1、 I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n ITU-T H.830.3 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (04/2017) SERIES H: AUDIOVISUAL AND MULTIMEDIA SYSTEMS E-health multimedia services and applications Interoperability compliance testing of personal health systems (HR
2、N, PAN, LAN, TAN and WAN) Conformance of ITU-T H.810 personal health system: Services interface Part 3: SOAP/ATNA: Health Part 3: SOAP/ATNA. HFS Sender (Version 1.8, 2017-03-14), that was developed by the Personal Connected Health Alliance. A number of versions of this specification existed before t
3、ransposition. This Recommendation includes an electronic attachment with the protocol implementation conformance statements (PICS) and the protocol implementation extra information for testing (PIXIT) required for the implementation of Annex A. History Edition Recommendation Approval Study Group Uni
4、que ID* 1.0 ITU-T H.833 2015-01-13 16 11.1002/1000/12251 1.0 ITU-T H.830.3 2015-01-13 16 11.1002/1000/12589 2.0 ITU-T H.830.3 2016-07-14 16 11.1002/1000/12923 3.0 ITU-T H.830.3 2017-04-13 16 11.1002/1000/13203 Keywords Conformance testing, Continua Design Guidelines, e-health, ITU-T H.810, personal
5、connected health devices, Services interface, SOAP/ATNA: Health Part 3: SOAP/ATNA. HFS Sender (Version 1.8, 2017-03-14), that was developed by the Personal Connected Health Alliance. The table below shows the revision history of this test specification; it may contain versions that existed before tr
6、ansposition. Version Date Revision history 1.3 2012-10-05 Initial release for Test Tool DG2011. It uses “TSS users of this Recommendation are therefore encouraged to investigate the possibility of applying the most recent edition of the Recommendations and other references listed below. A list of th
7、e currently valid ITU-T Recommendations is regularly published. The reference to a document within this Recommendation does not give it, as a stand-alone document, the status of a Recommendation. ITU-T H.810 (2016) Recommendation ITU-T H.810 (2016), Interoperability design guidelines for personal he
8、alth systems. ITU-T H.812 Recommendation ITU-T H.812 (2016), Interoperability design guidelines for personal health systems: Services interface: Common certified capability class. _ 1 This Recommendation includes an electronic attachment with the protocol implementation conformance statements (PICS)
9、 and the protocol implementation extra information for testing (PIXIT) required for the implementation of Annex A 2 Rec. ITU-T H.830.3 (04/2017) ITU-T H.812.1 Recommendation ITU-T H.812.1 (2016), Interoperability design guidelines for personal health systems: Services interface: Observation upload c
10、ertified capability class. ITU-T H.812.2 Recommendation ITU-T H.812.2 (2016), Interoperability design guidelines for personal health systems: Services interface: Questionnaires certified capability class. ITU-T H.812.3 Recommendation ITU-T H.812.3 (2016), Interoperability design guidelines for perso
11、nal health systems: Services interface: Capability exchange certified capability class. ITU-T H.812.4 Recommendation ITU-T H.812.4 (2016), Interoperability design guidelines for personal health systems: Services interface: Authenticated persistent session certified capability class. IETF RFC 3195 IE
12、TF RFC 3195 (2001), Reliable Delivery for syslog. https:/datatracker.ietf.org/doc/rfc3195 IETF RFC 3881 IETF RFC 3881 (2004), Security Audit and Access Accountability Message XML Data Definitions for Healthcare Applications. https:/datatracker.ietf.org/doc/rfc3881 IHE ITI TF-2 IHE ITI TF 2 (2010), I
13、HE IT Infrastructure Technical Framework, Volume 2 (ITI TF-2), Revision 7.0. It comprises three sub-volumes: 2a (Transactions Part A), 2b (Transactions Part B) and 2x (Appendices). http:/ http:/ http:/ 3 Definitions 3.1 Terms defined elsewhere None. 3.2 Terms defined in this Recommendation None. 4 A
14、bbreviations and acronyms This Recommendation uses the following abbreviations and acronyms: ATNA Audit Trail and Node Authentication ATS Abstract Test Suite DUT Device Under Test CDG Continua Design Guidelines CGM Continuous Glucose Monitor GUI Graphical User Interface HFS Health M IHE-WSA102; M Te
15、st purpose Check that: All elements shall have the mustUnderstand attribute set (mustUnderstand=1) AND The element of the initiating message shall be present and shall have the mustUnderstand attribute set (mustUnderstand=1). Applicability C_SEN_000 AND C_SEN_GEN_003 Other PICS Initial condition The
16、 simulated HFS receiver has published a WebService that allows a TLS v1.0 connection and supports SAML 2.0 as an authentication token only and the HFS sender under test is ready to send a SOAP message. Test procedure 1. The HFS sender under test sends a SOAP message to the HFS receiver using address
17、ing header blocks. 2. Check that: All elements have the mustUnderstand attribute set (mustUnderstand=1 ir true). The element of the initiating message shall be present and shall have the mustUnderstand attribute set (mustUnderstand=1). Pass/Fail criteria All elements are as specified in step 2. Note
18、s A.3 Subgroup 1.3.1: ATNA general (GEN) TP Id TP/HFS/SEN/ATNA/GEN/BV-006 TP label Reliable Syslog ATNA Actor behaviour Coverage Spec IHE ITI TF-2 Testable items Audit_MT-1; M Test purpose Check that: If Audit Record repository is not available, the HFS actor shall store the Audit Record in a local
19、buffer until the Audit Record Repository is available again Applicability C_SEN_000 AND C_SEN_GEN_001 AND C_SEN_ATNA_001 Other PICS C_SEN_GEN_003, C_SEN_GEN_004 Initial condition The simulated HFS receiver has a WebService enabled for PCD-01 message reception; if needed, another WebService is enable
20、d for consent document reception; the simulated audit repository with reliable syslog transport is intentionally disabled; and the HFS sender under test is shutdown. 10 Rec. ITU-T H.830.3 (04/2017) Test procedure 1. The HFS sender application under test is started and it sends the corresponding audi
21、t record message to the audit repository. Since the simulated audit repository receiver is disabled, the message will not be delivered. 2. Wait for one minute. 3. The test tool starts the simulated audit repository. 4. Force the HFS sender under test to send a SOAP message (PCD-01 message, consent d
22、ocument or both). 5. The test tool receives the SOAP messages and the audit record messages sent by HFS sender under test. Pass/Fail criteria At least 2 audit record messages must be received by the simulated audit repository, one for the HFS sender start action (step 1) and another for the SOAP mes
23、sage sent in step 4. There is at least one audit record with attribute “code“ of the element EventID set to “110106“ (PHI-export) and the EventDateTime attribute of the EventIdentification element is set to the expedition time of the SOAP message sent in step 4. There is one audit record with attrib
24、ute “code“ of the element EventID set to “110120“ (start action) and the EventDateTime attribute of the EventIdentification element is set to at least one minute before the expedition time of the SOAP message sent in step 4. Notes In step 4 the way to force the WAN sender to send the pendant audit r
25、ecord that was not delivered in step 1, depends on the vendor implementation. A typical strategy could be to send another WAN message and its corresponding ATNA record. In this way, when the HFS sender under test sends the ATNA record PHI-export then it would send the pendant audit record along with
26、 the newer one. A.4 Subgroup 1.3.2: ATNA PCD-01 (PCD-01) TP Id TP/HFS/SEN/ATNA/PCD-01/BV-000 TP label PCD-01 Reliable Syslog ATNA Actor Start Coverage Spec IHE ITI TF-2 Testable items AuditMess-2; R AuditMess-3; M ActTrans-8; O ActTrans-6; O ATNA_IP-2; O ATNA_PF-1; M ChainTrust-2; M DirectCert-1; M
27、DirectCert-2; M DirectCert-3; M Trigg_Event-1; M Audit_RF-1; M Rel_Syslog-1; M Rel_Syslog-2; M Spec ITU-T H.812 Testable items SecGuidelines 3; O Spec IETF RFC 3881 Testable items SAAAM-DD-01; M SAAAM-DD-02; O SAAAM-DD-03; M SAAAM-DD-04; M SAAAM-DD-05; O SAAAM-DD-06; M SAAAM-DD-07; O SAAAM-DD-08; O
28、SAAAM-DD-09; O SAAAM-DD-10; O SAAAM-DD-11; O SAAAM-DD-12; O SAAAM-DD-13; O SAAAM-DD-14; M SAAAM-DD-15; O Rec. ITU-T H.830.3 (04/2017) 11 SAAAM-DD-16; O SAAAM-DD-17; O SAAAM-DD-18; O SAAAM-DD-19; M SAAAM-DD-20; O SAAAM-DD-21; M Test purpose Check that: When SUT starts the application then audit log s
29、tart message is received from the SUT and it is conformant to the ATNA specifications Applicability C_SEN_000 AND C_SEN_GEN_001 AND C_SEN_ATNA_001 Other PICS C_SEN_GEN_003, C_SEN_GEN_004 Initial condition The simulated HFS receiver has a WebService enabled for PCD-01 message reception and a simulate
30、d audit repository with reliable syslog transport is running. The WAN sender under test is shutdown. Test procedure 1. The WAN sender application under test is started and it sends the corresponding audit record message to the audit repository. 2. The audit repository receives the audit record messa
31、ge and verifies that: a. TLS is used and the encryption suite is TLS_RSA_WITH_AES_128_CBC_SHA b. It conforms to reliable syslogs cooked profile IETF RFC 3195 Pass/Fail criteria The ATNA XML log file conforms to the IETF RFC 3881 schema included in Annex B. In the audit record, the attribute “code“ o
32、f the element EventID is set to “110120“ and the attribute “displayName“ of the EventTypeCode element is set to “Communicate PCD Data“. The received audit message conforms to the reliable syslogs cooked profile IETF RFC 3195. Notes TP Id TP/HFS/SEN/ATNA/PCD-01/BV-001 TP label PCD-01 BSD Syslog ATNA
33、Actor Start Coverage Spec IHE ITI TF-2 Testable items AuditMess-2; R AuditMess-3; M ActTrans-8; O ActTrans-6; O ATNA_IP-2; O ATNA_PF-1; M ChainTrust-2; M DirectCert-1; M DirectCert-2; M DirectCert-3; M Trigg_Event-1; M Audit_RF-1; M BSD_Syslog-1; O BSD_Syslog-2; M BSD_Syslog-3; M BSD_Syslog-4; M BSD
34、Syslog-5; R BSD_Syslog-6; O Spec ITU-T H.812 Testable items SecGuidelines 3; O Spec IETF RFC 3881 Testable items SAAAM-DD-01; M SAAAM-DD-02; O SAAAM-DD-03; M SAAAM-DD-04; M SAAAM-DD-05; O SAAAM-DD-06; M 12 Rec. ITU-T H.830.3 (04/2017) SAAAM-DD-07; O SAAAM-DD-08; O SAAAM-DD-09; O SAAAM-DD-10; O SAAA
35、M-DD-11; O SAAAM-DD-12; O SAAAM-DD-13; O SAAAM-DD-14; M SAAAM-DD-15; O SAAAM-DD-16; O SAAAM-DD-17; O SAAAM-DD-18; O SAAAM-DD-19; M SAAAM-DD-20; O SAAAM-DD-21; M Test purpose Check that: When SUT starts the application then audit log start message is received from the SUT and it is conformant to the
36、ATNA specifications Applicability C_SEN_000 AND C_SEN_GEN_001 AND C_SEN_ATNA_002 Other PICS C_SEN_GEN_003, C_SEN_GEN_004 Initial condition The simulated HFS receiver has a WebService enabled for PCD-01 message reception and a simulated audit repository with BSD syslog transport is running. The HFS s
37、ender under test is shutdown. Test procedure 1. The HFS sender application under test is started and it sends the corresponding audit record message to the audit repository. 2. The audit repository receives the audit record message and verifies that it conforms to BSD syslog b-IETF RFC 3164. Pass/Fa
38、il criteria The ATNA XML log file conforms to the IETF RFC 3881 schema included in Annex B. In the audit record, the attribute “code“ of the element EventID is set to “110120“ and the attribute “displayName“ of the EventTypeCode element is set to “Communicate PCD Data“. The received audit message co
39、nforms to BSD syslog b-IETF RFC 3164. Notes TP Id TP/HFS/SEN/ATNA/PCD-01/BV-002 TP label PCD-01 Reliable Syslog ATNA Actor PHI-export Coverage Spec IHE ITI TF-2 Testable items AuditMess-2; R AuditMess-3; M ActTrans-8; O ActTrans-6; O ATNA_IP-2; O ATNA_PF-1; M ChainTrust-2; M DirectCert-1; M DirectCe
40、rt-2; M DirectCert-3; M Trigg_Event-15; M Audit_RF-1; M Rel_Syslog-1; M Rel_Syslog-2; M Spec ITU-T H.812 Testable items SecGuidelines 3; O Spec IETF RFC 3881 Testable items SAAAM-DD-01; M SAAAM-DD-02; O SAAAM-DD-03; M SAAAM-DD-04; M SAAAM-DD-05; O SAAAM-DD-06; M Rec. ITU-T H.830.3 (04/2017) 13 SAAAM
41、DD-07; O SAAAM-DD-08; O SAAAM-DD-09; O SAAAM-DD-10; O SAAAM-DD-11; O SAAAM-DD-12; O SAAAM-DD-13; O SAAAM-DD-14; M SAAAM-DD-15; O SAAAM-DD-16; O SAAAM-DD-17; O SAAAM-DD-18; O SAAAM-DD-19; M SAAAM-DD-20; O SAAAM-DD-21; M Test purpose Check that: When SUT sends a PCD-01 ORU message, then an audit log
42、PHI-export message is received from the SUT and it is conformant to the ATNA specifications Applicability C_SEN_000 AND C_SEN_GEN_001 AND C_SEN_ATNA_001 Other PICS C_SEN_GEN_003, C_SEN_GEN_004 Initial condition The simulated HFS receiver has a WebService enabled for PCD-01 message reception and a si
43、mulated audit repository with reliable syslog transport is running. The HFS sender under test has a PCD-01 message ready to be sent. Test procedure 1. The HFS sender application under test sends a PCD-01 message to the simulated HFS receiver and the corresponding audit record message to the audit re
44、pository. 2. The simulated HFS receiver receives the PCD-01 message. 3. The audit repository receives the audit record message and verifies that: a. TLS is used and the encryption suite is TLS_RSA_WITH_AES_128_CBC_SHA b. It conforms to the reliable syslogs cooked profile IETF RFC 3195 Pass/Fail crit
45、eria The ATNA XML log file conforms to the IETF RFC 3881 schema included in Annex B. In the audit record, the attribute “code“ of the element EventID is set to “110106“ and the attribute “displayName“ of the EventTypeCode element is set to “Communicate PCD Data“. In the audit record, the value of th
46、e attribute EventDateTime of the element EventIdentification is inside a one minute interval of the Date and Time indicated in the MSH-7 field of the received PCD-01 message. The received audit message conforms to the reliable syslogs cooked profile IETF RFC 3195. Notes TP Id TP/HFS/SEN/ATNA/PCD-01/
47、BV-003 TP label PCD-01 BSD Syslog ATNA Actor PHI-export Coverage Spec IHE ITI TF-2 Testable items AuditMess-2; R AuditMess-3; M ActTrans-8; O ActTrans-6; O ATNA_IP-2; O ATNA_PF-1; M ChainTrust-2; M DirectCert-1; M DirectCert-2; M DirectCert-3; M Trigg_Event-15; M Audit_RF-1; M BSD_Syslog-1; O BSD_Sy
48、slog-2; M BSD_Syslog-3; M BSD_Syslog-4; M BSD_Syslog-5; R BSD_Syslog-6; O 14 Rec. ITU-T H.830.3 (04/2017) Spec ITU-T H.812 Testable items SecGuidelines 3; O Spec IETF RFC 3881 Testable items SAAAM-DD-01; M SAAAM-DD-02; O SAAAM-DD-03; M SAAAM-DD-04; M SAAAM-DD-05; O SAAAM-DD-06; M SAAAM-DD-07; O SAAAM-DD-08; O SAAAM-DD-09; O SAAAM-DD-10; O SAAAM-DD-11; O SAAAM-DD-12; O SAAAM-DD-13; O SAAAM-DD-14; M SAAAM-DD-15; O SAAAM-DD-16; O SAAAM-DD-17; O SAAAM-DD-18; O SAAAM-DD-19; M SAAAM-DD-20; O SAAAM-DD-21; M Test pu
