1
TestcasespecificationsforTestFestPKI-Security2v3.0
TESTFEST #2 : PKI / SECURITY
Cross-TEST
Reims, FranceApril 23-26, 2018
In cooperation with :
Organized by :
Co-financed by :
2
1-Usecases:
- Roadworks Warning (RWW) using DENM messages
- Winter maintenance – Salting in progress
- Alert planned road works -- planned road works slow moving vehicle road maintenance
- Alert operator vehicle in patrol -- Road operator intervention
- Probe Vehicle Data (PVD) using CAM and DENM messages
- V2V warning (OHLN) using DENM
2-Securityscenarios: Test ID Description Security TESTFEST_1 Verification of message signature received from a
foreign ITSS and signed with a valid AT.
Security TESTFEST_2 Verification of message signature received from a foreign ITSS and signed with an AT issued by a revoked foreign AA.
Security TESTFEST_3 Verification of message signature received from a foreign ITSS and signed with a valid AT but the foreign Common InterCor_CRL has expired.
Security TESTFEST_4 Verification of message signature received from a foreign ITSS and signed with an AT issued by a non-trusted foreign RCA.
Security TESTFEST_5 Verification of message signature received from a foreign ITSS and signed with a valid AT with a new updated InterCor_CRL
3
3-Trajectory
For more details on the TESTFEST facilities, please follow this link: https://drive.google.com/open?id=1eA1NgDNuT9a1w2xHhfbo5x7F4YHsQEhr&usp=sharing
4-Events Event 1 (denoted 1 in brown) I2V: RSU Saint-Rémi sends a message valid on a specific point RSUSaintRemisendsaDENMwith“OHLN:Obstacleontheroad-10-0”Eventforonepointlocation
NOTES:OnthesentDENM,wewillhaveActionID = with the originatingstationID of the C-ITSS of Sanef and StationID = stationID of RSU Saint Remi Location:
Latitude:49.22948116Longitude4.020309484Direction:Starsbourg->ParisPR:3+600Simulatedevent(Onecone)
4
Event 2 (denoted 2 in brown) I2V: RSU Tinqueux sends a message valid for a linear event RSU TinqueuxsendsDENMwith“planned road works slow moving road maintenance 3/3NOTES:OnthesentDENM,wewillhaveActionID = with the originatingstationID of the C-ITSS of Sanef and StationID = stationID of RSU Saint Remi Location:
Latitude49.2219699Longitude:3.97464749SensStarsbourg->ParisPR:1+200Simulatedevent(4cones)
5
Event 3 (denoted 1 in red) V_ro2X: OBU_ro sends a DENM about Road operator intervention ARoadOperatorvehiclesendsaDENMwith“Road operator intervention 26/1” -Location : after Toll system
4-Event 4 I2V: RSU CSR sends an event valid on a large area (denoted 3 in brown) RSUCSRsendsaDENMwith“OHLNextremeweatherconditions:17-1”relevantonalargeparttheofA4highway.
NOTES:OnthesentDENM,wewillhaveActionID = with the originatingstationID of the C-ITSS of Sanef and StationID = stationID of RSU CSR Location:
Latitude:49.221969Longitude:: 3.97464749 Sens:Paris->StrasbourgPR:136Simulatedevent(onecone)
6
Event 5 V_ro2X: OBU_ro sends a DENM about Salting in progress (denoted 2 in red) AroadoperatorvehiclesendsaDENMwith“Wintermaintenance–Saltinginprogress:26–8” -Location : after RSU CSR Event 6: I2V: RSU CSR sends a linear event (denoted 4 in brown) RSUCSRsendsaDENMwith“Alertneutralizationofpartofalane:3-0”NOTES:-Noeventhistory.-OnthesentDENM,wewillhaveActionID = with the originatingstationID of the C-ITSS of Sanef and StationID = stationID of RSU CSR - The closed lane is specified-Location
Latitude:49.20638309Longitude:4.01155470Sens:Strasbourg->ParisPR:138+800->138+900Simulatedevent(4cones)
-NOTE:THEEVENTISNOTRELEVANT,ITSHOULDNOTBEDISPLAYED
7
Event 7: I2V: RSU CSR sends a linear event (denoted 5 in brown) RSUCSRsendsaDENMwith“Alertneutralizationofpartofalane:3-0”NOTES:-Noeventhistory.-OnthesentDENM,wewillhaveActionID = with the originatingstationID of the C-ITSS of Sanef and StationID = stationID of RSU CSR - The closed lane is specified Location
Latitude:49.2107569Longitude:4.05086519Sens:Paris->StrasbourgPR:142+000->142+100Simulatedevent(4cones)
Event 8: V2V: A vehicle sends an event (denoted 3 in red) triggered manualy
AvehiclesendsaDENMwith“OHLNHumanpresenceontheroad:12-0”-Location : After Toll system Taissy Event 9: V2V: A vehicle sends an event (denoted 4 in red) triggered automatically
AvehiclesendsaDENMwith“Stationaryvehicle:94-0”-Location : the way back to the campus
8
5-Participants vehicle/OBU RSU Compagny RELATEDPKI emailcontact
1 1 ALPS C2C [email protected] 1 Austriatech AU
1 Austriatech AU 1 Cohda Pilot-PKI [email protected]
1 CorrdiorNL NL 1 CorridorNL NL 1 CorridorNL NL 1 CTAG ES [email protected]
1 Dirif FR 1 Dynniq BE_flanders 1 Flanders BE_flanders
1 Herman Idnomic 1 Herman Idnomic
1 Neavia FR 1 Neavia FR
1 NEOGLS FR 1 NEOGLS FR 1 Nordsys Idnomic [email protected]
1 PSA FR 1 1 Q-free Idnomic [email protected]
1 Renault FR 1 SANEF FR
4 SANEF FR 1 Siemens Idnomic [email protected]
1 URCA FR 1 V-tron NL
1 Yogoko FR 1 A-to-Be PT
1 RWS/SWRCO NL [email protected]
20 12
9
6-Requiredparameters:
- All stations have to preload various files (CTL and CRL files) contents depending on scenarios
10
7-Scénarios
Pre-Conditions for Sending messages All ITS stations sending signed messages shall have the following parameters:
- Home RCA - Home AA - Pool of Authorisation Tickets signed by Home AA - Each Authorisation Ticket shall have a valid SSP
7-1Scenario1:Sec_Sc_1 Objective: Verification of message signature received from a foreign ITSS and signed with a valid AT with various use cases. Pre-Conditions for Receiving messages: In order to verify the received signed messages, all ITS stations shall have the following parameters:
- Home CTL trusting all participants. For example, the French CTL could be downloaded via this link:
http://scoop-dc-pp.servicepki.com/dc_Scenario1_Valid_AT/gettsl/82E7600879B84001.tsl
- All senders CRLs for scenario 1. The CRL of scenario 1 is empty. All CRLs for all participants could be downloaded via this link:
http://scoop-dc-pp.servicepki.com/XTestFEST/ In this folder all CTLs and CRLs are organised by country. For example, the Austrian scenario 1 CRL is downloadable via this link:
http://scoop-dc-pp.servicepki.com/XTestFEST/Austria/security_scenario_1_AUT/
- All the AAs of all senders. The ITS station could preload all the AAs or retrieve it via the Unrecognized Certificate Request Certificate chain response Mechanism
11
7-2Scenario2:Sec_Sc_2 Objective: Verification of message signature received from a foreign ITSS and signed with an AT issued by a revoked foreign AA Pre-Conditions for Receiving messages: In order to verify the received signed messages, all ITS stations shall have the following parameters:
- Home CTL trusting all participants. For example, the French CTL could be downloaded via this link:
http://scoop-dc-pp.servicepki.com/dc_Scenario2_Revoked_Foreign_AA/gettsl/82E7600879B84001.tsl
- All senders CRLs for scenario 2. The CRL of scenario 2 contains the home AA. All CRLs for all participants could be downloaded via this link:
http://scoop-dc-pp.servicepki.com/XTestFEST/
In this folder all CTLs and CRLs are organised by country. For example, the Austrian scenario 2 CRL is downloadable via this link: http://scoop-dc-pp.servicepki.com/XTestFEST/Austria/security_scenario_2_AUT/
- All the AAs of all senders
7-3Scenario3:Sec_Sc_3 Verification of message signature received from a foreign ITSS and signed with a valid AT but the foreign Common InterCor_CRL has expired. Pre-Conditions for Receiving messages: In order to verify the received signed messages, all ITS stations shall have the following parameters:
- Home CTL trusting all participants. For example, the French CTL for this scenario could be downloaded via this link:
http://scoop-dc-pp.servicepki.com/dc_Scenario3_Foreign_CRL_Expired/gettsl/82E7600879B84001.tsl
- All senders CRLs for scenario 3. The CRL of scenario 3 has expired. All CRLs for all participants could be downloaded via this link:
12
http://scoop-dc-pp.servicepki.com/XTestFEST/
In this folder all CTLs and CRLs are organised by country. For example, the Dutch scenario 3 CRL is downloadable via this link: http://scoop-dc-pp.servicepki.com/XTestFEST/Dutch/security_scenario_3_DUTCH/
- All the AAs of all senders
7-4Scenario4:Sec_Sc_4 Verification of message signature received from a foreign ITSS and signed with an AT issued by a non-trusted foreign RCA Pre-Conditions for Receiving messages: In order to verify the received signed messages, all ITS stations shall have the following parameters:
- Home CTL does not contain any foreign RCA. For example, the French CTL for this scenario could be downloaded via this link:
http://scoop-dc-pp.servicepki.com/dc_Scenario4_Foreign_Non_Trusted_Root/gettsl/82E7600879B84001.tsl
- All senders CRLs for scenario 4. The CRL of scenario 4 is empty. All CRLs for all participants could be downloaded via this link:
http://scoop-dc-pp.servicepki.com/XTestFEST/
In this folder all CTLs and CRLs are organised by country. For example, the Dutch scenario 4 CRL is downloadable via this link: http://scoop-dc-pp.servicepki.com/XTestFEST/Dutch/security_scenario_4_DUTCH/All
- The AAs of all senders
7-5Scenario5:Sec_Sc_5 Verification of message signature received from a foreign ITSS and signed with a valid AT with a new updated InterCor_CRL Pre-Conditions for Receiving messages: In order to verify the received signed messages, all ITS stations shall have the following parameters:
- Home CTL trusting all participants. We could take the CTL of scenario 1. For example, the French CTL for this scenario could be downloaded via this link:
13
http://scoop-dc-pp.servicepki.com/dc_Scenario1_Valid_AT/gettsl/82E7600879B84001.tsl
- All senders expired CRLs for scenario 3.
- All senders valid CRLs for scenario 1.
- The AAs of all senders Comment:
- This scenario is appropriate after scenario2. Vehicles return to the test field, update their CRL and start the test.
ü : Event should be displayed û : Event should not be displayed
PSA/RSA Other mobile ITSS Scenario E1 E2 E3 E4 E5 E6 E7 E1 E2 E3 E4 E5 E6 E7 1 ü ü ü ü ü ü ü ü ü ü ü ü ü ü 2 ü ü ü ü ü ü ü û û û û û ü ü 3 ü ü ü ü ü ü ü ü ü ü ü ü ü ü 4 ü ü ü ü ü ü ü û û û û û ü ü 5 ü ü ü ü ü ü ü û û û û û ü ü
9-GROUP2OFTESTCASES Fixed stations: RSU coming from foreign country C. Mobile stations are registered on their home PKI.
ExpectedResults ü : Event should be displayed û : Event should not be displayed
RSA Other mobile ITSS E1 E2 E3 E4 E5 E6 E7 E1 E2 E3 E4 E5 E6 E6 Scenario 1 û û û û û û ü ü ü ü ü ü ü û Scenario 2 û û û û û û ü û û û û û û ü Scenario 3 û û û û û û ü ü ü ü ü ü ü ü Scenario 4 û û û û û û ü û û û û û û û Scenario 5 û û û û û û ü û û û û û û ü
14
10
-Testsheettemplate ITS-Station :
E1 E2 E3 E4 E5 E6 E7 E8 Scenario 1 comment
Scenario 2 comment
Scenario 3 comment
Scenario 4 comment
Scenario 5 comment
15
10- Useful information : Wifi Access : network : eduspot. Identifiant: scoop2 Mot de passe: =Z8-b_P8 Logging: Each its-station will use an USB stick to save its logs. They should be uploaded on URCA server. Eache ITS-station has to fill with accuracy the test sheet template (in some case on a tablet)