Commission Implementing Regulation (EU) 2016/799 of 18 March 2016 implementing Regulation (EU) No 165/2014 of the European Parliament and of the Council laying down the requirements for the construction, testing, installation, operation and repair of tachographs and their components (Text with EEA relevance) (c. 799)

Please note that the date you requested in the address for this web page is not an actual date upon which a change occurred to this item of legislation. You are being shown the legislation from , which is the first date before then upon which a change was made.

ANNEX I CU.K. Requirements for construction, testing, installation, and inspection

Appendix 12

POSITIONING BASED ON GLOBAL NAVIGATION SATELLITE SYSTEM (GNSS) U.K.

4.VEHICLE UNIT WITH AN EXTERNAL GNSS FACILITYU.K.

4.2. Communication between the external GNSS facility and the vehicle unit U.K.

4.2.1 Communication Protocol U.K.

GNS_14The communication protocol between the external GNSS facility and the vehicle unit shall support three functions:U.K.

The collection and distribution of GNSS data (e.g., position, timing, speed),

The collection of the configuration data of the external GNSS facility,

The management protocol to support the coupling, mutual authentication and session key agreement between the external GNSS facility and the VU.

GNS_15The communication protocol shall be based on standard ISO/IEC 7816-4:2013 with the VU Secure Transceiver playing the master role and the GNSS Secure Transceiver playing the slave role. The physical connection between the external GNSS facility and the vehicule unit is based on ISO/IEC 7816-12:2005 or another standard able to support ISO/IEC 7816-4:2013U.K.

[F1GNS_16 In the communication protocol, extended length fields shall not be supported.] U.K.

Textual Amendments

F1 Substituted by Commission Implementing Regulation (EU) 2018/502 of 28 February 2018 amending Implementing Regulation (EU) 2016/799 laying down the requirements for the construction, testing, installation, operation and repair of tachographs and their components (Text with EEA relevance).

GNS_17The communication protocol of ISO 7816 (both -4:2013 and -12:2005) between the external GNSS facility and the VU shall be set to T = 1.U.K.

[F1GNS_18 Regarding the functions 1) the collection and distribution of GNSS data and 2) the collection of the configuration data of the external GNSS facility and 3) management protocol, the GNSS Secure Transceiver shall simulate a smart card with a file system architecture composed by a Master File (MF), a Dedicated File (DF) with Application Identifier specified in Appendix 1 chapter 6.2 ( ‘ FF 44 54 45 47 4D ’ ) and with 3 EFs containing certificates and one single Elementary File (EF.EGF) with file identifier equal to ‘ 2F2F ’ as described in Table 1.] U.K.

GNS_19The GNSS Secure Transceiver shall store the data coming from the GNSS receiver and the configuration in the EF.EGF. This is a linear, variable-length record file with an identifier equal to ‘2F2F’ in hexadecimal format.U.K.

[F1GNS_20 The GNSS Secure Transceiver shall use a memory to store the data and be able to perform at least 20 millions write/read cycles. Apart from this aspect, the internal design and implementation of the GNSS Secure Transceiver is left to the manufacturers. U.K.

The mapping of record numbers and data is provided in Table 1. Note that there are five GSA sentences for the GNSS constellations and Satellite-Based Augmentation System (SBAS).]

GNS_21The file structure is provided in Table 1. For the access conditions (ALW, NEV, SM-MAC) see Appendix 2 chapter 3.5.U.K.

		Access conditions
Table 1
File Structure
File	File ID	Read	Update	Encrypted
MF	3F00
EF.ICC	0002	ALW	NEV (by VU)	No
DF GNSS Facility	0501	ALW	NEV	No
EF EGF_MACertificate	C100	ALW	NEV	No
EF CA_Certificate	C108	ALW	NEV	No
EF Link_Certificate	C109	ALW	NEV	No
EF.EGF	2F2F	SM-MAC	NEV (by VU)	No

File / Data element	Record no	Size (bytes)		Default values
		Min	Max
MF		552	1 031
EF.ICC
sensorGNSSSerialNumber		8	8

DF GNSS Facility		612	1 023
EF EGF_MACertificate		204	341
EGFCertificate		204	341	{00..00}
EF CA_Certificate		204	341
MemberStateCertificate		204	341	{00..00}
EF Link_Certificate		204	341
LinkCertificate		204	341	{00..00}

EF.EGF
RMC NMEA Sentence	‘01’	85	85
1st GSA NMEA Sentence	‘02’	85	85
2nd GSA NMEA Sentence	‘03’	85	85
3rd GSA NMEA Sentence	‘04’	85	85
4th GSA NMEA Sentence	‘05’	85	85
5th GSA NMEA Sentence	‘06’	85	85
Extended serial-number of the external GNSS facility defined in Appendix 1 as SensorGNSSSerialNumber.	‘07’	8	8
Operating system identifier of the GNSS Secure Transceiver defined in Appendix 1 as SensorOSIdentifier.	‘08’	2	2
Type approval number of the external GNSS facility defined in Appendix 1 as SensorExternalGNSSApprovalNumber.	‘09’	16	16
Identifier of the security component of the external GNSS facility defined in Appendix 1 as SensorExternalGNSSSCIdentifier	‘10’	8	8
RFU — Reserved for Future Use	From ‘11’ to ‘FD’

4.2.2 Secure transfer of GNSS data U.K.

GNS_22The secure transfer of GNSS position data shall be allowed only in the following conditions:U.K.

The coupling process has been completed as described in Appendix 11. Common security mechanisms.

The periodic mutual authentication and session key agreement between the VU and the external GNSS facility also described in Appendix 11. Common security mechanisms has been executed with the indicated frequency.

GNS_23Every T seconds, where T is a value lower or equal to 10, unless coupling or mutual authentication and session key agreement takes place, the VU requests from the external GNSS facility the position information on the basis of the following flow:U.K.

The VU requests location data from the External GNSS facility together with Dilution of Precision data (from the GSA NMEA sentence). The VU Secure Transceiver shall use the ISO/IEC 7816-4:2013 SELECT and READ RECORD(S) command in secure messaging authentication-only mode as described in Appendix 11 section 11.5 with the file identifier ‘2F2F’ and RECORD number equal to ‘01’ for RMC NMEA sentence and ‘02’,‘03’,‘04’,‘05’,‘06’ for GSA NMEA sentence.

The last location data received is stored in the EF with identifier ‘2F2F’ and the records described in Table 1 in the GNSS secure transceiver as the GNSS secure transceiver receives NMEA data with a frequency of at least 1 Hz from the GNSS receiver through the GNSS data interface.

The GNSS Secure Transceiver sends the response to the VU Secure Transceiver by using the APDU response message in secure messaging authentication-only mode as described in Appendix 11 section 11.5.

The VU Secure Transceiver checks the authenticity and integrity of the received response. In case of positive outcome, the location data is transferred to the VU processor through the GNSS data interface.

[F1The VU processor checks the received data extracting the information (e.g., latitude, longitude, time) from the RMC NMEA sentence. The RMC NMEA sentence includes the information if the position is valid. If the position is not valid, the location data is not available yet and it cannot be used to record the position of the vehicle. If the position is valid, the VU processor also extracts the values of HDOP from GSA NMEA sentences and calculate the minimum value on the available satellite systems (i.e., when the fix is available).]

The VU processor stores the received and processed information such as latitude, longitude, time and speed in the VU in the format defined in Appendix 1 Data Dictionary as GeoCoordinates together with the value of HDOP calculated as the minimum of the HDOP values collected on the available GNSS systems.

4.2.3 Structure of the Read Record command U.K.

This section describes in detail the structure of the Read Record command. Secure messaging (authentication-only mode) is added as described in Appendix 11 Common security mechanisms.

GNS_24The command shall support the Secure Messaging authentication-only-mode, see Appendix 11.U.K.

GNS_25Command MessageU.K.

Byte	Length	Value	Description
CLA	1	‘0Ch’	Secure messaging asked.
INS	1	‘B2h’	Read Record
P1	1	‘XXh’	Record number (‘00’ references the current record)
P2	1	‘04h’	Read the record with the record number indicated in P1
Le	1	‘XXh’	Length of data expected. Number of Bytes to be read.

GNS_26The record referenced in P1 becomes the current record.U.K.

Byte	Length	Value	Description
#1-#X	X	‘XX..XXh’	Data read
SW	2	‘XXXXh’	Status Words (SW1,SW2)

If the command is successful, the GNSS secure transceiver returns ‘9000’.
If the current file is not record oriented, the GNSS secure transceiver returns ‘6981’.
If the command is used with P1 = ‘00’ but there is no current EF the GNSS secure transceiver returns ‘6986’ (command not allowed).
If the record is not found, the GNSS secure transceiver returns ‘6A 83’.
If the external GNSS facility has detected tampering, it shall return status words ‘66 90’.

GNS_27The GNSS Secure Transceiver shall support the following tachograph generation 2 commands specified in Appendix 2:U.K.

Command	Reference
Select	Appendix 2 chapter 3.5.1
Read Binary	Appendix 2 chapter 3.5.2
Get Challenge	Appendix 2 chapter 3.5.4
PSO: Verify Certificate	Appendix 2 chapter 3.5.7
External Authenticate	Appendix 2 chapter 3.5.9
General Authenticate	Appendix 2 chapter 3.5.10
MSE:SET	Appendix 2 chapter 3.5.11