1、NEMA Standards PublicationNational Electrical Manufacturers AssociationNEMA EVSE 1.2-2015EV Charging NetworkInteroperability StandardsPart 2: A Contactless RFID Credential for Authentication (UR Interface)NEMA Standards Publication EVSE 1.2-2015 EV Charging Network Interoperability Standards Part 2:
2、 A Contactless RFID Credential for Authentication (UR Interface) Published by National Electrical Manufacturers Association 1300 North 17th Street, Suite 900 Rosslyn, Virginia 22209 www.nema.org 2015 National Electrical Manufacturers Association. All rights, including translation into other language
3、s, reserved under the Universal Copyright Convention, the Berne Convention for the Protection of Literacy and Artistic Works, and the International and Pan American copyright conventions. 2015 National Electrical Manufacturers Association NOTICE AND DISCLAIMER The information in this publication was
4、 considered technically sound by the consensus of persons engaged in the development and approval of the document at the time it was developed. Consensus does not necessarily mean that there is unanimous agreement among every person participating in the development of this document. NEMA standards a
5、nd guideline publications, of which the document contained herein is one, are developed through a voluntary consensus standards development process. This process brings together volunteers and/or seeks out the views of persons who have an interest in the topic covered by this publication. While NEMA
6、 administers the process and establishes rules to promote fairness in the development of consensus, it does not write the document and it does not independently test, evaluate, or verify the accuracy or completeness of any information or the soundness of any judgments contained in its standards and
7、guideline publications. NEMA disclaims liability for any personal injury, property, or other damages of any nature whatsoever, whether special, indirect, consequential, or compensatory, directly or indirectly resulting from the publication, use of, application, or reliance on this document. NEMA dis
8、claims and makes no guaranty or warranty, expressed or implied, as to the accuracy or completeness of any information published herein, and disclaims and makes no warranty that the information in this document will fulfill any of your particular purposes or needs. NEMA does not undertake to guarante
9、e the performance of any individual manufacturer or sellers products or services by virtue of this standard or guide. In publishing and making this document available, NEMA is not undertaking to render professional or other services for or on behalf of any person or entity, nor is NEMA undertaking t
10、o perform any duty owed by any person or entity to someone else. Anyone using this document should rely on his or her own independent judgment or, as appropriate, seek the advice of a competent professional in determining the exercise of reasonable care in any given circumstances. Information and ot
11、her standards on the topic covered by this publication may be available from other sources, which the user may wish to consult for additional views or information not covered by this publication. NEMA has no power, nor does it undertake to police or enforce compliance with the contents of this docum
12、ent. NEMA does not certify, test, or inspect products, designs, or installations for safety or health purposes. Any certification or other statement of compliance with any health- or safety-related information in this document shall not be attributable to NEMA and is solely the responsibility of the
13、 certifier or maker of the statement. NEMA EVSE 1.2-2015 Page i 2015 National Electrical Manufacturers Association Foreword This standard was developed in accordance to the procedures of the NEMA Standards Committee. It is a product of the NEMA 5EVSE Network Interoperability Working Group, which was
14、 formed to address the topic of service interoperability and roaming among different Electric Vehicle (EV) charging networks. The primary goal of this standard (and the companion standards in this series) is to give EV drivers the ability to receive services on EV charging infrastructure different t
15、han their chosen affiliation, and among those networks that have agreed to interwork their networks and services. This standard is a result of input from various stakeholders, including EV driver communities, governmental/regulatory bodies, standards development organizations, EV charging network se
16、rvice providers, and EV Charging Station (EVCS) manufacturers. Open and standardized access to EV charging services are seen as high priority initiatives for the EV industry. Through the adoption of standardized directories, credentials, charging session data exchange, and the ability to establish c
17、harging sessions across different EV charging networks, EV drivers will be able to find and receive charging services on any EV charging network that participates in service roaming with the EV charging provider to which the EV drivers are affiliated. With standards in place, EV charging services sp
18、anning different operators and geographical areas can be interconnected into an integrated service fabric for EV drivers. An integrated service fabric has benefits of providing broader and more available service coverage, improving the utilization of EV charging infrastructure, and reducing the pote
19、ntial for stranded electric vehicles and under-utilized EVCS assets. All of these access and interconnection initiatives are seen as important factors in promoting EV adoption. The approach taken in this series of standards is to develop protocol enabling interconnection between EV charging networks
20、, together with a set of standards at the service interface between the EV driver, the EV, and the serving EVCS device. No attempt is made in this work to specify the protocols to be used within EV charging networks. Each constituent network remains free to adopt protocols and technology best suited
21、 to its own service goals, internal architecture, and business requirements. This approach respects the system, administrative, and organizational boundaries inherent in any diverse collection of independently operated networks, while allowing each network to innovate and provide consumer value. By
22、addressing interconnection at the network level rather than the device level, system scaling is greatly improved and interoperation is simplified by having a smaller number of hierarchically organized interconnection points. The authentication credential specified here is based on the IEC 62831 draf
23、t proposal originally submitted by BetterPlace, Inc., to the International Electrotechnical Commission (IEC). This standard incorporates elaborations and extensions to fit with the companion NEMA standards in this series. As the IEC 62831 proposal progresses through the IEC standardization process,
24、this NEMA standard will attempt to maintain alignment with it, with the eventual goal that the NEMA extensions be integrated into IEC 62831 in a compatible manner. Until such time as the IEC work is completed, this standard stands alone from and should be considered to be independent ofthe IEC 62831
25、 work. NEMA EVSE 1.2-2015 Page ii 2015 National Electrical Manufacturers Association Contents Foreword i Section 1 General . 1 1.1 SCOPE . 1 1.2 BACKGROUND 1 1.3 FIELD OF APPLICATION 2 1.4 COMPANION STANDARDS 4 1.5 RELATIONSHIP TO ISO/IEC 15118 AND OTHER RELATED STANDARDS . 5 Section 2 Normative Ref
26、erences . 6 Section 3 Definitions and Terminology 7 3.1 DEFINITIONS . 7 3.2 ABBREVIATIONS AND ACRONYMS 9 3.3 DOCUMENT CONVENTIONS . 10 Section 4 Architectural Model . 12 4.1 EV CHARGING NETWORK FUNCTIONAL ROLES . 12 4.2 EV CHARGING STATION TERMINOLOGY 13 4.3 SYSTEM REFERENCE MODEL 14 4.4 RELATIONSHI
27、P OF CDID, AUID, EVCSID, AND EVSEID IDENTIFIERS 17 Section 5 Overview of the Authentication Process . 19 5.1 CREDENTIAL-BASED AUTHENTICATION. 19 5.2 SERVICE AND TRANSACTION MODELS 20 5.3 FUNCTIONAL REQUIREMENTS 20 5.4 CHALLENGE-RESPONSE AUTHENTICATION MODEL 21 5.5 CRYPTOGRAM GENERATION AND VALIDATIO
28、N 22 5.6 CHALLENGE INPUT AND RESPONSE OUTPUT DATA OBJECTS 24 5.7 CREDENTIAL CLONING PREVENTION . 24 5.8 REPLAY ATTACK DETECTION 25 Section 6 Contactless Interface Operating Parameters 26 6.1 CREDENTIAL CONTAINER FORM FACTORS 28 6.2 SINGLE PICC IN READING ZONE 28 6.3 UNIQUE IDENTIFIER (UID) SIZES AND
29、 UNIQUENESS PROPERTY . 28 6.4 COMMAND CHAINING AND MAXIMUM APDU MESSAGE LENGTH . 28 6.5 SECURE MESSAGING AND LOGICAL CHANNELS 28 6.6 READER USER FEEDBACK . 29 Section 7 Authentication Data Objects . 30 7.1 PROTOCOL VERSION 30 7.2 AUTHENTICATION CREDENTIAL AND AUTHENTICATION DEVICE IDENTIFIERS . 30 7
30、.2.1 Domain NameBased CDID and AUID Format . 32 7.2.2 ISO/IEC 15118/eMI3Based CDID and AUID Format . 34 7.2.3 Organization Identifier Assignment Authority 36 7.2.4 CDID and AUID Format Interoperability Requirement 37 NEMA EVSE 1.2-2015 Page iii 2015 National Electrical Manufacturers Association 7.2.
31、5 CDID and AUID Assignment and Persistence Properties 37 7.2.6 Generating AuIdHash from AUID . 37 7.3 CREDENTIAL APPLICATION IDENTIFIER . 38 7.4 AUTHENTICATION DATA OBJECT DICTIONARY . 40 7.4.1 “SELECT” APDU Data Objects 42 7.4.2 “READ RECORD” APDU Data Objects 43 7.4.3 “PERFORM SECURITY OPERATION”
32、APDU Data Objects . 45 Section 8 Authentication Protocol 48 8.1 CREDENTIAL APPLICATION SELECTION OPERATION 49 8.1.1 “SELECT” Command-Response APDU Pair 50 8.1.2 “SELECT” Example Protocol Exchange . 51 8.2 STATIC DATA READ OPERATION . 52 8.2.1 “READ RECORD” Command-Response APDU Pair . 53 8.2.2 “READ
33、 RECORD” Example Protocol Exchange 54 8.3 CHALLENGE-RESPONSE OPERATION 55 8.3.1 “PERFORM SECURITY OPERATION” Command-Response APDU Pair 55 8.3.2 “PERFORM SECURITY OPERATION” Example Protocol Exchange . 57 8.4 RESPONSE APDU STATUS WORD VALUES . 58 Section 9 Authentication Validation Process 59 Sectio
34、n 10 References . 62 Annex A Implementation Recommendations (Informative) 63 Annex B XML Schema Definition for Authentication Data Transport (Informative) 65 Figures Figure 1-1 Credential Authentication in Multi-Operator EV Charging Networks 3 Figure 1-2 Interface Reference Points Addressed by Compa
35、nion Standards . 5 Figure 4-1 EVSP and EVCSO Terminology . 13 Figure 4-2 EV Charging Station System Model and Terminology . 14 Figure 4-3 System Reference Model (with Integrated Authentication Device) 15 Figure 4-4 System Reference Model (with Shared, Centralized Authentication Device) . 15 Figure 4
36、-5 Identifiers Associated with the Authentication Process 18 Figure 5-1 Challenge-Response Authentication Process 21 Figure 5-2 Cryptogram Generation Process 23 Figure 5-3 Cryptogram Validation Process 23 Figure 6-1 UR Protocol Stack . 26 Figure 6-2 PICC Devices, Credential Applets, and Reader Appli
37、cation 27 Figure 7-1 Common Part of URN Identifier Syntax 31 Figure 7-2 Domain NameBased CDID and AUID Format-Specific String Syntax . 33 Figure 7-3 ISO/IEC 15118/eMI3Based CDID and AUID Format-Specific String Syntax . 35 Figure 8-1 Credential Authentication Protocol . 49 Tables Table 6-1 ISO/IEC 14
38、443 Implementation Profiles . 27 Table 7-1 Authentication Data Object Summary 41 Table 7-2 “SELECT” APDU Data Objects 42 Table 7-3 “READ RECORD” APDU Data Objects 43 NEMA EVSE 1.2-2015 Page iv 2015 National Electrical Manufacturers Association Table 7-4 “PERFORM SECURITY OPERATION” APDU Data Objects
39、 . 45 Table 8-1 “SELECT” Command APDU 50 Table 8-2 “SELECT” Response APDU . 51 Table 8-3 “SELECT” Command APDU Example . 52 Table 8-4 “SELECT” Response APDU Example 52 Table 8-5 “READ RECORD” Command APDU 53 Table 8-6 “READ RECORD” Response APDU 54 Table 8-7 “READ RECORD” Command APDU Example . 54 T
40、able 8-8 “READ RECORD” Response APDU Example . 55 Table 8-9 “PERFORM SECURITY OPERATION” Command APDU . 56 Table 8-10 “PERFORM SECURITY OPERATION” Response APDU . 56 Table 8-11 “PERFORM SECURITY OPERATION” Command APDU Example 57 Table 8-12 “PERFORM SECURITY OPERATION” Response APDU Example 57 Table
41、 9-1 Summary of Data Objects Transmitted to the Credential Authenticator 60 NEMA EVSE 1.2-2015 Page 1 2015 National Electrical Manufacturers Association Section 1 GENERAL 1.1 SCOPE This standard describes a protocol for authenticating EV charging service requests using ISO/IEC 14443 contactless prox
42、imity Radio Frequency Identification (RFID)type credentials. Authentication provides assurance to the Electric Vehicle (EV) charging network that the EV driver is the correct authorized party incurring a financial or other obligation for the services to be rendered. Similarly, the EV driver can have
43、 confidence that transactions have not been authenticated using forged or fraudulent credentials. Authentication is also an important prerequisite in making access control decisions when other policy considerations need to be applied. The protocol specified in this standard enables secure and trusta
44、ble EV charging service transactions to take place for both the service provider and the service consumer. The method of EV driver authentication involves the use of an ISO/IEC 7816-4/5/8based challenge-response application layer protocol and ISO/IEC 14443 contactless communication. EV drivers (also
45、 referred to as users) can hold the contactless authentication credentials in proximity to EV charging stations to authenticate, authorize, and receive EV charging services. The authentication credentials can be implemented in wallet-sized cards, mobile phones, key-fob tokens, or other physical form
46、 factors. Contactless authentication devices compliant with this standard on EV charging stations interact with authentication credentials to obtain unique and verifiable challenge-response data ascribing to the authenticity of the credentials. The challenge-response data are then sent to and valida
47、ted by the credential authenticators in an online manner to confirm that the authentication credentials have not been impersonated (or otherwise compromised) and that the authentication credentials are in good standing (i.e., not declared lost or the associated account overdrawn). The authentication
48、 credential and protocol defined by this standard applies to intra-network operation, as well as operation across inter-networked, multi-operator EV charging networkswith the principal difference in the latter case that authentication takes place at the foreign EV charging network responsible for is
49、suing the credential, rather than at the local network. It is expected that participating networks will issue credentials compliant with this standard to enable their users to receive on-network and off-network EV charging services. By defining an industry standard authentication credential, service interoperability and roaming is made possible enabling EV drivers to receive charging and other services among compatible equipment and participating networks. In subsequent sections of this standard, the data objects and messages exchanged between the authentication credent