INTRODUCTION 1.DEFINITIONS 2.GENERAL CHARACTERISTICS AND FUNCTIONS OF THE RECORDING EQUIPMENT 2.1General characteristics (1)The recording equipment includes cables, a motion sensor, and a...(2)The interface between motion sensors and vehicle units shall comply...(3)The vehicle unit shall be connected to global navigation satellite...(4)The vehicle unit shall communicate with remote early detection communication...(5)The vehicle unit may include an ITS interface, which is...(6)Any inclusion in or connection to the recording equipment of...(7)The recording equipment provides selective access rights to data and...2.2Functions (8)The recording equipment shall ensure the following functions: 2.3Modes of operation (9)The recording equipment shall possess four modes of operation: (10)The recording equipment shall switch to the following mode of...(11)The recording equipment shall ignore non-valid cards inserted, except displaying,...(12)All functions listed in 2.2. shall work in any mode...(13)The recording equipment can output any data to display, printer...2.4Security (14)In order to achieve the system security, the following components...3.CONSTRUCTION AND FUNCTIONAL REQUIREMENTS FOR RECORDING EQUIPMENT 3.1Monitoring cards insertion and withdrawal (15)The recording equipment shall monitor the card interface devices to...(16)Upon card insertion the recording equipment shall detect whether the...(17)First generation tachograph cards shall be considered as non-valid by...(18)First generation workshop cards which are inserted in the second...(19)The recording equipment shall be so designed that the tachograph...(20)The release of tachograph cards may function only when the...3.2Speed, position and distance measurement (21)The motion sensor (possibly embedded in the adaptor) is the...(22)This function shall continuously measure and be able to provide...(23)This function shall continuously measure and be able to provide...(24)The speed measurement function shall also provide the information whether...(25)Devices displaying speed (speedometer) and total distance travelled (odometer) installed...(26)To detect manipulation of motion data, information from the motion...(27)This function shall measure the position of the vehicle in...3.2.1Measurement of distance travelled (28)The distance travelled may be measured either: (29)The recording equipment shall measure distance from 0 to 9...(30)Distance measured shall be within the following tolerances (distances of...(31)Distance measured shall have a resolution better than or equal...3.2.2Measurement of speed (32)The recording equipment shall measure speed from 0 to 220 km/h....(33)To ensure a maximum tolerance on speed displayed of ±...(34)The speed shall be measured correctly within the normal tolerances...(35)Speed measurement shall have a resolution better than or equal...3.2.3Measurement of position (36)The recording equipment shall measure the absolute position of the...(37)The absolute position is measured in geographical coordinates of latitude...3.3Time measurement (38)The time measurement function shall measure permanently and digitally provide...(39)UTC date and time shall be used for dating data...(40)In order to visualise the local time, it shall be...(41)Time drift shall be within ± 2 seconds per day...(42)Time measured shall have a resolution better than or equal...(43)Time measurement shall not be affected by an external power...3.4Monitoring driver activities (44)This function shall permanently and separately monitor the activities of...(45)Driver activity shall be DRIVING, WORK, AVAILABILITY or BREAK/REST. (46)It shall be possible for the driver and/or the co-driver...(47)When the vehicle is moving, DRIVING shall be selected automatically...(48)When the vehicle stops, WORK shall be selected automatically for...(49)The first change of activity to BREAK/REST or AVAILABILITY arising...(50)This function shall output activity changes to the recording functions...(51)Given a calendar minute, if DRIVING is registered as the...(52)Given a calendar minute that is not regarded as DRIVING...(53)This function shall also permanently monitor the continuous driving time...3.5Monitoring driving status (54)This function shall permanently and automatically monitor the driving status....(55)The driving status CREW shall be selected when two valid...3.6Driver's entries 3.6.1Entry of places where daily work periods begin and/or end...(56)This function shall allow for the entry of places where,...(57)Places are defined as the country and, in addition where...(58)At the time of a driver card withdrawal, the recording...(59)The driver shall then enter the current place of the...(60)It shall be possible to input places where daily work...3.6.2Manual entry of driver activities and driver consent for ITS...(61)Upon driver (or workshop) card insertion, and only at this...3.6.3Entry of specific conditions (62)The recording equipment shall allow the driver to enter, in...3.7Company locks management (63)This function shall allow the management of the locks placed...(64)Company locks consist in a start date/time (lock-in) and an...(65)Locks may be turned ‘in’ or ‘out’ in real time...(66)Locking-out shall only be possible for the company whose lock...(67)Locking-out shall be automatic if another company locks in. (68)In the case where a company locks in and where...3.8Monitoring control activities (69)This function shall monitor DISPLAYING, PRINTING, VU and card DOWNLOADING,...(70)This function shall also monitor OVER SPEEDING CONTROL activities while...3.9Detection of events and/or faults (71)This function shall detect the following events and/or faults: 3.9.1‘Insertion of a non-valid card’ event (72)This event shall be triggered at the insertion of any...3.9.2‘Card conflict’ event (73)This event shall be triggered when any of the valid...3.9.3‘Time overlap’ event (74)This event shall be triggered when the date / time...3.9.4‘Driving without an appropriate card’ event (75)This event shall be triggered for any valid tachograph cards...3.9.5‘Card insertion while driving’ event (76)This event shall be triggered when a tachograph card is...3.9.6‘Last card session not correctly closed’ event (77)This event shall be triggered when at card insertion the...3.9.7‘Over speeding’ event (78)This event shall be triggered for each over speeding. 3.9.8‘Power supply interruption’ event (79)This event shall be triggered, while not in calibration or...3.9.9‘Communication error with the remote communication facility’ event (80)This event shall be triggered, while not in calibration mode,...3.9.10‘Absence of position information from GNSS receiver’ event (81)This event shall be triggered, while not in calibration mode,...3.9.11‘Communication error with the external GNSS facility’ event (82)This event shall be triggered, while not in calibration mode,...3.9.12‘Motion data error’ event (83)This event shall be triggered, while not in calibration mode,...3.9.13‘Vehicle motion conflict’ event (84)This event shall be triggered, while not in calibration mode,...3.9.14‘Security breach attempt’ event (85)This event shall be triggered for any other event affecting...3.9.15‘ Time conflict ’ event (86)This event shall be triggered, while not in calibration mode...3.9.16‘Card’ fault (87)This fault shall be triggered when a tachograph card failure...3.9.17‘Recording equipment’ fault (88)This fault shall be triggered for any of these failures,...3.10Built-in and self-tests (89)The recording equipment shall detect faults through self-tests and built-in-tests,...3.11Reading from data memory (90)The recording equipment shall be able to read any data...3.12Recording and storing in the data memory (91)Data stored into the data memory shall not be affected...(92)The recording equipment shall be able to record and store...3.12.1Equipment identification data 3.12.1.1Vehicle unit identification data (93)The recording equipment shall be able to store in its...(94)Vehicle unit identification data are recorded and stored once and...3.12.1.2Motion sensor identification data (95)The motion sensor shall be able to store in its...(96)Motion sensor identification data are recorded and stored once and...(97)The vehicle unit shall be able to record and store...3.12.1.3Global Navigation Satellite Systems identification data (98)The external GNSS facility shall be able to store in...(99)The identification data are recorded and stored once and for...(100)The vehicle unit shall be able to record and store...3.12.2Keys and certificates (101)The recording equipment shall be able to store a number...3.12.3Driver or workshop card insertion and withdrawal data (102)For each insertion and withdrawal cycle of a driver or...(103)The data memory shall be able to hold these data...(104)When storage capacity is exhausted, new data shall replace oldest...3.12.4Driver activity data (105)The recording equipment shall record and store in its data...(106)The data memory shall be able to hold driver activity...(107)When storage capacity is exhausted, new data shall replace oldest...3.12.5Places and positions where daily work periods begin, end and/or...(108)The recording equipment shall record and store in its data...(109)When the position of the vehicle is not available from...(110)Together with each place or position, the recording equipment shall...(111)The data memory shall be able to hold places and...(112)When storage capacity is exhausted, new data shall replace oldest...3.12.6Odometer data (113)The recording equipment shall record in its data memory the...(114)The data memory shall be able to store midnight odometer...(115)When storage capacity is exhausted, new data shall replace oldest...3.12.7Detailed speed data (116)The recording equipment shall record and store in its data...3.12.8Events data (117)The recording equipment shall record and store in its data...3.12.9Faults data (118)The recording equipment shall attempt to record and store in...3.12.10Calibration data (119)The recording equipment shall record and store in its data...(120)The following data shall be recorded for each of these...(121)In addition, the recording equipment shall record and store in...(122)The motion sensor shall record and store in its memory...(123)The external GNSS facility shall record and store in its...3.12.11Time adjustment data (124)The recording equipment shall record and store in its data...(125)The following data shall be recorded for each of these...3.12.12Control activity data (126)The recording equipment shall record and store in its data...(127)In case of downloading, the dates of the oldest and...3.12.13Company locks data (128)The recording equipment shall record and store in its data...3.12.14Download activity data (129)The recording equipment shall record and store in its data...3.12.15Specific conditions data (130)The recording equipment shall record in its data memory the...(131)The data memory shall be able to hold specific conditions...3.12.16Tachograph card data (132)The recording equipment shall be able to store the following...(133)The recording equipment shall be able to store at least...3.13Reading from tachograph cards (134)The recording equipment shall be able to read from first...(135)In case of a reading error, the recording equipment shall...3.14Recording and storing on tachograph cards 3.14.1Recording and storing in first generation tachograph cards (136)Provided first generation tachograph cards use has not been suppressed...(137)The recording equipment shall set the ‘card session data’ in...(138)The recording equipment shall update data stored on valid driver,...(139)The recording equipment shall update driver activity and places data...(140)All events not defined for the first generation recording equipment,...(141)Tachograph cards data update shall be such that, when needed...(142)In the case of a writing error, the recording equipment...(143)Before releasing a driver card and after all relevant data...3.14.2Recording and storing in second generation tachograph cards (144)Second generation tachograph cards shall contain 2 different card applications,...(145)The recording equipment shall set the ‘card session data’ in...(146)The recording equipment shall update data stored on the 2...(147)The recording equipment shall update driver activity places and positions...(148)Tachograph cards data update shall be such that, when needed...(149)In the case of a writing error, the recording equipment...(150)Before releasing a driver card and after all relevant data...3.15Displaying (151)The display shall include at least 20 characters. (152)The minimum character size shall be 5 mm high and 3.5 mm...(153)The display shall support the characters specified in Appendix 1...(154)The display shall be provided with adequate non-dazzling lighting. (155)Indications shall be visible from outside the recording equipment. (156)The recording equipment shall be able to display: (157)The display of the recording equipment shall use the pictograms...(158)The display shall always be ON when the vehicle is...(159)The recording equipment may include a manual or automatic feature...3.15.1Default display (160)When no other information needs to be displayed, the recording...(161)Display of data related to each driver shall be clear,...(162)In the case where the display width does not allow...(163)The recording equipment shall briefly display the card holder name...(164)When an ‘OUT OF SCOPE’ or FERRY/TRAIN condition is opened,...3.15.2Warning display (165)The recording equipment shall display warning information using primarily the...3.15.3Menu access (166)The recording equipment shall provide necessary commands through an appropriate...3.15.4Other displays (167)It shall be possible to display selectively on request: (168)Printout content display shall be sequential, line by line. If...3.16Printing (169)The recording equipment shall be able to print information from...(170)The ‘driver activities from card daily printout’ and ‘Events and...(171)In order to produce the ‘driver activities from card daily...(172)The printer shall be able to print 24 characters per...(173)The minimum character size shall be 2.1 mm high and 1.5 mm...(174)The printer shall support the characters specified in Appendix 1...(175)Printers shall be so designed as to produce these printouts...(176)Printouts shall retain their dimensions and recordings under normal conditions...(177)The type approved paper used by the recording equipment shall...(178)Printouts shall remain clearly legible and identifiable under normal conditions...(179)Printouts shall conform at least to the test specifications defined...(180)It shall also be possible to add hand-written notes, such...(181)The recording equipment shall manage ‘paper out’ events while printing...3.17Warnings (182)The recording equipment shall warn the driver when detecting any...(183)Warning of a power supply interruption event may be delayed...(184)The recording equipment shall warn the driver 15 minutes before...(185)Warnings shall be visual. Audible warnings may also be provided...(186)Visual warnings shall be clearly recognisable by the user, shall...(187)Visual warnings may be built into the recording equipment and/or...(188)In the latter case it shall bear a ‘T’ symbol....(189)Warnings shall have a duration of at least 30 seconds,...(190)Warning cause shall be displayed on the recording equipment and...(191)Additional warnings may be provided, as long as they do...3.18Data downloading to external media (192)The recording equipment shall be able to download on request...(193)In addition and as an optional feature, the recording equipment...(194)Downloading shall not alter or delete any stored data. (195)The calibration/downloading connector electrical interface is specified in Appendix 6....(196)Downloading protocols are specified in Appendix 7. 3.19Remote communication for targeted roadside checks (197)When the ignition is on, the Vehicle Unit shall store...(198)Data to be checked remotely shall be available to remote...(199)Data necessary for the purpose of targeted roadside checks shall...3.20Output data to additional external devices (200)The recording equipment may also be equipped with standardised interfaces...(201)The serial link interface as specified in Annex 1B to...3.21Calibration (202)The calibration function shall allow: (203)In addition, the calibration function shall allow to supress the...(204)Pairing the motion sensor to the VU shall consist, at...(205)Coupling the external GNSS facility to the VU shall consist,...(206)The calibration function shall be able to input necessary data...3.22Roadside calibration checking (207)The roadside calibration checking function shall allow reading the motion...(208)This reading shall at least be possible on the vehicle...(209)The roadside calibration checking function shall also allow controlling the...3.23Time adjustment (210)The time adjustment function shall allow for automatically adjusting the...(211)The time setting of the VU internal clock shall be...(212)The time adjustment function shall also allow for triggered adjustment...3.24Performance characteristics (213)The Vehicle Unit shall be fully operational in the temperature...(214)The tachograph shall be fully operational in the humidity range...(215)The seals used in the smart tachograph shall withstand the...(216)The recording equipment shall be protected against over-voltage, inversion of...(217)Motion sensors shall either: (218)The recording equipment and the external GNSS facility shall conform...3.25Materials (219)All the constituent parts of the recording equipment shall be...(220)For normal conditions of use, all the internal parts of...(221)The Vehicle Unit and the external GNSS facility shall meet...(222)The recording equipment shall conform to applicable technical specifications related...(223)The recording equipment shall be protected against accidental damage. 3.26Markings (224)If the recording equipment displays the vehicle odometer value and...(225)A descriptive plaque shall be affixed to each separate component...(226)When physical space is not sufficient to show all above...4.CONSTRUCTION AND FUNCTIONAL REQUIREMENTS FOR TACHOGRAPH CARDS 4.1Visible data (227)the words ‘Driver card’ or ‘Control card’ or ‘Workshop card’...(228)the name of the Member State issuing the card (optional);...(229)the distinguishing sign of the Member State issuing the card,...(230)information specific to the card issued, numbered as follows: (231)dates shall be written using a ‘dd/mm/yyyy’ or ‘dd.mm.yyyy’ format...(232)an explanation of the numbered items which appear on the...(233)with the specific written agreement of the holder, information which...(234)Tachograph cards shall be printed with the following background predominant...(235)Tachograph cards shall bear at least the following features for...(236)After consulting the Commission, Member States may add colours or...(237)Temporary cards referred to in Article 26.4 of Regulation (EU)...4.2Security (238)In order to achieve the system security, the tachograph cards...(239)Tachograph cards shall be readable by other equipment such as...4.3Standards (240)Tachograph cards shall comply with the following standards: 4.4Environmental and electrical specifications (241)Tachograph cards shall be capable of operating correctly in all...(242)Tachograph cards shall be capable of operating correctly in the...(243)Tachograph cards shall be capable of operating correctly for a...(244)During operation, tachograph cards shall conform to ECE R10, related...4.5Data storage (245)This paragraph specifies minimum storage capacity for the various application...(246)Any additional data that may be stored on tachograph cards,...(247)Each Master File (MF) of any tachograph card shall contain...4.5.1Elementary files for identification and card management 4.5.2IC card identification (248)Tachograph cards shall be able to store the following smart...4.5.2.1Chip identification (249)Tachograph cards shall be able to store the following Integrated...4.5.2.2DIR (only present in second generation tachograph cards) (250)Tachograph cards shall be able to store the application identification...4.5.2.3ATR information (conditional, only present in second generation tachograph cards)...(251)Tachograph cards shall be able to store the following extended...4.5.2.4Extended length information (conditional, only present in second generation tachograph...(252)Tachograph cards shall be able to store the following extended...4.5.3Driver card 4.5.3.1Tachograph application (accessible to first and second generation vehicle units)...4.5.3.1.1Application identification (253)The driver card shall be able to store the following...4.5.3.1.2Key and certificates (254)The driver card shall be able to store a number...4.5.3.1.3Card identification (255)The driver card shall be able to store the following...4.5.3.1.4Card holder identification (256)The driver card shall be able to store the following...4.5.3.1.5Card download (257)The driver card shall be able to store the following...(258)The driver card shall be able to hold one such...4.5.3.1.6Driving licence information (259)The driver card shall be able to store the following...4.5.3.1.7Events data (260)The driver card shall be able to store data related...(261)The driver card shall be able to store the following...(262)The driver card shall be able to store data for...4.5.3.1.8Faults data (263)The driver card shall be able to store data related...(264)The driver card shall be able to store the following...(265)The driver card shall be able to store data for...4.5.3.1.9Driver activity data (266)The driver card shall be able to store, for each...(267)The driver card memory shall be able to hold driver...(268)The data listed under requirements 261, 264 and 266 shall...4.5.3.1.10Vehicles used data (269)The driver card shall be able to store, for each...(270)The driver card shall be able to store at least...4.5.3.1.11Places where daily work periods start and/or end (271)The driver card shall be able to store the following...(272)The driver card memory shall be able to hold at...4.5.3.1.12Card session data (273)The driver card shall be able to store data related...4.5.3.1.13Control activity data (274)The driver card shall be able to store the following...(275)The driver card shall be able to hold one such...4.5.3.1.14Specific conditions data (276)The driver card shall be able to store the following...(277)The driver card shall be able to store at least...4.5.3.2Tachograph generation 2 application (not accessible to first generation vehicle...4.5.3.2.1Application identification (278)The driver card shall be able to store the following...4.5.3.2.2Keys and certificates (279)The driver card shall be able to store a number...4.5.3.2.3Card identification (280)The driver card shall be able to store the following...4.5.3.2.4Card holder identification (281)The driver card shall be able to store the following...4.5.3.2.5Card download (282)The driver card shall be able to store the following...(283)The driver card shall be able to hold one such...4.5.3.2.6Driving licence information (284)The driver card shall be able to store the following...4.5.3.2.7Events data (285)The driver card shall be able to store data related...(286)The driver card shall be able to store the following...(287)The driver card shall be able to store data for...4.5.3.2.8Faults data (288)The driver card shall be able to store data related...(289)The driver card shall be able to store the following...(290)The driver card shall be able to store data for...4.5.3.2.9Driver activity data (291)The driver card shall be able to store, for each...(292)The driver card memory shall be able to hold driver...(293)The data listed under requirements 286, 289 and 291 shall...4.5.3.2.10Vehicles used data (294)The driver card shall be able to store, for each...(295)The driver card shall be able to store at least...4.5.3.2.11Places and positions where daily work periods start and/or end...(296)The driver card shall be able to store the following...(297)The driver card memory shall be able to hold at...4.5.3.2.12Card session data (298)The driver card shall be able to store data related...4.5.3.2.13Control activity data (299)The driver card shall be able to store the following...(300)The driver card shall be able to hold one such...4.5.3.2.14Specific conditions data (301)The driver card shall be able to store the following...(302)The driver card shall be able to store at least...4.5.3.2.15Vehicle units used data (303)The driver card shall be able to store the following...(304)The driver card shall be able to store at least...4.5.3.2.16Three hours accumulated driving places data (305)The driver card shall be able to store the following...(306)The driver card shall be able to store at least...4.5.4Workshop card 4.5.4.1Tachograph application (accessible to first and second generation vehicle units)...4.5.4.1.1Application identification (307)The workshop card shall be able to store the following...4.5.4.1.2Keys and certificates (308)The workshop card shall be able to store a number...(309)The workshop card shall be able to store a Personal...4.5.4.1.3Card identification (310)The workshop card shall be able to store the following...4.5.4.1.4Card holder identification (311)The workshop card shall be able to store the following...4.5.4.1.5Card download (312)The workshop card shall be able to store a card...4.5.4.1.6Calibration and time adjustment data (313)The workshop card shall be able to hold records of...(314)Each calibration record shall be able to hold the following...(315)The workshop card shall be able to store at least...(316)The workshop card shall hold a counter indicating the total...(317)The workshop card shall hold a counter indicating the number...4.5.4.1.7Events and faults data (318)The workshop card shall be able to store events and...(319)The workshop card shall be able to store data for...4.5.4.1.8Driver activity data (320)The workshop card shall be able to store driver activity...(321)The workshop card shall be able to hold driver activity...4.5.4.1.9Vehicles used data (322)The workshop card shall be able to store vehicles used...(323)The workshop card shall be able to store at least...4.5.4.1.10Daily work periods start and/or end data (324)The workshop card shall be able to store daily works...(325)The workshop card shall be able to hold at least...4.5.4.1.11Card session data (326)The workshop card shall be able to store a card...4.5.4.1.12Control activity data (327)The workshop card shall be able to store a control...4.5.4.1.13Specific conditions data (328)The workshop card shall be able to store data relevant...(329)The workshop card shall be able to store at least...4.5.4.2Tachograph generation 2 application (not accessible to first generation vehicle...4.5.4.2.1Application identification (330)The workshop card shall be able to store the following...4.5.4.2.2Keys and certificates (331)The workshop card shall be able to store a number...(332)The workshop card shall be able to store a Personal...4.5.4.2.3Card identification (333)The workshop card shall be able to store the following...4.5.4.2.4Card holder identification (334)The workshop card shall be able to store the following...4.5.4.2.5Card download (335)The workshop card shall be able to store a card...4.5.4.2.6Calibration and time adjustment data (336)The workshop card shall be able to hold records of...(337)Each calibration record shall be able to hold the following...(338)The workshop card shall be able to store at least...(339)The workshop card shall hold a counter indicating the total...(340)The workshop card shall hold a counter indicating the number...4.5.4.2.7Events and faults data (341)The workshop card shall be able to store events and...(342)The workshop card shall be able to store data for...4.5.4.2.8Driver activity data (343)The workshop card shall be able to store driver activity...(344)The workshop card shall be able to hold driver activity...4.5.4.2.9Vehicles used data (345)The workshop card shall be able to store vehicles used...(346)The workshop card shall be able to store at least...4.5.4.2.10Daily work periods start and/or end data (347)The workshop card shall be able to store daily works...(348)The workshop card shall be able to hold at least...4.5.4.2.11Card session data (349)The workshop card shall be able to store a card...4.5.4.2.12Control activity data (350)The workshop card shall be able to store a control...4.5.4.2.13Vehicle units used data (351)The workshop card shall be able to store the following...(352)The workshop card shall be able to store at least...4.5.4.2.14Three hours accumulated driving places data (353)The workshop card shall be able to store the following...(354)The workshop card shall be able to store at least...4.5.4.2.15Specific conditions data (355)The workshop card shall be able to store data relevant...(356)The workshop card shall be able to store at least...4.5.5Control card 4.5.5.1Tachograph application (accessible to first and second generation vehicle units)...4.5.5.1.1Application identification (357)The control card shall be able to store the following...4.5.5.1.2Keys and certificates (358)The control card shall be able to store a number...4.5.5.1.3Card identification (359)The control card shall be able to store the following...4.5.5.1.4Card holder identification (360)The control card shall be able to store the following...4.5.5.1.5Control activity data (361)The control card shall be able to store the following...(362)The control card shall be able to hold at least...4.5.5.2Tachograph G2 application (not accessible to first generation vehicle unit)...4.5.5.2.1Application identification (363)The control card shall be able to store the following...4.5.5.2.2Keys and certificates (364)The control card shall be able to store a number...4.5.5.2.3Card identification (365)The control card shall be able to store the following...4.5.5.2.4Card holder identification (366)The control card shall be able to store the following...4.5.5.2.5Control activity data (367)The control card shall be able to store the following...(368)The control card shall be able to hold at least...4.5.6Company card 4.5.6.1Tachograph application (accessible to first and second generation vehicle units)...4.5.6.1.1Application identification (369)The company card shall be able to store the following...4.5.6.1.2Keys and Certificates (370)The company card shall be able to store a number...4.5.6.1.3Card identification (371)The company card shall be able to store the following...4.5.6.1.4Card holder identification (372)The company card shall be able to store the following...4.5.6.1.5Company activity data (373)The company card shall be able to store the following...(374)The company card shall be able to hold at least...4.5.6.2Tachograph G2 application (not accessible to first generation vehicle unit)...4.5.6.2.1Application identification (375)The company card shall be able to store the following...4.5.6.2.2Keys and certificates (376)The company card shall be able to store a number...4.5.6.2.3Card identification (377)The company card shall be able to store the following...4.5.6.2.4Card holder identification (378)The company card shall be able to store the following...4.5.6.2.5Company activity data (379)The company card shall be able to store the following...(380)The company card shall be able to hold at least...5.INSTALLATION OF RECORDING EQUIPMENT 5.1Installation (381)New recording equipment shall be delivered non-activated to fitters or...(382)Before its activation, the recording equipment shall give access to...(383)Before its activation, the recording equipment shall neither record nor...(384)During installation, vehicle manufacturers shall pre-set all known parameters. (385)Vehicle manufacturers or fitters shall activate the installed recording equipment...(386)The activation of the recording equipment shall be triggered automatically...(387)Specific pairing operations required between the motion sensor and the...(388)In a similar way, specific coupling operations between the external...(389)After its activation, the recording equipment shall fully enforce functions...(390)After its activation, the recording equipment shall communicate to the...(391)The recording and storing functions of the recording equipment shall...(392)Installation shall be followed by a calibration. The first calibration...(393)The installation of an external GNSS facility requires the coupling...(394)The recording equipment must be positioned in the vehicle in...5.2Installation plaque (395)After the recording equipment has been checked on installation, an...(396)The plaque shall bear at least the following details: (397)For M1 and N1 vehicles only, and which are fitted...5.3Sealing (398)The following parts shall be sealed: (398a)The seals mentioned above shall be certified according to the...(399)The seals mentioned above may be removed: (400)On each occasion that these seals are broken a written...(401)Seals shall hold an identification number, allocated by its manufacturer....(402)The seals shall have a free space where approved fitters,...(403)Seals manufacturers shall be registered in a dedicated database when...(404)Approved workshops and vehicle manufacturers shall, in the frame of...(405)Seal manufacturers and their distributors shall maintain full traceability records...(406)Seals unique identification numbers shall be visible on the installation...6.CHECKS, INSPECTIONS AND REPAIRS 6.1Approval of fitters, workshops and vehicle manufacturers 6.2Check of new or repaired components (407)Every individual device, whether new or repaired, shall be checked...6.3Installation inspection (408)When being fitted to a vehicle, the whole installation (including...6.4Periodic inspections (409)Periodic inspections of the equipment fitted to the vehicles shall...(410)These inspections shall include the following checks: (411)If one of the events listed in Chapter 3.9 (Detection...(412)Workshops shall keep traces in their inspection reports of any...(413)These inspections shall include a calibration and a preventive replacement...6.5Measurement of errors (414)The measurement of errors on installation and during use shall...6.6Repairs (415)Workshops shall be able to download data from the recording...(416)Approved workshops shall issue to transport companies a certificate of...7.CARD ISSUING (417)The card number of the first issue of a tachograph...(418)The card numbers of all non-personal tachograph cards issued to...(419)A tachograph card issued in replacement of an existing tachograph...(420)A tachograph card issued in replacement of an existing tachograph...(421)A tachograph card issued in renewal of an existing tachograph...(422)The exchange of an existing tachograph card, in order to...(423)The ‘card holder surname’ for non-personal workshop or control cards...(424)Member States shall exchange data electronically in order to ensure...8.TYPE-APPROVAL OF RECORDING EQUIPMENT AND TACHOGRAPH CARDS 8.1General points (425)Recording equipment shall be submitted for approval complete with any...(426)Type approval of recording equipment and of tachograph cards shall...(427)Member States type approval authorities will not grant a type...(428)Any modification in software or hardware of the equipment or...(429)Procedures to upgrade in-situ recording equipment software shall be approved...(430)Type approval of software modifications aimed to upgrade a previously...8.2Security certificate (431)The security certificate is delivered in accordance with the provisions...(432)In the exceptional circumstance that the security certification authorities refuse...(433)In this circumstance the Member State concerned shall, without delay,...8.3Functional certificate (434)Each candidate for type approval shall provide the Member State's...(435)Manufacturers shall provide the relevant samples of type approval candidate...(436)A functional certificate shall be delivered to the manufacturer only...(437)The type approval authority delivers the functional certificate. This certificate...(438)The functional certificate of any recording equipment component shall also...(439)The functional certificate of any recording equipment component shall also...8.4Interoperability certificate (440)Interoperability tests are carried out by a single laboratory under...(441)The laboratory shall register interoperability test requests introduced by manufacturers...(442)Requests will be officially registered only when the laboratory is...(443)No interoperability tests shall be carried out by the laboratory,...(444)Any manufacturer requesting interoperability tests shall commit to leave to...(445)The interoperability tests shall be carried out, in accordance with...(446)The interoperability tests shall cover all generations of recording equipment...(447)The interoperability certificate shall be delivered by the laboratory to...(448)If the interoperability tests are not successful with one or...(449)The interoperability certificate is valid for six months. It is...(450)Any element that could be at the origin of an...8.5Type-approval certificate (451)The type approval authority of the Member State may deliver...(452)The type approval certificate of any recording equipment component shall...(453)The type approval certificate shall be copied by the type...(454)The laboratory competent for interoperability tests shall run a public...8.6Exceptional procedure: first interoperability certificates for 2nd generation recording equipment...(455)Until four months after a first couple of 2nd generation...(456)If at the end of this period, all products concerned...(457)If during this period, interoperability faults are found, the laboratory...(458)If at the end of this period, interoperability problems still...(459)Any request for interoperability tests, registered by the laboratory between...DATA DICTIONARY 1.INTRODUCTION 1.1.Approach for definitions of data types 1.2.References 2.DATA TYPE DEFINITIONS 2.1.ActivityChangeInfo Value assignment — Octet Aligned: ‘scpaattttttttttt’B (16 bits) Note for the case ‘card withdrawal’: 2.2.Address 2.3.AESKey 2.4.AES128Key 2.5.AES192Key 2.6.AES256Key 2.7.BCDString 2.8.CalibrationPurpose 2.9.CardActivityDailyRecord 2.10.CardActivityLengthRange 2.11.CardApprovalNumber 2.12.CardCertificate 2.13.CardChipIdentification 2.14.CardConsecutiveIndex 2.15.CardControlActivityDataRecord 2.16.CardCurrentUse 2.17.CardDriverActivity 2.18.CardDrivingLicenceInformation 2.19.CardEventData 2.20.CardEventRecord 2.21.CardFaultData 2.22.CardFaultRecord 2.23.CardIccIdentification 2.24.CardIdentification 2.25.CardMACertificate 2.26.CardNumber 2.27.CardPlaceDailyWorkPeriod 2.28.CardPrivateKey 2.29.CardPublicKey 2.30.CardRenewalIndex 2.31.CardReplacementIndex 2.32.CardSignCertificate 2.33.CardSlotNumber 2.34.CardSlotsStatus 2.35.CardSlotsStatusRecordArray 2.36.CardStructureVersion 2.37.CardVehicleRecord 2.38.CardVehiclesUsed 2.39.CardVehicleUnitRecord 2.40.CardVehicleUnitsUsed 2.41.Certificate 2.42.CertificateContent 2.43.CertificateHolderAuthorisation 2.44.CertificateRequestID 2.45.CertificationAuthorityKID 2.46.CompanyActivityData 2.47.CompanyActivityType 2.48.CompanyCardApplicationIdentification 2.49.CompanyCardHolderIdentification 2.50.ControlCardApplicationIdentification 2.51.ControlCardControlActivityData 2.52.ControlCardHolderIdentification 2.53.ControlType 2.54.CurrentDateTime 2.55.CurrentDateTimeRecordArray 2.56.DailyPresenceCounter 2.57.Datef 2.58.DateOfDayDownloaded 2.59.DateOfDayDownloadedRecordArray 2.60.Distance 2.61.DriverCardApplicationIdentification 2.62.DriverCardHolderIdentification 2.63.Reserved for future use 2.64.EGFCertificate 2.65.EmbedderIcAssemblerId 2.66.EntryTypeDailyWorkPeriod 2.67.EquipmentType 2.68.EuropeanPublicKey 2.69.EventFaultRecordPurpose 2.70.EventFaultType 2.71.ExtendedSealIdentifier 2.72.ExtendedSerialNumber 2.73.FullCardNumber 2.74.FullCardNumberAndGeneration 2.75.Generation 2.76.GeoCoordinates 2.77.GNSSAccuracy 2.78.GNSSAccumulatedDriving 2.79.GNSSAccumulatedDrivingRecord 2.80.GNSSPlaceRecord 2.81.HighResOdometer 2.82.HighResTripDistance 2.83.HolderName 2.84.InternalGNSSReceiver 2.85.K-ConstantOfRecordingEquipment 2.86.KeyIdentifier 2.87.KMWCKey 2.88.Language 2.89.LastCardDownload 2.90.LinkCertificate 2.91.L-TyreCircumference 2.92.MAC 2.93.ManualInputFlag 2.94.ManufacturerCode 2.95.ManufacturerSpecificEventFaultData 2.96.MemberStateCertificate 2.97.MemberStateCertificateRecordArray 2.98.MemberStatePublicKey 2.99.Name 2.100.NationAlpha 2.101.NationNumeric 2.102.NoOfCalibrationRecords 2.103.NoOfCalibrationsSinceDownload 2.104.NoOfCardPlaceRecords 2.105.NoOfCardVehicleRecords 2.106.NoOfCardVehicleUnitRecords 2.107.NoOfCompanyActivityRecords 2.108.NoOfControlActivityRecords 2.109.NoOfEventsPerType 2.110.NoOfFaultsPerType 2.111.NoOfGNSSADRecords 2.112.NoOfSpecificConditionRecords 2.113.OdometerShort 2.114.OdometerValueMidnight 2.115.OdometerValueMidnightRecordArray 2.116.OverspeedNumber 2.117.PlaceRecord 2.118.PreviousVehicleInfo 2.119.PublicKey 2.120.RecordType 2.121.RegionAlpha 2.122.RegionNumeric 2.123.RemoteCommunicationModuleSerialNumber 2.124.RSAKeyModulus 2.125.RSAKeyPrivateExponent 2.126.RSAKeyPublicExponent 2.127.RtmData 2.128.SealDataCard 2.129.SealDataVu 2.130.SealRecord 2.131.SensorApprovalNumber 2.132.SensorExternalGNSSApprovalNumber 2.133.SensorExternalGNSSCoupledRecord 2.134.SensorExternalGNSSIdentification 2.135.SensorExternalGNSSInstallation 2.136.SensorExternalGNSSOSIdentifier 2.137.SensorExternalGNSSSCIdentifier 2.138.SensorGNSSCouplingDate 2.139.SensorGNSSSerialNumber 2.140.SensorIdentification 2.141.SensorInstallation 2.142.SensorInstallationSecData 2.143.SensorOSIdentifier 2.144.SensorPaired 2.145.SensorPairedRecord 2.146.SensorPairingDate 2.147.SensorSCIdentifier 2.148.SensorSerialNumber 2.149.Signature 2.150.SignatureRecordArray 2.151.SimilarEventsNumber 2.152.SpecificConditionRecord 2.153.SpecificConditions 2.154.SpecificConditionType 2.155.Speed 2.156.SpeedAuthorised 2.157.SpeedAverage 2.158.SpeedMax 2.159.TachographPayload 2.160.Reserved for future use 2.161.TDesSessionKey 2.162.TimeReal 2.163.TyreSize 2.164.VehicleIdentificationNumber 2.165.VehicleIdentificationNumberRecordArray 2.166.VehicleRegistrationIdentification 2.167.VehicleRegistrationNumber 2.168.VehicleRegistrationNumberRecordArray 2.169.VuAbility 2.170.VuActivityDailyData 2.171.VuActivityDailyRecordArray 2.172.VuApprovalNumber 2.173.VuCalibrationData 2.174.VuCalibrationRecord 2.175.VuCalibrationRecordArray 2.176.VuCardIWData 2.177.VuCardIWRecord 2.178.VuCardIWRecordArray 2.179.VuCardRecord 2.180.VuCardRecordArray 2.181.VuCertificate 2.182.VuCertificateRecordArray 2.183.VuCompanyLocksData 2.184.VuCompanyLocksRecord 2.185.VuCompanyLocksRecordArray 2.186.VuControlActivityData 2.187.VuControlActivityRecord 2.188.VuControlActivityRecordArray 2.189.VuDataBlockCounter 2.190.VuDetailedSpeedBlock 2.191.VuDetailedSpeedBlockRecordArray 2.192.VuDetailedSpeedData 2.193.VuDownloadablePeriod 2.194.VuDownloadablePeriodRecordArray 2.195.VuDownloadActivityData 2.196.VuDownloadActivityDataRecordArray 2.197.VuEventData 2.198.VuEventRecord 2.199.VuEventRecordArray 2.200.VuFaultData 2.201.VuFaultRecord 2.202.VuFaultRecordArray 2.203.VuGNSSADRecord 2.204.VuGNSSADRecordArray 2.205.VuIdentification 2.206.VuIdentificationRecordArray 2.207.VuITSConsentRecord 2.208.VuITSConsentRecordArray 2.209.VuManufacturerAddress 2.210.VuManufacturerName 2.211.VuManufacturingDate 2.212.VuOverSpeedingControlData 2.213.VuOverSpeedingControlDataRecordArray 2.214.VuOverSpeedingEventData 2.215.VuOverSpeedingEventRecord 2.216.VuOverSpeedingEventRecordArray 2.217.VuPartNumber 2.218.VuPlaceDailyWorkPeriodData 2.219.VuPlaceDailyWorkPeriodRecord 2.220.VuPlaceDailyWorkPeriodRecordArray 2.221.VuPrivateKey 2.222.VuPublicKey 2.223.VuSerialNumber 2.224.VuSoftInstallationDate 2.225.VuSoftwareIdentification 2.226.VuSoftwareVersion 2.227.VuSpecificConditionData 2.228.VuSpecificConditionRecordArray 2.229.VuTimeAdjustmentData 2.230.Reserved for future use 2.231.Reserved for future use 2.232.VuTimeAdjustmentRecord 2.233.VuTimeAdjustmentRecordArray 2.234.WorkshopCardApplicationIdentification 2.235.WorkshopCardCalibrationData 2.236.WorkshopCardCalibrationRecord 2.237.WorkshopCardHolderIdentification 2.238.WorkshopCardPIN 2.239.W-VehicleCharacteristicConstant 2.240.VuPowerSupplyInterruptionRecord 2.241.VuPowerSupplyInterruptionRecordArray 2.242.VuSensorExternalGNSSCoupledRecordArray 2.243.VuSensorPairedRecordArray 3.VALUE AND SIZE RANGE DEFINITIONS 4.CHARACTER SETS 5.ENCODING 6.OBJECT IDENTIFIERS UND APPLICATION IDENTIFIERS 6.1.Object Identifiers VU Authentication protocol identifiers Chip Authentication protocol identifiers 6.2.Application Identifiers TACHOGRAPH CARDS SPECIFICATION 1.INTRODUCTION 1.1.Abbreviations 1.2.References 2.ELECTRICAL AND PHYSICAL CHARACTERISTICS TCS_01All electronic signals shall be in accordance with ISO/IEC 7816-3...TCS_02The location and dimensions of the card contacts shall comply...2.1.Supply Voltage and Current Consumption TCS_03The card shall work according to specifications within the consumption...TCS_04The card shall work with Vcc = 3V (± 0,3V)...2.2.Programming Voltage Vpp TCS_05The card shall not require a programming voltage at pin...2.3.Clock generation and Frequency TCS_06The card shall operate within a frequency range of 1...TCS_07Under conditions contained into the card file EF ICC, the...2.4.I/O Contact TCS_08The I/O contact C7 is used to receive data from...2.5.States of the Card TCS_09The card works in two states while the supply voltage...3.HARDWARE AND COMMUNICATION 3.1.Introduction 3.2.Transmission Protocol TCS_10The Transmission protocol shall be compliant with ISO/IEC 7816-3 for...3.2.1Protocols TCS_11The card shall provide both protocol T=0 and protocol T=1....TCS_12T=0 is the default protocol, a PTS command is therefore...TCS_13Devices shall support direct convention in both protocols: the direct...TCS_14The Information Field Size Card byte shall be presented at...TCS_15T=0 TCS_16T=1 3.2.2ATR TCS_17The device checks ATR bytes, according to ISO/IEC 7816-3. No...TCS_18After the Answer To Reset (ATR), the Master File (MF)...3.2.3PTS TCS_19The default Protocol is T=0. To set the T=1 protocol,...TCS_20As both T=0 and T=1 protocols are mandatory for the...TCS_21If no other baud rate than the default one are...3.3.Access Rules TCS_22An access rule specifies for an access mode, i.e. command,...TCS_23The following security conditions are used for the tachograph card:...TCS_24These security conditions can be linked in the following ways:...TCS_25In the DF Tachograph G1 application the following access rules...TCS_26In the DF Tachograph_G2 application the following access rules are...TCS_27In the MF the following access rules are used: TCS_28A tachograph card may or may not accept a command...3.4.Commands and error codes overview TCS_29The status words SW1 SW2 are returned in any response...TCS_30If more than one error condition is fulfilled in one...3.5.Command descriptions TCS_31If both length bytes (Lc and Le) are requested, the...TCS_32If both length bytes are requested, and Le=0 (secure messaging):...TCS_33A tachograph card may support extended length fields according to...Notes: TCS_34The VU shall perform the complete generation 2 VU —...3.5.1SELECT 3.5.1.1Selection by name (AID) TCS_35This command can be performed from anywhere in the file...TCS_36The selection of an application resets the current security environment....TCS_37Command Message TCS_38Response Message (no response asked) 3.5.1.2Selection of an Elementary File using its File Identifier TCS_39Command Message TCS_40A tachograph card shall support the generation 2 secure messaging...TCS_41Response Message (no response asked) 3.5.2READ BINARY 3.5.2.1Command with offset in P1-P2 TCS_42Command Message TCS_43Response Message 3.5.2.1.1Command with secure messaging (examples) TCS_44Command Message TCS_45Response Message if SM-R-ENC-MAC-G1 (generation 1) / SM-R-ENC-MAC-G2 (generation 2)...TCS_46Response Message if SM-R-ENC-MAC-G1 (generation 1) / SM-R-ENC-MAC-G2 (generation 2)...TCS_47Response Message if incorrect Secure Messaging input format 3.5.2.2Command with short EF (Elementary File) identifier TCS_48A tachograph card shall support this command variant for all...TCS_49Command Message TCS_50Response Message 3.5.2.3Command with odd instruction byte TCS_51A tachograph card which supports EFs with 32 768 bytes...TCS_52Command Message TCS_53Response Message 3.5.2.3.1Command with secure messaging (example) TCS_54Command message TCS_55Response message if the command is successful 3.5.3UPDATE BINARY 3.5.3.1Command with offset in P1-P2 TCS_56Command Message TCS_57Response Message 3.5.3.1.1Command with secure messaging (examples) TCS_58Command Message TCS_59Response message if correct Secure Messaging input format TCS_60Response Message if error in secure messaging 3.5.3.2Command with short EF identifier TCS_61A tachograph card shall support this command variant for all...TCS_62Command Message TCS_63Response Message 3.5.3.3Command with odd instruction byte TCS_64A tachograph card which supports EFs with 32 768 bytes...TCS_65Command Message TCS_66Response Message 3.5.3.3.1Command with secure messaging (example) TCS_67Command message TCS_68Response message if the command is successful 3.5.4GET CHALLENGE TCS_69The Challenge issued by the card is only valid for...TCS_70Command Message TCS_71Response Message 3.5.5VERIFY TCS_72The PIN entered by the user must be ASCII encoded...TCS_73The tachograph applications generation 1 and 2 shall use the...TCS_74The tachograph card shall check whether the command is encoded...TCS_75If the command is successful, the remaining CHV attempt counter...TCS_76An unsuccessful comparison is recorded in the card, i.e. the...TCS_77Command Message TCS_78Response Message 3.5.6GET RESPONSE TCS_79Command Message TCS_80Response Message 3.5.7PSO: VERIFY CERTIFICATE 3.5.7.1Generation 1 Command — Response pair TCS_81This command variant is only supported by a generation 1...TCS_82When a VERIFY CERTIFICATE command is successful, the Public Key...TCS_83In any case, the VERIFY CERTIFICATE command uses the public...TCS_84Command Message TCS_85Response Message 3.5.7.2Generation 2 Command — Response pair TCS_86The command can be performed in the MF, DF Tachograph...TCS_87Command Message TCS_88For short length APDUs the following provisions apply: The IFD...TCS_89For extended length APDUs the following provisions apply: If the...TCS_90In addition to the error codes listed in TCS_85, the...3.5.8INTERNAL AUTHENTICATE TCS_91All tachograph cards shall support this command in the DF...TCS_92The INTERNAL AUTHENTICATE command uses the card Private Key (implicitly...TCS_93Command Message TCS_94Response Message TCS_95If the INTERNAL AUTHENTICATE command is successful, the current generation...Note:For generation 2 session keys see Appendix 11 CSM_193 and...3.5.9EXTERNAL AUTHENTICATE TCS_96The command variant for the generation 1 mutual authentication mechanism...TCS_97The command variant for the second generation VU-card mutual authentication...Note:For generation 2 session keys see Appendix 11 CSM_193 and...TCS_98Command Message TCS_99Response Message 3.5.10GENERAL AUTHENTICATE TCS_100The command can be performed in the MF, DF Tachograph...TCS_101Command Message TCS_102Response Message 3.5.11MANAGE SECURITY ENVIRONMENT 3.5.11.1Generation 1 Command — Response pair TCS_103This command is only supported by a generation 1 tachograph...TCS_104The key referenced in the MSE data field remains the...TCS_105If the key referenced is not (already) present into the...TCS_106Command Message TCS_107Response Message 3.5.11.2Generation 2 Command — Response pairs 3.5.11.2.1MSE:SET AT for Chip Authentication TCS_108The command can be performed in the MF, DF Tachograph...TCS_109MSE:SET AT Command Message for Chip Authentication 3.5.11.2.2MSE:SET AT for VU Authentication TCS_110The command can be performed in the MF, DF Tachograph...TCS_111MSE:SET AT Command Message for VU Authentication 3.5.11.2.3MSE:SET DST TCS_112The command can be performed in the MF, DF Tachograph...TCS_113MSE:SET DST Command Message TCS_114Response Message Note:In the case of a MSE: SET AT for VU...3.5.12PSO: HASH TCS_115The temporarily stored hash value shall be deleted if a...TCS_116Command Message TCS_117Response Message 3.5.13PERFORM HASH of FILE TCS_118The PERFORM HASH of FILE command is used to hash...TCS_119A tachograph card shall support this command only for the...TCS_120The result of the hash operation is stored temporarily in...TCS_121The temporarily stored hash of file value shall be deleted...TCS_122The Tachograph Generation 1 application shall support SHA-1. TCS_123The Tachograph Generation 2 application shall support the SHA-2 algorithm...TCS_124Command Message TCS_125Response Message 3.5.14PSO: COMPUTE DIGITAL SIGNATURE TCS_126This command shall not compute a digital signature of previously...TCS_127The card private key is used to compute the digital...TCS_128The Generation 1 tachograph application performs a digital signature using...TCS_129The Generation 2 tachograph application computes an elliptic curve based...TCS_130Command Message TCS_131Response Message 3.5.15PSO: VERIFY DIGITAL SIGNATURE TCS_132The VERIFY DIGITAL SIGNATURE command always uses the public key...TCS_133Command Message TCS_134Response Message 3.5.16PROCESS DSRC MESSAGE TCS_135The DSRC master key is accessible only in the DF...TCS_136The command shall only decrypt the DSRC data and verify...TCS_137The order of the data objects in the command data...TCS_138Command Message TCS_139Response Message 4.TACHOGRAPH CARDS STRUCTURE TCS_140A generation 2 tachograph card shall host the Master File...TCS_141A tachograph card shall support at least the minimum number...4.1.Master File MF TCS_142After its personalisation, the master file MF shall have the...TCS_143All EF structures shall be transparent. TCS_144The Master File MF shall have the following data structure:...TCS_145The elementary file EF DIR shall contain the following application...TCS_146The elementary file EF ATR/INFO shall be present if the...TCS_147The elementary file EF Extended_Length shall be present if the...4.2.Driver card applications 4.2.1Driver card application generation 1 TCS_148After its personalisation, the driver card application generation 1 shall...TCS_149All EF structures shall be transparent. TCS_150The driver card application generation 1 shall have the following...TCS_151The following values, used to provide sizes in the table...4.2.2Driver card application generation 2 TCS_152After its personalisation, the driver card application generation 2 shall...TCS_153All EF structures shall be transparent. TCS_154The driver card application generation 2 shall have the following...TCS_155The following values, used to provide sizes in the table...4.3.Workshop card applications 4.3.1Workshop card application generation 1 TCS_156After its personalisation, the workshop card application generation 1 shall...TCS_157All EF structures shall be transparent. TCS_158The workshop card application generation 1 shall have the following...TCS_159The following values, used to provide sizes in the table...4.3.2Workshop card application generation 2 TCS_160After its personalisation, the workshop card application generation 2 shall...TCS_161All EFs structures shall be transparent. TCS_162The workshop card application generation 2 shall have the following...TCS_163The following values, used to provide sizes in the table...4.4.Control card applications 4.4.1Control Card application generation 1 TCS_164After its personalisation, the control card application generation 1 shall...TCS_165All EF structures shall be transparent. TCS_166The control card application generation 1 shall have the following...TCS_167The following values, used to provide sizes in the table...4.4.2Control card application generation 2 TCS_168After its personalisation, the control card application generation 2 shall...TCS_169All EF structures shall be transparent. TCS_170The control card application generation2 shall have the following data...TCS_171The following values, used to provide sizes in the table...4.5.Company card applications 4.5.1Company card application generation 1 TCS_172After its personalisation, the company card application generation 1 shall...TCS_173All EF structures shall be transparent. TCS_174The company card application generation 1 shall have the following...TCS_175The following values, used to provide sizes in the table...4.5.2Company card application generation 2 TCS_176After its personalisation, the company card application generation 2 shall...TCS_177All EF structures shall be transparent. TCS_178The company card application generation 2 shall have the following...TCS_179The following values, used to provide sizes in the table...PICTOGRAMS PIC_001The tachograph may optionally use the following pictograms and pictogram...PRINTOUTS 1.GENERALITIES 2.DATA BLOCKS SPECIFICATION PRT_007Printouts shall use the following data blocks and/or data records,...3.PRINTOUT SPECIFICATIONS 3.1.Driver Activities from Card Daily Printout PRT_008The driver activities from card daily printout shall be in...3.2.Driver Activities from VU Daily Printout PRT_009The driver activities from VU daily printout shall be in...3.3.Events and Faults from Card Printout PRT_010The events and faults from card printout shall be in...3.4.Events and Faults from VU Printout PRT_011The events and faults from VU printout shall be in...3.5.Technical data Printout PRT_012The technical data printout shall be in accordance with the...3.6.Over speeding Printout PRT_013The over speeding printout shall be in accordance with the...3.7.Historic of inserted cards PRT_014The historic of inserted cards printout shall be in accordance...DISPLAY DIS_001The tachograph shall display data using the following formats: FRONT CONNECTOR FOR CALIBRATION AND DOWNLOAD 1.HARDWARE 1.1.Connector INT_001The downloading/calibration connector shall be a 6 pin connector, accessible...1.2.Contact allocation INT_002Contacts shall be allocated in accordance with the following table:...1.3.Block diagram INT_003The block diagram shall comply with the following: 2.DOWNLOADING INTERFACE INT_004The downloading interface shall comply to RS232 specifications. INT_005The downloading interface shall use one start bit, 8 data...Data byte organisation INT_006Transmission baud rates shall be adjustable from 9 600 bps to...3.CALIBRATION INTERFACE INT_007The data communication shall comply to ISO 14230-1 Road vehicles...INT_008The input/output signal shall comply with the following electrical specification:...INT_009The input/output signal shall comply with the following timing diagrams:...DATA DOWNLOADING PROTOCOLS 1.INTRODUCTION 1.1.Scope 1.2.Acronyms and notations 2.V.U. DATA DOWNLOADING 2.1.Download procedure 2.2.Data download protocol 2.2.1Message structure DDP_002All the messages exchanged between the IDE and the VU...DDP_003In the case where the data to be carried by...DDP_004If the last sub message contains exactly 255 bytes in...2.2.2Message types Notes: 2.2.2.1Start Communication Request (SID 81) DDP_005This message is issued by the IDE to establish the...2.2.2.2Positive Response Start Communication (SID C1) DDP_006This message is issued by the VU to answer positively...2.2.2.3Start Diagnostic Session Request (SID 10) DDP_007The Start Diagnostic Session request message is issued by the...2.2.2.4Positive Response Start Diagnostic (SID 50) DDP_008The Positive Response Start Diagnostic message is sent by the...2.2.2.5Link Control Service (SID 87) DDP_052The Link Control Service is used by the IDE to...2.2.2.6Link Control Positive Response (SID C7) DDP_053The Link Control Positive Response is issued by the VU...2.2.2.7Request Upload (SID 35) DDP_009The Request Upload message is issued by the IDE to...2.2.2.8Positive Response Request Upload (SID 75) DDP_010The Positive Response Request Upload message is sent by the...2.2.2.9Transfer Data Request (SID 36) DDP_011The Transfer Data Request is sent by the IDE to...DDP_054It is mandatory for the IDE to request the overview...2.2.2.10Positive Response Transfer Data (SID 76) DDP_012The Positive Response Transfer Data is sent by the VU...DDP_055In the first case (TREP 01 or 21), the VU...2.2.2.11Request Transfer Exit (SID 37) DDP_013The Request Transfer Exit message is sent by the IDE...2.2.2.12Positive Response Request Transfer Exit (SID 77) DDP_014The Positive Response Request Transfer Exit message is sent by...2.2.2.13Stop Communication Request (SID 82) DDP_015The Stop Communication Request message is sent by the IDE...2.2.2.14Positive Response Stop Communication (SID C2) DDP_016The Positive Response Stop Communication message is sent by the...2.2.2.15Acknowledge Sub Message (SID 83) DDP_017The Acknowledge Sub Message is sent by the IDE to...2.2.2.16Negative Response (SID 7F) DDP_018The Negative Response message is sent by the VU in...2.2.3Message flow 2.2.4Timing DDP_019During normal operation the timing parameters shown in the following...2.2.5Error handling 2.2.5.1Start Communication phase DDP_020If the IDE detects an error during the Start Communication...DDP_021If the VU detects an error in the sequence coming...2.2.5.2Communication phase 2.2.6Response Message content 2.2.6.1Positive Response Transfer Data Overview DDP_029The data field of the ‘Positive Response Transfer Data Overview’...2.2.6.2Positive Response Transfer Data Activities DDP_030The data field of the ‘Positive Response Transfer Data Activities’...2.2.6.3Positive Response Transfer Data Events and Faults DDP_031The data field of the ‘Positive Response Transfer Data Events...2.2.6.4Positive Response Transfer Data Detailed Speed DDP_032The data field of the ‘Positive Response Transfer Data Detailed...2.2.6.5Positive Response Transfer Data Technical Data DDP_033The data field of the ‘Positive Response Transfer Data Technical...2.3.ESM File storage DDP_034When a download session has included a VU data transfer,...3.TACHOGRAPH CARDS DOWNLOADING PROTOCOL 3.1.Scope 3.2.Definitions 3.3.Card Downloading DDP_035The download of a tachograph card includes the following steps:...3.3.1Initialisation sequence DDP_036The IDE shall initiate the sequence as follows: 3.3.2Sequence for un-signed data files DDP_037The sequence to download EFs ICC, IC, Card_Certificate (or CardSignCertificate...3.3.3Sequence for Signed data files DDP_038The following sequence shall be used for each of the...3.3.4Sequence for resetting the calibration counter. DDP_039The sequence to reset the counter in the EF in...3.4.Data storage format 3.4.1Introduction DDP_040The downloaded data has to be stored according to the...3.4.2File format DDP_041The file format is a concatenation of several TLV objects....DDP_042The tag for an EF shall be the FID plus...DDP_043The tag of an EF's signature shall be the FID...DDP_044The length is a two byte value. The value defines...DDP_045When a file is not downloaded nothing related to the...DDP_046A signature shall be stored as the next TLV object...4.DOWNLOADING A TACHOGRAPH CARD VIA A VEHICLE UNIT. DDP_047The VU must allow for downloading the content of a...DDP_048The IDE shall send a ‘Transfer Data Request Card Download’...DDP_049First generation driver cards: Data shall be downloaded using the...DDP_050The IDE shall retrieve card data from the ‘Positive Response...DDP_051The VU shall then, as applicable, update the or the...CALIBRATION PROTOCOL 1.INTRODUCTION CPR_001The ‘ECUProgrammingSession’ allows data entry into the vehicle unit. In...CPR_002The ‘ECUAdjustmentSession’ allows the selection of the I/O mode of...CPR_003Throughout this document the address of the tester is referred...2.TERMS, DEFINITIONS AND REFERENCES References: 3.OVERVIEW OF SERVICES 3.1.Services available CPR_004The table indicates the services that are available in an...3.2.Response codes 4.COMMUNICATION SERVICES CPR_005The StartCommunication Service is used for starting a communication. In...4.1.StartCommunication Service CPR_006Upon receiving a StartCommunication indication primitive, the VU shall check...CPR_007Then the VU shall perform all actions necessary to initialise...CPR_008If a VU that is already initialised (and has entered...CPR_009If the communication link cannot be initialised for any reason,...CPR_010The StartCommunication Request message must be physically addressed. CPR_011Initialising the VU for services is performed through a ‘fast...CPR_012After completion of the initialisation, CPR_014The data rate on the K-line shall be 10 400...CPR_016The fast initialisation is started by the tester transmitting a...CPR_017The timing values for the fast initialisation and communications in...CPR_018The message format for fast initialisation is detailed in the...CPR_019There is no negative response to the StartCommunication Request message,...4.2.StopCommunication Service 4.2.1Message description CPR_020Upon receiving a StopCommunication indication primitive, the VU shall check...CPR_021If it is possible to terminate the communication, the VU...CPR_022If the communication cannot be terminated by any reason, the...CPR_023If time-out of P3 max is detected by the VU,...4.2.2Message format CPR_024The message formats for the StopCommunication primitives are detailed in...4.2.3Parameter Definition 4.3.TesterPresent Service 4.3.1Message description 4.3.2Message format CPR_079The message formats for the TesterPresent primitives are detailed in...CPR_080If the responseRequired parameter is set to ‘yes’, then the...CPR_081The service shall support the following negative responses codes: 5.MANAGEMENT SERVICES 5.1.StartDiagnosticSession service 5.1.1Message description CPR_025The service StartDiagnosticSession is used to enable different diagnostic sessions...CPR_026A diagnostic session shall only be started if communication has...CPR_027The timing parameters defined in Table 4 shall be active...5.1.2Message format CPR_028The message formats for the StartDiagnosticSession primitives are detailed in...5.1.3Parameter definition CPR_029The parameter diagnosticSession (DS_) is used by the StartDiagnosticSession service...5.2.SecurityAccess service 5.2.1Message Description CPR_033The tester shall use the SecurityAccess ‘requestSeed’ message to check...CPR_034If the vehicle unit is already in CALIBRATION mode, it...CPR_035If the vehicle unit is ready to accept a PIN...CPR_036If the vehicle unit is not ready to accept a...CPR_037The tester shall then, eventually, use the SecurityAccess ‘sendKey’ message...CPR_038The vehicle unit shall answer to this request using the...CPR_039In the following cases, the vehicle unit shall answer to...5.2.2Message format — SecurityAccess — requestSeed CPR_040The message formats for the SecurityAccess ‘requestSeed’ primitives are detailed...5.2.3Message format — SecurityAccess — sendKey CPR_041The message formats for the SecurityAccess ‘sendKey’ primitives are detailed...6.DATA TRANSMISSION SERVICES 6.1.ReadDataByIdentifier service 6.1.1Message description CPR_050The ReadDataByIdentifier service is used by the client to request...6.1.2Message format CPR_051The message formats for the ReadDataByIdentifier primitives are detailed in...6.1.3Parameter Definition CPR_052The parameter recordDataIdentifier (RDI_) in the ReadDataByIdentifier request message identifies...CPR_053recordDataIdentifier values defined by this document are shown in the...CPR_054The parameter dataRecord (DREC_) is used by the ReadDataByIdentifier positive...6.2.WriteDataByIdentifier service 6.2.1Message description CPR_056The WriteDataByIdentifier service is used by the client to write...6.2.2Message format CPR_057The message formats for the WriteDataByIdentifier primitives are detailed in...6.2.3Parameter definition 7.CONTROL OF TEST PULSES — INPUT/OUTPUT CONTROL FUNCTIONAL UNIT 7.1.InputOutputControlByIdentifier service 7.1.1Message description CPR_058This calibration I/O signal line can be configured by K-line...CPR_059The vehicle unit must have entered an adjustment session and...CPR_060If speed pulses are received at the real time speed...CPR_061The sequence shall be: 7.1.2Message format CPR_062The message formats for the InputOutputControlByIdentifier primitives are detailed in...7.1.3Parameter definition CPR_064The parameter inputOutputControlParameter (IOCP_) is defined in the following table....CPR_065The parameter controlState is present only when the inputOutputControlParameter is...8.DATARECORDS FORMATS CPR_067All parameters identified shall be supported by the VU. CPR_068Data transmitted by the VU to the tester in response...8.1.Transmitted parameter ranges CPR_069Table 38 defines the ranges used to determine the validity...CPR_070The values in the range ‘error indicator’ provide a means...CPR_071The values in the range ‘not available’ provide a means...CPR_072If a component failure prevents the transmission of valid data...CPR_073For parameters coded in ASCII, the ASCII character ‘*’ is...8.2.dataRecords formats CPR_074Table 39 provides the length, resolution and operating range for...CPR_075Table 40 details the formats of the different bytes of...CPR_076Table 41 details the formats of the different bytes of...CPR_078Table 42 details the formats of the different bytes of...TYPE APPROVAL LIST OF MINIMUM REQUIRED TESTS 1.INTRODUCTION 1.1.Type approval 1.2.References 2.VEHICLE UNIT FUNCTIONAL TESTS 3.MOTION SENSOR FUNCTIONAL TESTS 4.TACHOGRAPH CARDS FUNCTIONAL TESTS 5.EXTERNAL GNSS FACILITY TESTS 6.EXTERNAL REMOTE COMMUNICATION FACILITY TEST 7.PAPER FUNCTIONAL TESTS 8.INTEROPERABILITY TESTS SECURITY REQUIREMENTS SEC_001The following components of the smart tachograph system shall be...SEC_002The minimum IT security requirements to be met by each...SEC_003The European Commission shall make sure that four Protection Profiles...SEC_004Component manufacturers shall refine and complete the appropriate component Protection...SEC_005Strict conformance of such specific Security Target with the corresponding...SEC_006The assurance level for each Protection Profile shall be EAL4...COMMON SECURITY MECHANISMS PREAMBLE PART AFIRST-GENERATION TACHOGRAPH SYSTEM 1.INTRODUCTION 1.1.References 1.2.Notations and abbreviated terms 2.CRYPTOGRAPHIC SYSTEMS AND ALGORITHMS 2.1.Cryptographic systems CSM_001Vehicle units and tachograph cards shall use a classical RSA...CSM_002Vehicle units and tachograph cards shall use a Triple DES...2.2.Cryptographic algorithms 2.2.1RSA algorithm CSM_003The RSA algorithm is fully defined by the following relations:...2.2.2Hash algorithm CSM_004The digital signature mechanisms shall use the SHA-1 hash algorithm...2.2.3Data Encryption Algorithm CSM_005DES based algorithms shall be used in Cipher Block Chaining...3.KEYS AND CERTIFICATES 3.1.Keys generation and distribution 3.1.1RSA Keys generation and distribution CSM_006RSA keys shall be generated through three functional hierarchical levels:...CSM_007At European level, a single European key pair (EUR.SK and...CSM_008At Member State level, a Member State key pair (MS.SK...CSM_009At equipment level, one single key pair (EQT.SK and EQT.PK)...CSM_010Private keys confidentiality shall be maintained during generation, transport (if...3.1.2RSA Test keys CSM_011For the purpose of equipment testing (including interoperability tests) the...3.1.3Motion sensor keys CSM_036The European Certification authority shall generate KmVU and KmWC, two...CSM_037Member States Certification Authorities shall: 3.1.4T-DES session keys generation and distribution CSM_012Vehicle units and tachograph cards shall, as a part of...CSM_013This key shall be used for all subsequent cryptographic operations...3.2.Keys CSM_014RSA keys shall have (whatever the level) the following lengths:...CSM_015Triple DES keys shall have the form (Ka, Kb, Ka)...3.3.Certificates CSM_016RSA Public key certificates shall be ‘non self-descriptive’‘Card Verifiable’ certificates...3.3.1Certificates content CSM_017RSA Public key certificates are built with the following data...Notes: 1.The ‘Certificate Profile Identifier’ (CPI) delineates the exact structure of...2.The ‘Certification Authority Reference’ (CAR) has the purpose of identifying...3.The ‘Certificate Holder Authorisation’ (CHA) is used to identify the...4.The ‘Certificate Holder Reference’ (CHR) has the purpose of identifying...5.Key Identifiers uniquely identify certificate holder or certification authorities. They...6.Certificate verifiers shall implicitly know that the public key certified...3.3.2Certificates issued CSM_018The certificate issued is a digital signature with partial recovery...Notes: 1.This certificate is 194 bytes long. 2.CAR, being hidden by the signature, is also appended to...3.The certificate verifier shall implicitly know the algorithm used by...4.The headerlist associated with this issued certificate is as follows:...3.3.3Certificate verification and unwrapping CSM_019It involves the following steps: 4.MUTUAL AUTHENTICATION MECHANISM CSM_020The following protocol shall be used (arrows indicate commands and...5.VU-CARDS DATA TRANSFER CONFIDENTIALITY, INTEGRITY AND AUTHENTICATION MECHANISMS 5.1.Secure Messaging CSM_021VU-Cards data transfers integrity shall be protected through Secure Messaging...CSM_022When data need to be protected during transfer, a Cryptographic...CSM_023The cryptographic checksum of data sent within a command shall...CSM_024The response status-information bytes shall be protected by a cryptographic...CSM_025Cryptographic checksums shall be 4 Bytes long. 5.2.Treatment of Secure Messaging errors CSM_026When the tachograph card recognises an SM error while interpreting...CSM_027When the tachograph card returns status bytes without SM DOs...5.3.Algorithm to compute Cryptographic Checksums CSM_028Cryptographic checksums are built using a retail MACs in accordance...CSM_029The Send Sequence Counter (SSC) shall be initiated during key...CSM_030The Send Sequence Counter shall be increased by 1 each...5.4.Algorithm to compute cryptograms for confidentiality DOs CSM_031Cryptograms are computed using TDEA in TCBC mode of operation...6.DATA DOWNLOAD DIGITAL SIGNATURE MECHANISMS CSM_032The Intelligent Dedicated Equipment (IDE) stores data received from an...CSM_033Digital signatures of downloaded data shall use a digital signature...6.1.Signature generation CSM_034Data signature generation by the equipment shall follow the signature...6.2.Signature verification CSM_035Data signature verification on downloaded data shall follow the signature...PART BSECOND-GENERATION TACHOGRAPH SYSTEM 7.INTRODUCTION 7.1.References 7.2.Notations and Abbreviations 7.3.Definitions 8.CRYPTOGRAPHIC SYSTEMS AND ALGORITHMS 8.1.Cryptographic Systems CSM_38Vehicle units and tachograph cards shall use an elliptic curve-based...CSM_39Vehicle units and external GNSS facilities shall use an elliptic...CSM_40Vehicle units and tachograph cards shall use an AES-based symmetric...CSM_41Vehicle units and external GNSS facilities shall use an AES-based...CSM_42Vehicle units and motion sensors shall use an AES-based symmetric...CSM_43Vehicle units and control cards shall use an AES-based symmetric...Notes: —Properly speaking, data is transmitted from a vehicle unit to...—A workshop card offers the same security services for the...8.2.Cryptographic Algorithms 8.2.1Symmetric Algorithms CSM_44Vehicle units, tachograph cards, motion sensors and external GNSS facilities...8.2.2Asymmetric Algorithms and Standardized Domain Parameters CSM_45Vehicle units, tachograph cards and external GNSS facilities shall support...CSM_46Vehicle units, tachograph cards and external GNSS facilities shall support...CSM_47Vehicle units, tachograph cards and external GNSS facilities shall support...CSM_48Vehicle units, tachograph cards and external GNSS facilities shall support...8.2.3Hashing algorithms CSM_49Vehicle units, tachograph cards and external GNSS facilities shall support...8.2.4Cipher Suites CSM_50In case a symmetric algorithm, an asymmetric algorithm and/or a...9.KEYS AND CERTIFICATES 9.1.Asymmetric Key Pairs and Public Key Certificates 9.1.1General CSM_51Within the European Smart Tachograph system, ECC key pairs and...CSM_52Within the entire European Smart Tachograph system, public and private...9.1.2European Level CSM_53At European level, a single unique ECC key pair designated...CSM_54The ERCA shall use the European private key to sign...CSM_55The ERCA shall use the European private key to sign...CSM_56As shown in Figure 1 in section 9.1.7, the ERCA...CSM_57Before generating a new European root key pair, the ERCA...CSM_58Whenever it generates a new European root key pair, the...CSM_59The ERCA shall not use the private key of a...CSM_60At any moment in time, the ERCA shall dispose of...9.1.3Member State Level CSM_61At Member State level, all Member States required to sign...CSM_62The task of generating Member State key pairs shall be...CSM_63An MSCA shall choose the strength of a Member State...CSM_64An MSCA_VU-EGF key pair, if present, shall consist of private...CSM_65An MSCA_Card key pair shall consist of private key MSCA_Card.SK...CSM_66An MSCA shall keep records of all signed VU certificates,...CSM_67The validity period of an MSCA_VU-EGF certificate shall be 17...CSM_68As shown in Figure 1 in section 9.1.7, the private...CSM_69An MSCA shall not use the private key of an...CSM_70At any moment in time, an MSCA shall dispose of...CSM_71If an MSCA is required to sign certificates for vehicle...9.1.4Equipment Level: Vehicle Units CSM_72Two unique ECC key pairs shall be generated for each...CSM_73The VU_MA and VU_Sign certificates of a given vehicle unit...CSM_74A VU manufacturer shall choose the strength of a VU...CSM_75A vehicle unit shall use its VU_MA key pair, consisting...CSM_76A vehicle unit shall be capable of generating ephemeral ECC...CSM_77A vehicle unit shall use the private key VU_Sign.SK of...CSM_78As shown in Figure 1 in section 9.1.7, the validity...Notes: —The extended validity period of a VU_Sign certificate allows a...—The extended validity period of a VU_MA certificate is needed...CSM_79A vehicle unit shall not use the private key of...CSM_80The VU key pairs (except ephemeral keys pairs) and corresponding...Notes: —Ephemeral key pairs are not included in this requirement, as...—This requirement does not forbid the possibility of replacing static...CSM_81When put in operation, vehicle units shall contain the following...CSM_82In addition to the cryptographic keys and certificates listed in...9.1.5Equipment Level: Tachograph Cards CSM_83One unique ECC key pair, designated as Card_MA, shall be...CSM_84The Card_MA and Card_Sign certificates of a given driver card...CSM_85A card manufacturer or card personaliser shall choose the strength...CSM_86A tachograph card shall use its Card_MA key pair, consisting...CSM_87A driver card or workshop card shall use the private...CSM_88The validity period of a Card_MA certificate shall be as...CSM_89The validity period of a Card_Sign certificate shall be as...CSM_90The key pairs and corresponding certificates of a given tachograph...CSM_91When issued, tachograph cards shall contain the following cryptographic keys...CSM_92In addition to the cryptographic keys and certificates listed in...9.1.6Equipment Level: External GNSS Facilities CSM_93One unique ECC key pair shall be generated for each...CSM_94An EGF manufacturer shall choose the strength of an EGF_MA...CSM_95An external GNSS facility shall use its EGF_MA key pair,...CSM_96The validity period of an EGF_MA certificate shall be 15...CSM_97An external GNSS facility shall not use the private key...CSM_98The EGF_MA key pair and corresponding certificate of a given...CSM_99When put in operation, an external GNSS facility shall contain...9.1.7Overview: Certificate Replacement Figure 1Issuance and usage of different generations of ERCA root certificates,...Notes to Figure 1: 1.Different generations of the root certificate are indicated by a...2.Other certificates are indicated by two numbers in brackets, the...3.The MSCA_Card (2-1) and MSCA_Card (1-last) certificates are issued at...4.As shown in the figure, the first VU and Card...5.The validity period shown for cards is the one for...6.To save space, the difference in validity period between the...9.2.Symmetric Keys 9.2.1Keys for Securing VU — Motion Sensor Communication 9.2.1.1General CSM_100A number of symmetric keys is needed for pairing vehicle...CSM_101The European Root Certificate Authority shall generate KM-VU and KM-WC,...CSM_102The ERCA shall assign to each motion sensor master key...CSM_103A Member State Certificate Authority shall forward KM-VU, together with...CSM_104A Member State Certificate Authority shall ensure that KM-WC, together...Notes: —See the description of data type in Appendix 2. —as explained in section 9.2.1.2, in fact multiple generations of...CSM_105In addition to the AES key specified in CSM_104, a...Notes: —This allows a second-generation workshop card to be used for...—A second-generation workshop card will contain two different applications, one...CSM_106An MSCA involved in issuing motion sensors shall derive the...CSM_107Each Motion sensor manufacturer shall generate a random and unique...CSM_108Each motion sensor manufacturer shall generate a unique serial number...CSM_109For requirements CSM_107 and CSM_108, the MSCA shall use the...CSM_110The motion sensor manufacturer shall store the encrypted pairing key...CSM_111In addition to the AES-based cryptographic material specified in CSM_110,...CSM_112The length of the session key KS generated by a...9.2.1.2Motion Sensor Master Key Replacement in Second-Generation Equipment CSM_113Each motion sensor master key and all related keys (see...CSM_114At least one year before generating a new European root...CSM_115An MSCA shall ensure that all valid generations of KM-WC...CSM_116In relation to the process described in CSM_107 and CSM_108...CSM_117In relation to the process described in CSM_107 above: Since...CSM_118Vehicle unit manufacturers shall insert only one generation of KM-VU...Notes: —A vehicle unit based on the generation X ERCA certificate...—A VU of generation X cannot be paired to a...—Since workshop cards have a validity period of one year,...9.2.2Keys for Securing DSRC Communication 9.2.2.1General CSM_119The authenticity and confidentiality of data communicated from a vehicle...CSM_120The DSRC master key KMDSRC shall be an AES key...CSM_121The ERCA shall communicate the DSRC master key to Member...CSM_122The ERCA shall assign to each DSRC master key a...CSM_123For every vehicle unit, the vehicle unit manufacturer shall create...Note: CSM_124Upon receiving a request for VU-specific DSRC keys, the MSCA...CSM_125The MSCA shall distribute K_VUDSRC_ENC and K_VUDSRC_MAC to the VU...CSM_126When issued, a vehicle unit shall have stored K_VUDSRC_ENC and...CSM_127When issued, control cards and workshop cards shall have stored...CSM_128The MSCA shall keep records of all VU-specific DSRC keys...9.2.2.2DSRC Master Key Replacement CSM_129Each DSRC master key is associated to a particular generation...CSM_130At least two years before generating a new European root...CSM_131An MSCA shall ensure that all valid generations of KMDSRC...CSM_132An MSCA shall ensure that all generations of KMDSRC that...CSM_133Vehicle unit manufacturers shall insert only one set of VU-specific...Notes: —This implies that a vehicle unit based on the generation...—Since workshop cards have a validity period of one year...9.3.Certificates 9.3.1General CSM_134All certificates in the European Smart Tachograph system shall be...CSM_135The Distinguished Encoding Rules (DER) according to [ISO 8825-1] shall...9.3.2Certificate Content CSM_136All certificates shall have the structure shown in the certificate...9.3.2.1Certificate Profile Identifier CSM_137Certificates shall use a Certificate Profile Identifier to indicate the...9.3.2.2Certificate Authority Reference CSM_138The Certificate Authority Reference shall be used to identify the...CSM_139An ERCA root certificate shall be self-signed, i.e., the Certificate...CSM_140For an ERCA link certificate, the Certificate Holder Reference shall...9.3.2.3Certificate Holder Authorisation CSM_141The Certificate Holder Authorisation shall be used to identify the...9.3.2.4Public Key CSM_142The data element Domain Parameters shall contain one of the...CSM_143The data element Public Point shall contain the public point....9.3.2.5Certificate Holder Reference CSM_144The Certificate Holder Reference is an identifier for the public...CSM_145For card certificates and external GNSS facility certificates, the Certificate...CSM_146For vehicle units, the manufacturer, when requesting a certificate, may...CSM_147For ERCA and MSCA certificates, the Certificate Holder Reference shall...9.3.2.6Certificate Effective Date CSM_148The Certificate Effective Date shall indicate the starting date and...9.3.2.7Certificate Expiration Date CSM_149The Certificate Expiration Date shall indicate the end date and...9.3.2.8Certificate Signature CSM_150The signature on the certificate shall be created over the...9.3.3Requesting Certificates CSM_151When requesting a certificate, an MSCA shall send the following...CSM_152In addition to the data in CSM_151, an MSCA shall...CSM_153An equipment manufacturer shall send the following data in a...CSM_154In the case of a VU, the manufacturer, when requesting...10.VU- CARD MUTUAL AUTHENTICATION AND SECURE MESSAGING 10.1.General CSM_155On a high level, secure communication between a vehicle unit...CSM_156The mechanism described in CSM_155 shall be triggered by the...10.2.Mutual Certificate Chain Verification 10.2.1Card Certificate Chain Verification by VU CSM_157Vehicle units shall use the protocol depicted in Figure 4...Notes to Figure 4: —The Card certificates and public keys mentioned in the figure...—The Card.CA certificates and public keys mentioned in the figure...—The Card.CA.EUR certificate mentioned in the figure is the European...—The Card.Link certificate mentioned in the figure is the card's...—The Card.Link.EUR certificate is the European root certificate that is...CSM_158As depicted in Figure 4, verification of the card's certificate...CSM_159As indicated in Figure 4, once the VU has verified...CSM_160The VU shall verify the temporal validity of any certificate...10.2.2VU Certificate Chain Verification by Card CSM_161Tachograph cards shall use the protocol depicted in Figure 5...Notes to Figure 5: —The VU certificates and public keys mentioned in the figure...—The VU.CA certificates and public keys mentioned in the figure...—The VU.CA.EUR certificate mentioned in the figure is the European...—The VU.Link certificate mentioned in the figure is the VU's...—The VU.Link.EUR certificate is the European root certificate that is...CSM_162As depicted in Figure 5, verification of the certificate chain...Note: There are three ways in which the card may...—the VU.CA.EUR certificate is the same certificate as the card's...—the VU.CA.EUR certificate precedes the card's own EUR certificate and...—the VU.CA.EUR certificate succeeds the card's own EUR certificate and...CSM_163The VU shall use the MSE: Set AT command to...CSM_164The MSE: Set AT command also contains an indication of...CSM_165If the MSE: Set AT command is successful, the card...CSM_166The card shall verify the temporal validity of any certificate...CSM_167For verifying the temporal validity of a certificate presented by...CSM_168As indicated in Figure 5, once the card has verified...10.3.VU Authentication CSM_169Vehicle units and cards shall use the VU Authentication protocol...CSM_170Next to the card challenge, the VU shall include in...CSM_171The VU shall also include in the signature the identifier...Figure 6VU Authentication protocol CSM_172If multiple GET CHALLENGE commands are sent by the VU...CSM_173The signing algorithm used by the VU for VU Authentication...CSM_174Upon receiving the VU’s signature in an EXTERNAL AUTHENTICATE command,...10.4.Chip Authentication and Session Key Agreement CSM_175Vehicle units and cards shall use the Chip Authentication protocol...CSM_176The VU and the card shall take the following steps:...CSM_177In step 3 above, the card shall compute Comp(VU.PKeph) as...CSM_178In steps 4 and 7 above, the card and the...CSM_179In steps 5 and 8 above, the card and the...CSM_180In steps 6 and 9 above, the card and the...10.5.Secure Messaging 10.5.1General CSM_181All commands and responses exchanged between a vehicle unit and...CSM_182Except when reading from a file with access condition SM-R-ENC-MAC-G2...CSM_183When reading data from a file with access condition SM-R-ENC-MAC-G2,...CSM_184Secure Messaging shall use AES as defined in [AES] with...CSM_185An unsigned integer shall be used as the Send Sequence...CSM_186For message encryption, KENC shall be used with AES in...CSM_187For message authentication, KMAC shall be used with AES in...10.5.2Secure Message Structure CSM_188Secure Messaging shall make use only of the Secure Messaging...CSM_189All SM data objects shall be encoded in DER TLV...CSM_190APDUs protected by Secure Messaging shall be created as follows:...CSM_191Any data object to be encrypted shall be padded according...Summary and Examples Figure 10Transformation of an encrypted and authenticated Case 2/Case 4 Response...10.5.3Secure Messaging Session Abortion CSM_192A vehicle unit shall abort an ongoing Secure Messaging session...CSM_193A tachograph card shall abort an ongoing Secure Messaging session...CSM_194Regarding SM error handling by a tachograph card: CSM_195If a Secure Messaging session between a VU and a...CSM_196If for any reason the VU decides to restart mutual...11.VU — EXTERNAL GNSS FACILITY COUPLING, MUTUAL AUTHENTICATION AND SECURE...11.1.General CSM_197The GNSS facility used by a VU to determine its...CSM_198Secure communication between a vehicle unit and an external GNSS...CSM_199Communication between a vehicle unit and an EGF differs from...CSM_200For communication between a vehicle unit and an EGF, APDU...11.2.VU and External GNSS Facility Coupling CSM_201A vehicle unit and an EGF in a vehicle shall...CSM_202Coupling of a vehicle unit and an EGF shall only...CSM_203A workshop may re-couple a vehicle unit to another EGF...CSM_204A workshop may re-couple an external GNSS facility to another...11.3.Mutual Certificate Chain Verification 11.3.1General CSM_205Mutual certificate chain verification between a VU and an EGF...11.3.2During VU — EGF Coupling CSM_206During the coupling to an EGF, a vehicle unit shall...Notes to Figure 4 within this context: —Communication control is out of the scope of this Appendix....—The Card certificates and public keys mentioned in the figure...—The Card.CA certificates and public keys mentioned in the figure...—The Card.CA.EUR certificate mentioned in the figure shall be interpreted...—The Card.Link certificate mentioned in the figure shall be interpreted...—The Card.Link.EUR certificate is the European root certificate that is...—Instead of the , the VU shall read the from...—Instead of selecting the Tachograph AID, the VU shall select...—‘Ignore Card’ shall be interpreted as ‘Ignore EGF’. CSM_207Once it has verified the EGF_MA certificate, the vehicle unit...CSM_208During the coupling to a VU, an external GNSS facility...Notes to Figure 5 within this context: —The VU shall generate a fresh ephemeral key pair using...—The VU certificates and public keys mentioned in the figure...—The VU.CA certificates and public keys mentioned in the figure...—The VU.CA.EUR certificate mentioned in the figure is the European...—The VU.Link certificate mentioned in the figure is the VU's...—The VU.Link.EUR certificate is the European root certificate that is...CSM_209In deviation from requirement CSM_167, an EGF shall use the...CSM_210Once it has verified the VU_MA certificate, the external GNSS...11.3.3During Normal Operation CSM_211During normal operation, a vehicle unit and an EGF shall...CSM_212As shown in Figure 11, the vehicle unit shall log...11.4.VU Authentication, Chip Authentication and Session Key Agreement CSM_213VU Authentication, Chip Authentication and session key agreement between a...11.5.Secure Messaging CSM_214All commands and responses exchanged between a vehicle unit and...CSM_215If a Secure Messaging session between a VU and an...12.VU — MOTION SENSOR PAIRING AND COMMUNICATION 12.1.General CSM_216A vehicle unit and a motion sensor shall communicate using...12.2.VU — Motion Sensor Pairing Using Different Key Generations CSM_217A second-generation VU and a second-generation motion sensor shall be...12.3.VU — Motion Sensor Pairing and Communication using AES CSM_218As specified in Table 3 in section 9.2.1, all keys...CSM_219The pairing information that is sent in instructions 43 (VU...CSM_220In case the plaintext data length (using AES keys) is...CSM_221For instruction 11 and in case more than one block...12.4.VU — Motion Sensor Pairing For Different Equipment Generations CSM_222As explained in section 9.2.1, a second-generation motion sensor may...Notes: —It is not possible to pair a second-generation VU to...—It is not possible to use a first-generation workshop card...13.SECURITY FOR REMOTE COMMUNICATION OVER DSRC 13.1.General CSM_223The plaintext data communicated by a VU to a Remote...CSM_224The DSRC security data shall consist of the concatenation of...CSM_225The 3-byte counter in the DSRC security data shall be...13.2.Tachograph Payload Encryption and MAC Generation CSM_226Given a plaintext data element with data type as described...CSM_227A VU shall calculate the MAC in the DSRC security...13.3.Verification and Decryption of Tachograph Payload CSM_228When a remote interrogator receives RTM data from a VU,...CSM_229In order to prevent replay attacks, the remote interrogator shall...Notes: —This requires the remote interrogator to have an accurate and...—Since Appendix 14 requires a VU to calculate a new...CSM_230When a workshop verifies the correct functioning of the DSRC...14.SIGNING DATA DOWNLOADS AND VERIFYING SIGNATURES 14.1.General CSM_231The Intelligent Dedicated Equipment (IDE) shall store data received from...CSM_232The IDE shall also dispose of. 14.2.Signature generation CSM_233The signing algorithm to create digital signatures over downloaded data...14.3.Signature verification CSM_234An IDE may perform verification of a signature over downloaded...Notes to Figure 13: —The equipment that signed the data to be analysed is...—The EQT certificates and public keys mentioned in the figure...—The EQT.CA certificates and public keys mentioned in the figure...—The EQT.CA.EUR certificate mentioned in the figure is the European...—The EQT.Link certificate mentioned in the figure is the EQT's...—The EQT.Link.EUR certificate is the European root certificate that is...CSM_235For calculating the hash M sent to the control card...CSM_236For verifying the EQT's signature, the control card shall follow...Figure 13Protocol for verification of the signature over a downloaded data...POSITIONING BASED ON GLOBAL NAVIGATION SATELLITE SYSTEM (GNSS) 1.INTRODUCTION 1.1.Scope GNS_1The Vehicle Unit shall collect location data from at least...1.2.Acronyms and notations 2.SPECIFICATION OF THE GNSS RECEIVER GNS_2Manufacturers shall ensure that the GNSS receivers in the Smart...GNS_3The GNSS receiver shall have the capability to support Authentication...3.NMEA SENTENCES GNS_4The location data is based on the NMEA sentence Recommended...GNS_5The Vehicle Unit shall store in the VU database the...Figure 3Structure of the GSA sentence GNS_6The GSA sentence shall be stored with record number ‘02’...GNS_7The maximum size of the NMEA sentences (e.g., RMC, GSA...4.VEHICLE UNIT WITH AN EXTERNAL GNSS FACILITY 4.1.Configuration 4.1.1Main components and interfaces GNS_8The external GNSS facility must be powered with a specific...GNS_9The external GNSS facility shall consist of the following components...GNS_10The external GNSS facility has at least the following external...GNS_11In the VU, the VU Secure Transceiver is the other...GNS_12For the physical layer of the communication with the external...4.1.2External GNSS facility state at the end of production GNS_13The external GNSS facility shall store the following values in...4.2.Communication between the external GNSS facility and the vehicle unit...4.2.1Communication Protocol GNS_14The communication protocol between the external GNSS facility and the...GNS_15The communication protocol shall be based on standard ISO/IEC 7816-4:2013...GNS_16In the communication protocol, extended length fields shall not be...GNS_17The communication protocol of ISO 7816 (both *-4:2013 and *-12:2005)...GNS_18Regarding the functions 1) the collection and distribution of GNSS...GNS_19The GNSS Secure Transceiver shall store the data coming from...GNS_20The GNSS Secure Transceiver shall use a memory to store...GNS_21The file structure is provided in Table 1. For the...4.2.2Secure transfer of GNSS data GNS_22The secure transfer of GNSS position data shall be allowed...GNS_23Every T seconds, where T is a value lower or...4.2.3Structure of the Read Record command GNS_24The command shall support the Secure Messaging authentication-only-mode, see Appendix...GNS_25Command Message GNS_26The record referenced in P1 becomes the current record. GNS_27The GNSS Secure Transceiver shall support the following tachograph generation...4.3.Coupling, mutual authentication and session key agreement of the external...4.4.Error Handling 4.4.1Communication error with the external GNSS facility GNS_28If the VU does not manage to communicate to the...4.4.2Breach of the physical integrity of the external GNSS facility...GNS_29If the external GNSS facility has been breached, the GNSS...4.4.3Absence of position information from GNSS receiver GNS_30If the GNSS Secure Transceiver does not receive data from...4.4.4External GNSS facility certificate expired GNS_31If the VU detects that the EGF certificate used for...5.VEHICLE UNIT WITHOUT AN EXTERNAL GNSS FACILITY 5.1.Configuration GNS_32The GNSS receiver shall act as a talker and transmit...GNS_33An external GNSS antenna installed on the vehicle or an...5.2.Error Handling 5.2.1Absence of position information from GNSS receiver GNS_34If the VU does not receive data from the GNSS...6.GNSS TIME CONFLICT 7.VEHICLE MOTION CONFLICT GNS_35The VU shall trigger and record an Vehicle Motion Conflict...ITS INTERFACE 1.INTRODUCTION 2.SCOPE 2.1.Acronyms, definitions and notations 3.REFERENCED REGULATIONS AND STANDARDS 4.INTERFACE WORKING PRINCIPLES 4.1.Preconditions to data transfer via the ITS interface 4.1.1Data provided through the ITS interface 4.1.2Content of the Data 4.1.3ITS Applications 4.2.Communication technology 4.3.PIN authorization 4.4.Message Format Header Data Field RequestPIN (SID 01) SendITSID (SID 02) SendPIN (SID 03) PairingResult (SID 04) SendPUC (SID 05) BanLiftingResult (SID 06) RequestRejected (SID 07) RequestData (SID 08) ResquestAccepted (SID 09) DataUnavailable (SID 0A) NegativeAnswer (SID 0B) 4.5.Driver consent 4.6.Standard data retrieval 4.7.Personal data retrieval 4.8.Event and fault data retrieval (1)LIST OF AVAILABLE DATA THROUGH THE ITS INTERFACE (2)CONTINUOUS GNSS DATA AVAILABLE AFTER DRIVER CONSENT (3)EVENT CODES AVAILABLE WITHOUT DRIVER CONSENT (4)EVENT CODES AVAILABLE WITH DRIVER CONSENT (5)FAULT DATA CODES AVAILABLE WITHOUT DRIVER CONSENT (6)MANUFACTURER SPECIFIC EVENTS AND FAULTS WITHOUT DRIVER CONSENT SEQUENCE DIAGRAMS OF MESSAGES EXCHANGES WITH THE ITS UNIT. ASN.1 SPECIFICATIONS REMOTE COMMUNICATION FUNCTION 1.INTRODUCTION DSC_1Regulation (EU) No 165/2014 determines that the tachograph shall be...DSC_2The Data shall be exchanged using the Communication which shall...DSC_3The Communication shall be established with the communications equipment only...DSC_4The Data shall be secured to ensure integrity. DSC_5Access to the Data communicated shall be restricted to competent...DSC_6The Data exchanged during the Communication shall be limited to...DSC_7Data integrity and security shall be obtained by securing the...DSC_8The Data shall contain a timestamp for the time of...DSC_9The content of the security data shall be known only...DSC_10The same architecture and equipment shall be capable be used...DSC_11For clarification, in accordance with the provisions of Regulation (EU)...2.SCOPE 3.ACRONYMS, DEFINITIONS AND NOTATIONS 4.OPERATIONAL SCENARIOS 4.1Overview 4.1.1Preconditions to data transfer via 5,8 GHz DSRC interface 4.1.1.1Data held in VU DSC_12The VU shall be responsible to keep updated every 60...4.1.1.2Data provided to DSRC-VU Facility DSC_13The VU shall be responsible to update the DSRC tachograph...DSC_14The VU data shall be used as a basis to...4.1.1.3Content of the Data DSC_15The content and format of the Data shall be such...4.1.1.4Data presentation DSC_16The Data, having been kept frequently updated in accordance with...4.1.1.5Security data DSC_17Security data (securityData), comprising the data required by the REDCR...4.1.1.6VUPM data available for transfer across the DSRC interface DSC_18The data concept which shall always be available in the...General overview of communication Profile 1 4.1.2Profile 1a: via a hand aimed or temporary roadside mounted...4.1.3Profile 1b: via a vehicle mounted and directed Remote Early...4.2Security/Integrity 5.REMOTE COMMUNICATION DESIGN AND PROTOCOLS 5.1Design DSC_19The following functions are located in the VU: DSC_20The Antenna and The Communication shall operate within ERC 70-03,...DSC_21The DSRC antenna shall be connected to the DSRC-VU facility...DSC_22The form factor of the antenna is not defined and...DSC_23The design and form factor of the REDCR shall be...DSC_24The design and form factor of the DSRC-VU and its...DSC_25However, the DSRC-VU shall be reasonably capable to accept data...5.2Workflow 5.2.1Operations 5.2.2Interpretation of the Data received via the DSRC communication DSC_26Data received across the 5.8 GHz interface shall carry the meaning...5.3DSRC Physical interface parameters for remote communication 5.3.1Location constraints DSC_27The remote interrogation of vehicles using a 5.8GHz DSRC interface...5.3.2Downlink and uplink parameters DSC_28The equipment used for remote tachograph monitoring shall conform to...DSC_29Further, to ensure compatibility with the operational parameters of other...5.3.3Antenna design 5.3.3.1REDCR antenna DSC_30The design of the REDCR antenna shall be a function...5.3.3.2VU antenna DSC_31The design of the DSRC-VU antenna shall be a function...DSC_32The VU antenna shall be fixed to, or close to,...DSC_33In the test environment in a workshop (see section 6.3),...5.4DSRC Protocol requirements for RTM 5.4.1Overview DSC_34The transaction protocol to download the Data across the 5.8 GHz...5.4.2Commands DSC_35The following commands are the only functions used in an...5.4.3Interrogation command sequence DSC_36From the perspective of the command and response sequence, the...5.4.4Data structures DSC_37The semantic structure of the Data when passed across the...DSC_38The payload (RTM data) consists of the concatenation of DSC_39The RTM Data is being addressed as RTM Attribute=1 and...DSC_40The RTM Context Mark shall identify the supported standard part...5.4.5Elements of RtmData, actions performed and definitions DSC_41The data values to be calculated by the VU and...5.4.6Data transfer mechanism DSC_42Payload data defined previously are requested by the REDCR after...DSC_43For all DSRC exchanges, data shall be encoded using PER...5.4.7Detailed DSRC transaction description DSC_44Initialisation is performed according to DSC_44 — DSC_48 and Tables...DSC_45A DSRC-VU, when receiving a BST, requires the allocation of...DSC_46The REDCR then answers by allocating a private window, as...DSC_47The DSRC-VU, when receiving the private window allocation, sends its...DSC_48The DSRC-VU shall support the ‘Freight and Fleet’ application, identified...DCS_49The REDCR then reads the data by issuing a GET...DSC_50The DSRC-VU, when receiving the GET request, sends a GET...DSC_51The REDCR then closes the connection by issuing a EVENT_REPORT,...DSC_52The DSRC-VU is not expected to answer to the Release...5.4.8DSRC Test transaction description DSC_53Full tests that include securing the data, need to be...DSC_54Commissioning and periodic inspection tests that require decrypting and comprehension...DSC_55In order to effect this basic communication test, the ECHO...DSC_56Initialisation is performed according to 5.4.7 (DSC_44 — DSC_48) and...DSC_57The REDCR then issues an ACTION, ECHO command conforming to...DSC_58The DSRC-VU, when receiving the ECHO request, sends an ECHO...5.5Support for Directive (EU) 2015/719 5.5.1Overview DSC_59. . . . . . . . . ....5.5.2Commands DSC_60. . . . . . . . . ....5.5.3Interrogation command sequence DSC_61. . . . . . . . . ....5.5.4Data structures DSC_62The payload (OWS data) consists of the concatenation of 5.5.5ASN.1 module for the OWS DSRC transaction DSC_63.The ASN.1 module definition for the DSRC data within the...5.5.6Elements of OwsData, actions performed and definitions 5.5.7Data transfer mechanisms DSC_64. . . . . . . . . ....DSC_65. . . . . . . . . ....5.6Data transfer between the DSRC-VU and VU 5.6.1Physical Connection and interfaces DSC_66The connection between the VU and the DSRC-VU can be...DSC_67Regardless of the choice of the physical connection and interface,...DSC_68a) In order that different suppliers may be contracted to...a)In order that different suppliers may be contracted to supply...DSC_69b) the definition of the interfaces and connection between the...b)the definition of the interfaces and connection between the VU...DSC_70c) the VU and DSRC-VU must support the operation of...c)the VU and DSRC-VU must support the operation of the...5.6.2Application Protocol DSC_71The application protocol between the VU Remote Communication facility and...DSC_72The following main commands are identified: DSC_73In ASN1.0, the previous commands may be defined as: DSC_74The description of the commands and parameters is following: DSC_75The initialization of the communication link shall be done only...DSC_76At the restart of the DSRC-VU or a VU, all...5.7Error handling 5.7.1Recording and communication of the Data in the DSRC-VU DSC_77The Data shall be provided, already secure d, b y...DSC_78The VU shall maintain a file identified by a unique...DSC_79If the VUPM attempts to obtain VU data from the...5.7.2Wireless Communication errors DSC_80Communication error handling shall be consistent with the related DSRC...5.7.2.1Encryption and signature errors DSC_81Encryption and signature errors shall be handled as defined in...5.7.2.2Recording of errors DSC_82The REDCR shall therefore record, time-stamped, the number of occasions...DSC_83The REDCR shall therefore record, time-stamped, the number of occasions...6.COMMISSIONING AND PERIODIC INSPECTION TESTS FOR THE REMOTE COMMUNICATION FUNCTION...6.1General DSC_84Two type of tests are foreseen for the remote communication...6.2ECHO 6.3Tests to validate the secure data content DSC_85This test is execute to validate the end-to-end security flow...DSC_86The workshop personnel must position the DSRC test reader at...DSC_87Then the workshop personnel will insert a workshop card in...MIGRATION: MANAGING THE CO-EXISTENCE OF EQUIPMENT GENERATIONS 1.DEFINITIONS 2.GENERAL PROVISIONS 2.1.Overview of the transition 2.2.Interoperability between VU and cards MIG_001Except as provided for in requirement MIG_004 and MIG_005, first...MIG_002Second generation vehicle units shall be able to use any...MIG_003This capability may be suppressed once and forever in such...MIG_004Second generation vehicle units shall only be able to use...MIG_005For determining the mode of operation, second generation vehicle units...MIG_006Any valid second generation tachograph card shall be able to...2.3.Interoperability between VU and MS MIG_007Second generation vehicle units will not be able to be...MIG_008Second generation motion sensors may be paired and used with...2.4.Interoperability between vehicle units, tachograph cards and equipment for data...MIG_009Equipment for data download may be used with one generation...2.4.1Direct card download by IDE MIG_010Data shall be downloaded by IDE from tachograph cards of...MIG_011To allow drivers' control by non EU control authorities, it...2.4.2Card download through a vehicle unit MIG_012Data shall be downloaded from a second generation card inserted...MIG_013Data shall be downloaded from a first generation card inserted...2.4.3Vehicle unit download MIG_014Outside the frame of drivers' control by non EU control...MIG_015To allow drivers' control by non EU control authorities, it...2.5.Interoperability between VU and calibration equipment MIG_016Calibration equipment shall be able to perform calibration of each...3.MAIN STEPS DURING THE PERIOD BEFORE THE INTRODUCTION DATE MIG_017Test keys and certificates shall be available to manufacturers at...MIG_018Interoperability tests shall be ready to start if requested by...MIG_019Official keys and certificates shall be available to manufacturers at...MIG_020Member states shall be able to issue second generation workshop...MIG_021Member States shall be able to issue all types of...4.PROVISIONS FOR THE PERIOD AFTER THE INTRODUCTION DATE MIG_022After the introduction date, Member States shall only issue second...MIG_023Vehicle units/motion sensors manufacturers shall be allowed to produce first...MIG_024Vehicle units/motion sensors manufacturers shall be allowed to request and...ADAPTOR FOR M1 AND N1 CATEGORY VEHICLES 1.ABBREVIATIONS AND REFERENCE DOCUMENTS 1.1.Abbreviations 1.2.Reference standards 2.GENERAL CHARACTERISTICS AND FUNCTIONS OF THE ADAPTOR 2.1.Adaptor general description ADA_001The adaptor shall provide a connected VU with secured motion...ADA_002A type approved motion sensor (according to the provisions of...2.2.Functions ADA_003The adaptor shall include the following functions: 2.3.Security ADA_004The adaptor shall not be security certified according to the...3.REQUIREMENTS FOR THE RECORDING EQUIPMENT WHEN AN ADAPTOR IS INSTALLED...ADA_005The recording equipment of any vehicle fitted with an adaptor...ADA_006When an adaptor is installed, the recording equipment includes cables,...ADA_007The detection of events and/or faults function of the recording...ADA_008The adaptor faults detectable by the recording equipment shall be...ADA_009The VU calibration function shall allow to automatically pair the...4.CONSTRUCTION AND FUNCTIONAL REQUIREMENTS FOR THE ADAPTOR 4.1.Interfacing and adapting incoming speed pulses ADA_011The adaptor input interface shall accept frequency pulses representative of...ADA_012The adaptor input interface shall be able, if applicable, to...4.2.Inducing the incoming pulses to the embedded motion sensor ADA_013The incoming pulses, possibly adapted as specified above, shall be...4.3.Embedded motion sensor ADA_014The embedded motion sensor shall be stimulated by the induced...ADA_015The identification data of the embedded motion sensor shall be...ADA_016The installation data stored in the embedded motion sensor shall...4.4.Security requirements ADA_017The adaptor housing shall be designed so that it cannot...ADA_018It shall not be possible to remove the embedded motion...ADA_019The adaptor shall ensure that motion data may only been...4.5.Performance characteristics ADA_020The adaptor shall be fully operational in the temperature range...ADA_021The adaptor shall be fully operational in the humidity range...ADA_022The adaptor shall be protected against over-voltage, inversion of its...ADA_023The adaptor shall either: ADA_024The adaptor shall conform to international regulation UN ECE R10,...4.6.Materials ADA_025The adaptor shall meet the protection grade (TBD by the...ADA_026The colour of the adaptor housing shall be yellow. 4.7.Markings ADA_027A descriptive plaque shall be affixed to the adaptor and...ADA_028The descriptive plaque shall also show the following details (if...5.INSTALLATION OF THE RECORDING EQUIPMENT WHEN AN ADAPTOR IS USED...5.1.Installation ADA_029Adaptors to be installed in vehicles shall only be installed...ADA_030Such approved workshop installing the adaptor shall adjust the input...ADA_031Such approved workshop installing the adaptor shall seal the adaptor...ADA_032The adaptor shall be fitted as close as possible to...ADA_033The cables for providing the adaptor power supply shall be...5.2.Sealing ADA_034The following sealing requirements shall apply: 6.CHECKS, INSPECTIONS AND REPAIRS 6.1.Periodic inspections ADA_035When an adaptor is used, each periodic inspection (periodic inspections...ADA_036These inspections shall include a calibration and a replacement of...7.TYPE APPROVAL OF RECORDING EQUIPMENT WHEN AN ADAPTOR IS USED...7.1.General points ADA_037Recording equipment shall be submitted for type approval complete, with...ADA_038Any adaptor may be submitted for its own type approval,...ADA_039Such type approval shall include functional tests involving the adaptor....7.2.Functional certificate ADA_040A functional certificate of an adaptor or of recording equipment...I.APPROVAL MARK 1.The approval mark shall be made up of: 2.The approval mark shall be shown on the descriptive plaque...3.The dimensions of the approval mark drawn below are expressed...II.APPROVAL CERTIFICATE FOR ANALOGUE TACHOGRAPHS APPROVAL CERTIFICATE III.APPROVAL CERTIFICATE FOR DIGITAL TACHOGRAPHS APPROVAL CERTIFICATE FOR DIGITAL TACHOGRAPHS □approval of: □withdrawal of approval of: IV.APPROVAL CERTIFICATE FOR SMART TACHOGRAPHS APPROVAL CERTIFICATE FOR SMART TACHOGRAPHS □approval of: □withdrawal of approval of:
Commission Implementing Regulation (EU) 2016/799
of 18 March 2016
implementing Regulation (EU) No 165/2014 of the European Parliament and of the Council laying down the requirements for the construction, testing, installation, operation and repair of tachographs and their components
(Text with EEA relevance)
THE EUROPEAN COMMISSION,
Having regard to the Treaty on the Functioning of the European Union,
Having regard to Regulation (EU) No 165/2014 of the European Parliament and of the Council of 4 February 2014 on tachographs in road transport1, and in particular Articles 11 and 12(7) thereof,
Whereas:
(1)
Regulation (EU) No 165/2014 has introduced second-generation digital tachographs called smart tachographs, which include a connection to the global navigation satellite system (‘GNSS’) facility, a remote early detection communication facility, and an interface with intelligent transport systems. The specifications for the technical requirements for the construction of smart tachographs should be set up.
(2)
The remote early detection facility established by Article 9(4) of Regulation (EU) No 165/2014 should transmit to a roadside control officer the data of the digital tachograph and the information concerning the weights and weight per axles of the complete vehicle combination (tractor and trailers or semi-trailers), in accordance with Directive 96/53/EC of the European Parliament and of the Council2. That should enable an effective and quick check of vehicles by the control authorities, with fewer electronic devices in the vehicle cab.
(3)
In accordance with Directive 96/53/EC, the remote early detection facility should use the CEN DSRC standards3 referred to in that Directive, at the frequency band of 5 795-5 805 MHz. As that frequency band is used for electronic tolling as well, and in order to avoid interference between tolling and control applications, control officers should not use the remote early detection facility on a toll plaza.
(4)
New security mechanisms for maintaining the level of security of the digital tachograph should be introduced with the smart tachograph to address current security vulnerabilities. One of such vulnerabilities is the absence of expiry dates of digital certificates. In order to comply with the best practices in security matters, it is recommended that the use of digital certificates without expiry dates should be avoided. The normal operation validity period of vehicle units should be 15 years, starting on the issuing date of the vehicle unit digital certificates. Vehicle units should be replaced after that validity period.
(5)
The provision of secured and reliable positioning information is an essential element of the effective operation of smart tachographs. Therefore, it is appropriate to ensure their compatibility with the added value services provided by the Galileo programme as set out in Regulation (EU) No 1285/2013 of the European Parliament and of the Council4 in order to improve the security of the smart tachograph.
(6)
In accordance with Articles 8(1), 9(1) and 10(1) and (2) of Regulation (EU) No 165/2014, the security mechanisms introduced by that Regulation should apply 36 months after the entry into force of the necessary implementing acts in order to allow the manufacturers to develop the new generation of smart tachographs, and receive their type-approval certificates from the competent authorities.
(7)
In accordance with Regulation (EU) No 165/2014, vehicles registered for the first time in a Member State 36 months after the entry into force of this Commission Regulation, should be equipped with a smart tachograph compliant with the requirements of this Commission Regulation. In any case, all vehicles operating in a Member State other than their Member State of registration should be equipped with a compliant smart tachograph 15 years after the date of application of those requirements.
(8)
Commission Regulation (EC) No 68/20095 allowed, during a transitional period expiring on 31 December 2013, the use of an adaptor to make possible the installation of tachographs in M1 and N1 type vehicles. Due to technical difficulties related to finding an alternative to the use of the adaptor, the experts of the automotive and tachograph industry, together with the Commission, concluded that no alternative solution to the adaptor was feasible without entailing high costs for industry, which would be disproportionate to the size of the market. Therefore, the use of the adaptor in M1 and N1 type vehicles should be allowed indefinitely.
(9)
The measures provided for in this Regulation are in accordance with the opinion of the Committee referred to in Article 42(3) of Regulation (EU) No 165/2014,
HAS ADOPTED THIS REGULATION: