Electronic Fee Collection - Assessment of security measures for applications using Dedicated Short-Range Communication
|Publication Date:||1 May 2016|
|ICS Code (IT applications in transport):||35.240.60|
This Technical Report includes a threat analysis, based on CEN ISO/TS 19299 (EFC - Security Framework), of the CEN DSRC link as used in EFC applications according to the following Standards and Technical Specification
- EN 15509:2014,
- EN ISO 12813:2015,
- EN ISO 13141:2015,
- CEN/TS 16702-1:2014.
This Technical Report contains:
- a qualitative risk analysis in relation to the context (local tolling system, interoperable tolling environment, EETS);
- an assessment of the current recommended or defined security algorithms and measures to identify existing and possible future security leaks;
- an outline of potential security measures which might be added to those already defined for DSRC;
- an analysis of effects on existing EFC systems and interoperability clusters;
- a set of recommendations on how to revise the current standards, or proposal for new work items, with already made implementations taken into account.
The security analysis in this Technical Report applies only to Security level 1, with Access Credentials and Message authentication code, as defined in EN 15509:2014.
It is outside the scope of this Technical Report to examine Non DSRC (wired or wireless) interfaces to the OBE and RSE.