SIST EN ISO 14906:2019

SLOVENSKI STANDARD
oSIST prEN ISO 14906:2017
01-november-2017
Elektronsko pobiranje pristojbin - Definicija aplikacijskega vmesnika za posebne
komunikacije kratkega dosega (ISO/DIS 14906:2017)
Electronic fee collection - Application interface definition for dedicated short-range
communication (ISO/DIS 14906:2017)
Elektronische Gebührenerhebung - Anwendungsschnittstelle zur dezidierten Nahbereich-
Kommunikation (ISO/DIS 14906:2017)
Perception du télépéage - Définition de l'interface d'application relative aux
communications dédiées à courte portée (ISO/DIS 14906:2017)
Ta slovenski standard je istoveten z: prEN ISO 14906
ICS:
03.220.20 Cestni transport Road transport
35.240.60 Uporabniške rešitve IT v IT applications in transport
prometu
oSIST prEN ISO 14906:2017 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN ISO 14906:2017

---------------------- Page: 2 ----------------------
oSIST prEN ISO 14906:2017
DRAFT INTERNATIONAL STANDARD
ISO/DIS 14906
ISO/TC 204 Secretariat: ANSI
Voting begins on: Voting terminates on:
2017-08-22 2017-11-13
Electronic fee collection — Application interface definition
for dedicated short-range communication
Perception du télépéage — Définition de l’interface d’application relative aux communications dédiées à
courte portée
ICS: 03.220.20; 35.240.60
THIS DOCUMENT IS A DRAFT CIRCULATED
This document is circulated as received from the committee secretariat.
FOR COMMENT AND APPROVAL. IT IS
THEREFORE SUBJECT TO CHANGE AND MAY
NOT BE REFERRED TO AS AN INTERNATIONAL
STANDARD UNTIL PUBLISHED AS SUCH.
IN ADDITION TO THEIR EVALUATION AS
ISO/CEN PARALLEL PROCESSING
BEING ACCEPTABLE FOR INDUSTRIAL,
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
Reference number
NATIONAL REGULATIONS.
ISO/DIS 14906:2017(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
©
PROVIDE SUPPORTING DOCUMENTATION. ISO 2017

---------------------- Page: 3 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2017, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved

---------------------- Page: 4 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
Contents Page
Foreword . v
Introduction . vi
1 Scope . 1
2 Normative references . 2
3 Terms and definitions . 2
4 Abbreviated terms . 4
5 EFC application interface architecture . 7
5.1 Relation to the DSRC communication architecture . 7
5.2 Usage of DSRC application layer by the EFC application interface . 8
5.3 Addressing of EFC attributes . 8
5.4 Addressing of components . 10
6 EFC Transaction Model . 11
6.1 General . 11
6.2 Initialisation Phase . 11
6.3 Transaction phase . 14
7 EFC Functions . 16
7.1 Overview and general concepts . 16
7.2 EFC functions . 23
8 EFC Attributes . 37
8.1 General . 37
8.2 Data group CONTRACT . 38
8.3 Data group RECEIPT . 38
8.4 Data group VEHICLE . 39
8.5 Data group EQUIPMENT . 39
8.6 Data group DRIVER . 39
8.7 Data group PAYMENT . 39
Annex A (normative) EFC data type specifications . 54
Annex B (informative) CARDME transaction . 55
B.1 General . 55
B.2 Overview . 55
B.3 CARDME transaction phases . 60
B.4 Bit-level specification . 69
Annex C (informative) Examples of EFC transaction types . 81
C.1 General . 81
C.2 Read only EFC transaction . 81
C.3 Read and write EFC transaction . 82
C.4 EFC purse transaction using the DEBIT function . 83
C.5 EFC on-board transaction using ICC and the TRANSFER_CHANNEL function . 84
C.6 Multiple contracts EFC transactions . 88
Annex D (normative) Mapping table from LatinAlphabetNo2 & 5 to LatinAlphabetNo1 . 92
Annex E (informative) Mapping table between EFC Vehicledata attribute and European
registration certificate . 93
Annex F (normative) Security calculations for DES . 96
F.1 General . 96
F.2 Attribute authenticator . 96
© ISO 2017 – All rights reserved iii

---------------------- Page: 5 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
F.3 Calculation of Access Credentials . 98
F.4 Key derivation . 99
Annex G (informative) Security computation examples for DES . 101
G.1 General . 101
G.2 Computation of Attribute Authenticator . 101
G.3 Computation of Access Credentials . 102
G.4 Key derivation . 103
Annex H (normative) Security calculations for AES . 105
H.1 General . 105
H.2 Attribute authenticator . 105
H.3 Calculation of Access Credentials . 107
H.4 Key derivation . 108
Annex I (informative) Security computation examples for AES . 110
I.1 General . 110
I.2 Computation of Attribute Authenticator . 110
I.3 Computation of Access Credentials . 110
I.4 Key derivation . 111
Bibliography . 112

© ISO 2017 – All rights reserved iv

---------------------- Page: 6 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies
(ISO member bodies). The work of preparing International Standards is normally carried out through ISO
technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards. Draft International Standards
adopted by the technical committees are circulated to the member bodies for voting. Publication as an
document requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 14906 was prepared by Technical Committee ISO/TC 204, Intelligent transport systems.
This third edition cancels and replaces the second edition (ISO 14906:2011), which has been technically
revised.
The main changes compared to the previous editions are:
 Inclusion of corrigenda ISO 14906:2011/Cor 1:2013;
 Inclusion of amendment ISO 14906:2011/Amd 1:2015;
 Inclusion of security calculations according to advanced encryption standard, as recommended in
CEN/TR 16968 on security mechanisms (revision of clause 7 and new annexes F, G, H and I);
 Update of normative references, terms and definitions, abreviations and bibliography;
 Conversion of the ASN.1 module into an electronic insert;
 Revision of annex C;
 Removal of annex D.
© ISO 2017 – All rights reserved v

---------------------- Page: 7 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
Introduction
This document specifies an application interface for electronic fee collection (EFC) systems, which are based
on dedicated short-range communication (DSRC). It supports interoperability between EFC systems on an
EFC-DSRC application interface level. This document is intended for DSRC charging applications, but
specifically the definition of EFC data elements is valid beyond the use of a DSRC charging interface and
might be used for other DSRC applications (e.g. compliance checking communication) and/or on other
interfaces (e.g. the application interface of autonomous systems).
This document provides specifications for the EFC transaction model, EFC data elements (referred to as
attributes) and functions, from which an EFC transaction can be built. The EFC transaction model provides a
mechanism that allows handling of different versions of EFC transactions and associated contracts. A certain
EFC transaction supports a certain set of EFC attributes and EFC functions as defined in this document. It is
not envisaged that the complete set of EFC attributes and functions be present in each piece of EFC
equipment, on-board equipment (OBE) or roadside equipment (RSE).
This document provides the basis for agreements between operators, which are needed to achieve
interoperability. Based on the tools specified in this document, interoperability can be reached by operators
recognising each others' EFC transactions (including the exchange of security algorithms and keys) and
implementing the EFC transactions in each others' RSEs, or they can reach an agreement to define a new
transaction (and contract) that is common to both. Considerations should also be made by each operator so
that the RSE has sufficient resources to implement such additional EFC transactions.
In order to achieve interoperability, operators should agree on issues such as
 which optional features are actually being implemented and used,
 access rights and ownership of EFC application data in the OBE,
 security policy (including encryption algorithms and key management, if applicable),
 operational issues, such as how many receipts may be stored for privacy reasons, how many receipts are
necessary for operational reasons (for example as entry tickets or as proof of payment),
 the agreements needed between operators in order to regulate the handling of different EFC transactions.
In this revision, users are faced with issues related to backward compatibility. This issue can be managed by
using the following:
 EfcModule ASN.1 module, including a version number;
 Efc-ContextMark (incl. the ContextVersion), denoting the implementation version, provides a means to
ensure co-existence of different implementation versions by means of a look-up table and associated
appropriate transaction processing. This will enable the software of the RSE to determine the version of
the OBE and his capabilty to accept the new features introduced by this edition of ISO 14906.
Annex A provides the normative ASN.1 specifications of the used data types (EFC action parameters and
attributes).
Annex B presents an informative example of a transaction based on the CARDME specification, including
bit-level specification.
Annex C presents informative examples of EFC transaction types, using the specified EFC functions and
attributes.
© ISO 2017 – All rights reserved vi

---------------------- Page: 8 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
Annex D presents an informative listing of functional requirements, which can be satisfied by using the tools
provided by this document.
Annex E presents an informative mapping table from LatinAlphabetNo2 & 5 to LatinAlphabetNo1 to ease for a
Service Provider the use of LatinAlphabetNo1 to encode an OBE for data available wiitten with non-Latin1
characters.
Annex F presents an informative mapping table between EFC vehicle data attributes and European
registration certificates to ease the task of a service provider in the OBE personalisation with vehicle data.
Annex G presents the security calculations according to the data encryption standard (DES). This annex is
based on annex B of EN 15509:2014.
Annex H presents the security computations examples for DES. This annex is based on annex E of EN
15509:2014.
Annex I presents the security calculations for advanced encryption standard (AES). This annex is the
adaptation of annex B of EN 15509:2014 for the case of AES.
Annex J presents the security computations examples for AES. This annex is the adaptation of annex E of EN
15509:2014 for the case of AES.
This application interface definition can also be used with other DSRC media which do not use a layer 7
according to ISO 15628/EN 12834. Any DSRC medium which provides services to read and write data, to
initialise communication and to perform actions is suitable to be used as a basis for this application interface.
Adaptations are medium specific and are not further covered here. As Annex B describes in detail a
transaction for central account systems, this document can also be used for on-board account systems, in
conjunction with ISO 25110, which provides examples of systems based on on-board accounts.

© ISO 2017 – All rights reserved vii

---------------------- Page: 9 ----------------------
oSIST prEN ISO 14906:2017

---------------------- Page: 10 ----------------------
oSIST prEN ISO 14906:2017
INTERNATIONAL STANDARD ISO/DIS 14906:2017(E)

Electronic fee collection — Application interface definition for
dedicated short-range communication
1 Scope
This document specifies the application interface in the context of electronic fee collection (EFC) systems
using the dedicated short-range communication (DSRC).
The EFC application interface is the EFC application process interface to the DSRC application layer, as can
be seen in Figure 1 below. This document comprises specifications of:
 EFC attributes (i.e. EFC application information) that can also be used for other applications and/or
interfaces,
 the addressing procedures of EFC attributes and (hardware) components (e.g. ICC and MMI),
 EFC application functions, i.e. further qualification of actions by definitions of the concerned services,
assignment of associated ActionType values and content and meaning of action parameters,
 the EFC transaction model, which defines the common elements and steps of any EFC transaction,
 the behaviour of the interface so as to ensure interoperability on an EFC-DSRC application interface level.

Figure 1 — The EFC application interface
This is an interface standard, adhering to the open systems interconnection (OSI) philosophy (see
ISO/IEC 7498-1), and it is as such not primarily concerned with the implementation choices to be realised at
either side of the interface.
© ISO 2017 – All rights reserved 1

---------------------- Page: 11 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
This document provides security-specific functionality as place holders (data and functions) to enable the
implementation of secure EFC transactions. Yet the specification of the security policy (including specific
security algorithms and key management) remains at the discretion and under the control of the EFC operator,
and hence is outside the scope of this document.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
ISO 612, Road vehicles — Dimensions of motor vehicles and towed vehicles — Terms and definitions
ISO 1176, Road vehicles — Masses — Vocabulary and codes
ISO 3166-1, Codes for the representation of names of countries and their subdivisions — Part 1: Country
codes
ISO 3779, Road vehicles — Vehicle identification number (VIN) — Content and structure
ISO 4217, Codes for the representation of currencies and funds
ISO/IEC 7812-1, Identification cards — Identification of issuers — Part 1: Numbering system
ISO/IEC 8824-1, Information technology — Abstract Syntax Notation One (ASN.1): Specification of basic
notation
ISO/IEC 8825-2, Information technology — ASN.1 encoding rules: Specification of Packed Encoding Rules
(PER)
ISO 14816:2005, Road transport and traffic telematics — Automatic vehicle and equipment identification —
Numbering and data structure
ISO 15628:2013, Road transport and traffic telematics — Dedicated short range communication (DSRC) —
DSRC application layer
EN 12834:2003, Road transport and traffic telematics — Dedicated Short Range Communication (DSRC) —
DSRC application layer
ISO/IEC 9797-1:2011, Information technology — Security techniques — Message Authentication Codes
(MACs) — Part 1: Mechanisms using a block cipher
ISO/IEC 18033-3:2010, Information technology — Security techniques — Encryption algorithms — Part 3:
Block ciphers
ISO/IEC 10116:2006, Information technology — Security techniques — Modes of operations for an n-bit
cipher
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1
access credentials
trusted attestation or secure module that establishes the claimed identity of an object or application
© ISO 2017 – All rights reserved 2

---------------------- Page: 12 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
[EN 15509:2014, definition 3.1]
3.2
attribute
addressable package of data consisting of a single data element or structured sequences of data elements
[ISO 17575-1:2016, definition 3.2]
3.3
authenticator
data, possibly encrypted, that is used for authentication
[EN 15509:2014, definition 3.3]
3.4
channel
information transfer path
[ISO 7498-2:1989, definition 3.3.13]
3.5
cryptography
principles, means and methods for the transformation of data in order to hide its information content, prevent
its undetected modification or prevent its unauthorized use
[EN 15509:2014, definition 3.6]
3.6
data group
class of closely related attributes
[ISO 17575-1:2016, definition 3.10]
3.7
data integrity
property that data has not been altered or destroyed in an unauthorised manner
[ISO/TS 19299:2015, definition 3.28]
3.8
Element
DSRC directory containing application information in the form of attributes
3.9
on-board equipment
all required equipment on-board a vehicle for performing required EFC functions and communication services
3.10
on-board unit
single electronic unit on-board a vehicle for performing specific EFC functions and for communication with
external systems
3.11
roadside equipment
equipment located along the road, either fixed or mobile
© ISO 2017 – All rights reserved 3

---------------------- Page: 13 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
3.12
toll charger
entity which levies toll for the use of vehicles in a toll domain
[ISO 17573:2010, definition 3.16]
3.13
toll domain
area or part of a road network where a toll regime is applied
[ISO 17573:2010, definition 3.18]
3.14
toll service
service enabling users to pay toll.
3.15
toll service provider
entity providing toll services in one or more toll domains
[ISO 17573:2010, definition 3.23 modified]
3.16
transaction
whole of the exchange of information between two physically separated communication facilities
[ISO 17575-1:2016, definition 3.21]
3.17
transaction model
functional model describing the structure of electronic payment transactions
4 Abbreviated terms
For the purposes of this document, the following abbreviated terms apply unless otherwise specified.
4.1
APDU
Application Protocol Data Unit
4.2
AP
Application Process
4.3
ASN.1
Abstract Syntax Notation One (ISO/IEC 8824-1)
4.4
BST
Beacon Service Table
4.5
CCC
Compliance check communication
© ISO 2017 – All rights reserved 4

---------------------- Page: 14 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
4.6
cf
Confirm
4.7
DSRC
Dedicated Short-Range communication
4.8
EID
Element Identifier
4.9
EFC
Electronic Fee Collection
4.10
GNSS
Global Navigation Satellite System
4.11
ICC
Integrated Circuit(s) Card
4.12
I-Kernel
Initialisation Kernel
4.13
IID
Invoker Identifier
4.14
ind
Indication
4.15
LAC
Localisation Augmentation Communication
4.16
L1
Layer 1 of DSRC (Physical Layer)
4.17
L2
Layer 2 of DSRC (Data Link Layer)
4.18
L7
Application Layer Core of DSRC
4.19
LID
Logical Link Control Identifier
4.20
LLC
Logical Link Control
© ISO 2017 – All rights reserved 5

---------------------- Page: 15 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
4.21
LPDU
LLC Protocol Data Unit
4.22
MAC
Medium Access Control
4.23
MMI
Man-Machine Interface
4.24
n.a.
Not applicable
4.25
OBE
On-Board Equipment
4.26
PDU
Protocol Data Unit
4.27
PER
Packed Encoding Rules (ISO/IEC 8825-2)
4.28
req
Request
4.29
rs
Response
4.30
RSE
Roadside Equipment
4.31
SAM
Secure Application Module
4.32
T-APDU
Transfer-Application Protocol Data Unit
4.33
T-ASDU
Transfer-Application Service Data Unit
4.34
T-Kernel
Transfer Kernel
4.35
VST
Vehicle Service Table
© ISO 2017 – All rights reserved 6

---------------------- Page: 16 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
5 EFC application interface architecture
5.1 Relation to the DSRC communication architecture
The DSRC services are provided to an application process by means of the DSRC Application Layer service
primitives, which are abstract implementation interactions between a communication service user and a
provider. The services are offered by the DSRC communication entities by means of its DSRC Application
Layer (EN 12834/ISO 15628) as shown in Figure 2.


Figure 2 — The EFC application process on top of the DSRC communication stack
NOTE The abbreviations used in Figure 2 are defined in Clause 4.
The Transfer Kernel of DSRC Application Layer offers the following services to application processes (see
also Figure 2 above):
 GET: The invocation of a GET service request results in retrieval (i.e. reading) of application information
(i.e. Attributes) from the peer service user (i.e. the OBE application process), a reply is always expected.
© ISO 2017 – All rights reserved 7

---------------------- Page: 17 ----------------------
oSIST prEN ISO 14906:2017
ISO/DIS 14906:2017(E)
 SET: The invocation of a SET service request results in modification (i.e. writing) of application
information (i.e. Attributes) of the peer service user (i.e. the OBE application process). This service may
be requested in confirmed or non-confirmed mode, a reply is only expected in the former case.
 ACTION: The invocation of an ACTION service request results in a performance of an action by the peer
service user (i.e. the OBE application process). An action is further qualified by the value of the
A
...