ANNEX I CU.K.Requirements for construction, testing, installation, and inspection
Appendix 11
COMMON SECURITY MECHANISMS U.K.
PART BU.K. SECOND-GENERATION TACHOGRAPH SYSTEM
13.SECURITY FOR REMOTE COMMUNICATION OVER DSRCU.K.
13.1. General U.K.
As specified in Appendix 14, a VU regularly generates Remote Tachograph Monitoring (RTM) data and sends this data to the (internal or external) Remote Communication Facility (RCF). The remote communication facility is responsible for sending this data over the DSRC interface described in Appendix 14 to the remote interrogator. Appendix 1 specifies that the RTM data is the concatenation of:
Encrypted tachograph payload
the encryption of the plaintext tachograph payload
DSRC security data
described below
The plaintext tachograph payload data format is specified in Appendix 1 and further described in Appendix 14. This section describes the structure of the DSRC security data; the formal specification is in Appendix 1.
CSM_223The plaintext data communicated by a VU to a Remote Communication Facility (if the RCF is external to the VU) or from the VU to a remote interrogator over the DSRC interface (if the RCF is internal in the VU) shall be protected in encrypt-then-authenticate mode, i.e. the tachograph payload data is encrypted first to ensure message confidentiality, and afterwards a MAC is calculated to ensure data authenticity and integrity.U.K.
CSM_224The DSRC security data shall consist of the concatenation of the following data elements in the following order; see also Figure 12:U.K.
Current date time
the current date and time of the VU (data type )
Counter
a 3-byte counter, see CSM_225
[VU serial number
the VU’s serial number or certificate request ID (data type VuSerialNumber or CertificateRequestID) – see CSM_123]
DSRC master key version number
the 1-byte version number of the DSRC master key from which the VU-specific DSRC keys were derived, see section 9.2.2.
MAC
the MAC calculated over all previous bytes in the RTM data.
CSM_225The 3-byte counter in the DSRC security data shall be in MSB-first format. The first time a VU calculates a set of RTM data after it is taken into production, it shall set the value of the counter to 0. The VU shall increase the value of the counter data by 1, each time before it calculates a next set of RTM data.U.K.