRC communicationRSE OBEFigure 2 Relationship between this document and DSRC-stack elements2 Normative referencesThe following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references,

41、 only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.ISO/IEC 9797-1:2011, Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a block cipherISO/IEC 10116:2017, Inf

42、ormation technology Security techniques Modes of operations for an n-bit cipherISO 14906, Electronic fee collection Application interface definition for dedicated short-range communicationISO 15628, Intelligent transport systems Dedicated short range communication (DSRC) DSRC application layerISO/IE

43、C 18033-3:2010, Information technology Security techniques Encryption algorithms Part 3: Block ciphersEN 12834, Road transport and traffic telematics Dedicated Short Range Communication (DSRC) DSRC application layerEN 15509:2014, Electronic Fee Collection Interoperability application profile for DSR

44、C2 ISO 2018 All rights reservedPD CEN ISO/TS 21719-2:2018ISO/TS 21719-2:20183 Terms and definitionsFor the purposes of this document, the following terms and definitions apply.ISO and IEC maintain terminological databases for use in standardization at the following addresses: IEC Electropedia: avail

45、able at www.electropedia.org ISO Online browsing platform: available at www.iso.org/obp3.1access credentialstrusted attestation or secure module that establishes the claimed identity of an object or applicationNote 1 to entry: The access credentials carry information needed to fulfil access conditio

46、ns in order to perform the operation on the addressed element in the OBE. The access credentials can carry passwords, as well as cryptographic based information such as authenticators.SOURCE: EN 15509:2014, 3.13.2attributeaddressable package of data consisting of a single data element (3.10) or stru

47、ctured sequences of data elementsSOURCE: ISO 17575-1:2016, 3.23.3authenticationsecurity mechanism allowing verification of the provided identitySOURCE: EN 301 175 V1.1.1:1998, 33.4authenticatordata, possibly encrypted, that is used for authentication (3.3)SOURCE: EN 15509:2014, 3.33.5base standardap

48、proved International Standard or ITU-T RecommendationSOURCE: ISO/IEC TR 10000-1:1998, 3.1.13.6cryptographyprinciples, means and methods for the transformation of data in order to hide its information content, prevent its undetected modification or prevent its unauthorized useSOURCE: EN 15509:2014, 3

49、.63.7data integrityproperty that data has not been altered or destroyed in an unauthorized mannerSOURCE: ISO/TS 19299:2015, 3.24, modified the term “integrity” has been changed to “data integrity”. ISO 2018 All rights reserved 3PD CEN ISO/TS 21719-2:2018ISO/TS 21719-2:20183.8data privacyrights and obligations of individuals and organizations with respect to the collection, use, retention, disclosure and disposal of personal informationSOURCE: ISO/TS 19299:2015, 3.323.9electronic fee collecti