1、 ETSI TS 103 096-2 V1.2.1 (2015-09) Intelligent Transport Systems (ITS); Testing; Conformance test specifications for ITS Security; Part 2: Test Suite Structure and Test Purposes (TSS Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from th
2、e ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/ipr.etsi.org). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the
3、 updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Intelligent Transport Systems (ITS). The present document is part 2 of a multi-part deliverable covering C
4、onformance test specification for ITS Security as identified below: Part 1: “Protocol Implementation Conformance Statement (PICS)“; Part 2: “Test Suite Structure and Test Purposes (TSS Part 3: “Abstract Test Suite (ATS) and Protocol Implementation eXtra Information for Testing (PIXIT)“. Modal verbs
5、terminology In the present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allow
6、ed in ETSI deliverables except when used in direct citation. ETSI ETSI TS 103 096-2 V1.2.1 (2015-09)7 1 Scope The present document provides the Test Suite Structure and Test Purposes (TSS Security; Security header and certificate formats“. 2 ETSI TS 103 096-1 (V1.2.1): “Intelligent Transport Systems
7、 (ITS); Testing; Conformance test specifications for ITS Security; Part 1: Protocol Implementation Conformance Statement (PICS)“. 3 ETSI TS 102 871-1 (V1.3.1): “Intelligent Transport Systems (ITS); Testing; Conformance test specifications for GeoNetworking ITS-G5; Part 1: Test requirements and Proto
8、col Implementation Conformance Statement (PICS) pro forma“. 4 ISO/IEC 9646-1 (1994): “Information technology - Open Systems Interconnection - Conformance testing methodology and framework - Part 1: General concepts“. 5 ISO/IEC 9646-2 (1994): “Information technology - Open Systems Interconnection - C
9、onformance testing methodology and framework - Part 2: Abstract Test Suite specification“. 6 ISO/IEC 9646-6 (1994): “Information technology - Open Systems Interconnection - Conformance testing methodology and framework - Part 6: Protocol profile test specification“. 7 ISO/IEC 9646-7 (1995): “Informa
10、tion technology - Open Systems Interconnection - Conformance testing methodology and framework - Part 7: Implementation Conformance Statements“. 8 ETSI ETS 300 406 (1995): “Methods for testing and Specification (MTS); Protocol and profile conformance testing specifications; Standardization methodolo
11、gy“. 9 ISO 3166-1: “Codes for the representation of names of countries and their subdivisions - Part 1: Country codes“. 10 United Nations, Statistics Division (1996): “Standard Country or Area Codes for Statistical Use (Rev. 3), Series M: Miscellaneous Statistical Papers, No. 49“, New York: United N
12、ations. ETSI ETSI TS 103 096-2 V1.2.1 (2015-09)8 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest ver
13、sion of the reference document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are not necessary for the application of the present documen
14、t but they assist the user with regard to a particular subject area. i.1 ETSI EG 202 798 (V1.1.1): “Intelligent Transport Systems (ITS); Testing; Framework for conformance and interoperability testing“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the ter
15、ms and definitions given in ETSI TS 103 097 1, ISO/IEC 9646-6 6 and ISO/IEC 9646-7 7 apply. 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply: AA Authorization Authority AID Application IdentifierAT Authorization Ticket ATS Abstract Test Suite BO Exception
16、al BehaviourBV Valid BehaviourCAM Co-operative Awareness Messages CAN Controller Area Network CERT Certificate DE Data ElementDENM Decentralized Environmental Notification Message EA Enrolment Authority ECC Elliptic Curve Cryptography GN GeoNetworking ITS Intelligent Transportation Systems ITS-S Int
17、elligent Transport System - Station IUT Implementation under Test MSG Message PICS Protocol Implementation Conformance Statement SSP Service Specific Permissions TP Test Purposes TSS Test Suite Structure ETSI ETSI TS 103 096-2 V1.2.1 (2015-09)9 4 Test Suite Structure (TSS) 4.1 Structure for Security
18、 tests Table 1 shows the Security Test Suite Structure (TSS) defined for conformance testing. Table 1: TSS for Security Root Group Category Security ITS-S data transfer Valid ITS-S - AA authorization Valid ITS-S - EA enrolment Valid Sending behaviour ValidReceiving behaviour Valid and Invalid Generi
19、c messages Valid CAM testing ValidDENM testing Valid Certificate testing Valid5 Test Purposes (TP) 5.1 Introduction 5.1.1 TP definition conventions The TP definition is built according to ETSI EG 202 798 i.1. 5.1.2 TP Identifier naming conventions The identifier of the TP is built according to table
20、 2. Table 2: TP naming convention Identifier TP_ = root SEC = target ITSS ITS-S data transfer AA ITS-S - AA authorization EA ITS-S - EA enrolment = group SND Sending behaviour RCV Receiving behaviour =sub- group MSG Generic messages CAM CAM testing DENM DENM testing CERT Certificate testing = requir
21、ement sequential number 01 to 99 = test purpose sequential number 01 to 99 = category BV Valid Behaviour tests BO Invalid Behaviour Tests 5.1.3 Rules for the behaviour description The description of the TP is built according to ETSI EG 202 798 i.1. ETSI TS 103 097 1 does not use the finite state mac
22、hine concept. As consequence, the test purposes use a generic “Initial State“ that corresponds to a state where the IUT is ready for starting the test execution. Furthermore, the IUT shall be left in this “Initial State“, when the test is completed. Being in the “Initial State“ refers to the startin
23、g point of the initial device configuration. There are no pending actions, no instantiated buffers or variables, which could disturb the execution of a test. ETSI ETSI TS 103 096-2 V1.2.1 (2015-09)10 5.1.4 Sources of TP definitions All TPs are specified according to ETSI TS 103 097 1. 5.1.5 Mnemonic
24、s for PICS reference To avoid an update of all TPs when the PICS document is changed, table 3 introduces mnemonics name and the correspondence with the real PICS item number. The PICS item column refers to Table/Item of ETSI TS 103 096-1 2 if not stated otherwise. Table 3: Mnemonics for PICS referen
25、ce Mnemonic PICS item 1 PICS_GN_SECURITY A.32/12 ETSI ETSI TS 102 871-1 3 2 PICS_CERTIFICATE_SELECTION A.3/1 3 PICS_USE_CIRCULAR_REGION A.4/2 4 PICS_USE_RECTANGULAR_REGION A.4/3 5 PICS_USE_POLYGONAL_REGION A.4/46 PICS_USE_IDENTIFIED_REGION A.4/57 PICS_ITS_AID_OTHER_PROFILE A.6/1 8 PICS_USE_ISO31661_
26、REGION_DICTIONARY A.5/1 9 PICS_USE_UN_STATS_REGION_DICTIONARY A.5/2 5.2 Sending behaviour 5.2.1 Check the message protocol version TP Id TP_SEC_ITSS_SND_MSG_01_01_BV Summary Check that ITS-S sends a SecuredMessage containing protocol version set to 2 Reference ETSI TS 103 097 1, clause 5.2 PICS Sele
27、ction PICS_GN_SECURITY Expected behaviour with the IUT being in the authorized state ensure that when the IUT is requested to send a SecuredMessage then the IUT sends a SecuredMessage containing protocol_version indicating value 2 ETSI ETSI TS 103 096-2 V1.2.1 (2015-09)11 5.2.2 Check that AT certifi
28、cate is used to sign communication messages of ITS-S TP Id TP_SEC_ITSS_SND_MSG_04_01_BV Summary Check that when IUT sends the message signed with the digest, then this digest points to the AT certificate Reference ETSI TS 103 097 1, clause 6.3 PICS Selection PICS_GN_SECURITY Expected behaviour with
29、the IUT being in the authorized state and the IUT is configured to send more than one CAM per second and the IUT having sent last CAM containing header_fieldssigner_info.signer.type indicating certificate ensure that when the IUT is requested to send next CAM then the IUT sends a SecuredMessage cont
30、aining header_fields signer_info containing signer containing type indicating certificate_digest_with_sha256 containing digest referencing the certificate containing subject_info.subject_type indicating authorization_ticket TP Id TP_SEC_ITSS_SND_MSG_04_02_BV Summary Check that IUT uses the AT certif
31、icate to sign messages Reference ETSI TS 103 097 1, clause 6.3 PICS Selection PICS_GN_SECURITY Expected behaviour with the IUT being in the authorized state the IUT being requested to include certificate in the next CAM ensure that when the IUT is requested to send a next CAM then the IUT sends a Se
32、curedMessage containing header_fields signer_info containing signer containing type indicating certificate containing certificate containing subject_info.subject_type indicating authorization_ticket ETSI ETSI TS 103 096-2 V1.2.1 (2015-09)12 5.2.3 Check Signature ECC point type TP Id TP_SEC_ITSS_SND_
33、MSG_05_01_BV Summary Check that the SecuredMessage signature contains the ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only Reference ETSI TS 103 097 1, clause 4.2.9 PICS Selection PICS_GN_SECURITY Expected behaviour with the IUT being in the authorized stat
34、e ensure that when the IUT is requested to send a CAM then the IUT sends a SecuredMessage containing header_fields its_aid containing its_aid indicating AID_CAM and containing trailer_fieldssignature containing signature.ecdsa_signature containing R.type indicating compressed_lsb_y_0 or indicating c
35、ompressed_lsb_y_1 or indicating x_coordinate_only 5.2.4 CAM profile 5.2.4.1 Check header fields TP Id TP_SEC_ITSS_SND_CAM_02_01_BV Summary Check that the secured CAM contains exactly one element of these header fields: signer_info, generation_time, its_aid Check that the header fields are in the asc
36、ending order according to the numbering of the enumeration except of the signer_info, which is encoded first Check that generation_time_standard_deviation, expiration, encryption_parameters, recipient_info are not used Reference ETSI TS 103 097 1, clause 7.1 PICS Selection PICS_GN_SECURITY Expected
37、behaviour with the IUT being in the authorized state ensure that when the IUT is requested to send a CAM then the IUT sends a SecuredMessage containing header_fields0 containing type indicating signer_info and containing header_fields n.type indicating value = TIME_LAST + 1sec) TP Id TP_SEC_ITSS_SND
38、_CAM_05_02_BV Summary Check that the secured CAM contains the signer_info field of certificate when the timeout of one second has been expired after the previous CAM containing the certificate Reference ETSI TS 103 097 1, clause 7.1 PICS Selection PICS_GN_SECURITY Expected behaviour with the IUT bei
39、ng in the authorized state and the IUT is configured to send more than one CAM per second and the IUT having sent a CAM containing header_fieldssigner_info.signer.type indicating certificate at TIME_1 ensure that when the IUT is requested to send next CAM right after 1 second after the TIME_1 then t
40、he IUT sends a SecuredMessage containing header_fieldsits_aid indicating AID_CAM containing header_fields signer_info containing signer containing type indicating certificate containing certificate ETSI ETSI TS 103 096-2 V1.2.1 (2015-09)14 5.2.4.3 Check that IUT sends cert to unknown ITS-S TP Id TP_
41、SEC_ITSS_SND_CAM_06_01_BV Summary Check that ITS-S sends a Secured CAM containing the signer_info of type certificate when the ITS-S received a CAM from an unknown ITS-S Reference ETSI TS 103 097 1, clause 7.1 PICS Selection PICS_GN_SECURITY Expected behaviour with the IUT being in the authorized st
42、ate and the IUT is configured to send more than one CAM per second and the IUT having already sent CAM at TIME_1 containing header_fieldssigner_info.signer.type indicating certificate and the IUT having received a SecuredMessage at TIME_2 (TIME_1 TIME_2) containing header_fieldssigner_info.signer.ty
43、pe indicating certificate ensure that when the IUT is sending the next CAM at TIME_4 containing header_fieldssigner_info.signer.type indicating certificate then the difference between TIME_4 and TIME_3 is about of 1sec ETSI ETSI TS 103 096-2 V1.2.1 (2015-09)16 5.2.4.5 Check that IUT sends certificat
44、e when requested TP Id TP_SEC_ITSS_SND_CAM_08_01_BV Summary Check that the IUT sends the Secured CAM containing the signer_info of type certificate when it received a CAM containing a request of unrecognized certificate that matches with the currently used AT certificate ID of the IUT Reference ETSI
45、 TS 103 097 1, clause 7.1 PICS Selection PICS_GN_SECURITY Expected behaviour with the IUT being in the authorized state and the IUT is configured to send more than one CAM per second and the IUT having already sent CAM at TIME_1 containing header_fieldssigner_info.signer.type indicating certificate
46、and the IUT having received a SecuredMessage at TIME_2 (TIME_1 TIME_1 containing its_aid indicating AID_CAM 5.2.4.8 Check secured CAM its_aid value TP Id TP_SEC_ITSS_SND_CAM_11_01_BV Summary Check that the sent Secured CAM contains exactly one HeaderField its_aid that is set to AID_CAM Reference ETS
47、I TS 103 097 1, clauses 5.4 and 7.1 PICS Selection PICS_GN_SECURITY Expected behaviour with the IUT being in the authorized state ensure that when the IUT is requested to send CAM then the IUT sends a SecuredMessage containing header_fields its_aid containing its_aid indicating AID_CAM ETSI ETSI TS
48、103 096-2 V1.2.1 (2015-09)19 5.2.4.9 Check sending certificate request to unknown station TP Id TP_SEC_ITSS_SND_CAM_12_01_BV Summary Check that the IUT sends certificate request when it receives a message from unknown station Reference ETSI TS 103 097 1, clause 7.1 PICS Selection PICS_GN_SECURITY Expected behaviour with the IUT being in the authorized state and the IUT has receiving a SecuredMessage containing header_fieldssigner_info.signer containing type indicating certificate_digest_with_sha256 contain