The copying, distribution and utilization of this document as well as the communication of its contents to others without expressed authorization is prohibited. Offenders will be held liable for the payment of damages. All rights reserved in the event of the grant of a patent, utility model or ornamental design registration. Observe Protection marks for restricting the use of documents and products (DIN 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v Security Target DTCO 1381, Release 1.
The copying, distribution and utilization of this document as well as the communication of its contents to others without expressed authorization is prohibited. Offenders will be held liable for the payment of damages. All rights reserved in the event of the grant of a patent, utility model or ornamental design registration. Observe Protection marks for restricting the use of documents and products (DIN 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 1 History of changes Version Date 1.0 2.0 3.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 2 List of contents 1 History of changes .............................................................................................................. 2 2 List of contents..................................................................................................................
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 3 Introduction This document contains a description of the vehicle unit DTCO 1381, Release 1.3v ( the TOE), of the threats it must be able to counteract and of the security objectives it must achieve. It specifies the required security enforcing functions.
The copying, distribution and utilization of this document as well as the communication of its contents to others without expressed authorization is prohibited. Offenders will be held liable for the payment of damages. All rights reserved in the event of the grant of a patent, utility model or ornamental design registration.
The copying, distribution and utilization of this document as well as the communication of its contents to others without expressed authorization is prohibited. Offenders will be held liable for the payment of damages. All rights reserved in the event of the grant of a patent, utility model or ornamental design registration.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 5 Product rationale 5.1 Vehicle Unit description and method of use The VU is intended to be installed in road transport vehicles. Its purpose is to record, store, display, print and output data related to driver activities.
TOE (Other Connectors) Display & Visual warning Co-Driver Card reader Printer Downloading & Calibration Connector Driver Card reader (Buzzer) Sensor Connector Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v The Scope of supply of the TOE includes the DTCO 1381 and the appropriate manuals. The following description shows the general functions implemented in the TOE. 5.1.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v The driver can enter, in real time, the following two specific conditions: “OUT OF SCOPE” (begin, end) and “FERRY / TRAIN CROSSING”. (7) company locks management This function of the TOE manages the locks placed by a company to restrict data access in company mode to itself.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v (12) recording and storing in data memory The external data memory is used for recording all activities of both drivers (1 and 2) and the vehicle over a period of 365 calendar days under the assumptions of Annex I (B) 2.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v The calibration in calibration mode is also possible via K-line-diagnostic and CAN interface. (21) time adjustment The time adjustment function in the TOE allows the user to adjust the current time in amounts of 1 minute maximum at intervals of not less than 7 days.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v All of the functions of the program of the TOE are performed too in the power saving mode with some exceptions. 5.1.
5.2 Vehicle Unit life cycle Components design and development Software development Security data generation Manufacturing Components manufacturing Assembly Components supply Security data insertion Storage Distribution Repair Storage New Installation 2nd hand Activation Calibration Repair Periodic inspection End user environment The copying, distribution and utilization of this document as well as the communication of its contents to others without expressed authorization is prohibited.
Implementation in the TOE Design / Development Components design and development Software development Security data generation Manufacturing Components manufacturing Assembly Components supply Security data insertion Storage Distribution Design phase 5.2.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v For the TOE a repair in the fitters and workshop environments isn't planned. Fitters or workshops can only change elements of the TOE as e.g. front covers, printer....
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v O2.2 member State certificate MSi.C O2.3 equipment certificate EQTj.C includes equipment public key EQTj.PK O2.4 equipment private key EQTj.SK O2.5 part of the Master key Kmvu O2.6 security device public key SECDEV.PK O3 security elements to generate and to be stored in the TOE O3.
The copying, distribution and utilization of this document as well as the communication of its contents to others without expressed authorization is prohibited. Offenders will be held liable for the payment of damages. All rights reserved in the event of the grant of a patent, utility model or ornamental design registration.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381,Release 1.3v 5.3.3 Access rights The Table 1 describes the access rights under the rules as described in chapter 6.2. O1.1 O1.2 O2 S1.1 O3 O4 O5 O6 O7 O8 O9 O10 O11 O12 O13 O14 O16 O17 O18 O19 w w w (once) (once) (once) S1.2 W g/u w/r S1.3 w/r u w/r S1.4 r S1.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 5.4 Threats This paragraph describes the threats the VU may face. 5.4.1 T.Access Users could try to access functions not allowed to them (e.g. drivers gaining access to calibration function). T.Identification Users could try to use several identifications or no identification. 5.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v T.Output_Data Users could try to modify data output (print, display or download). T.Power_Supply Users could try to defeat the VU security objectives by modifying (cutting, reducing, increasing) its power supply. T.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v should trace them to associated users. O.Authentication The VU should authenticate users and connected entities (when a trusted path needs to be established between entities). O.Integrity The VU must maintain stored data integrity. O.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 5.7.3 M.Sec_Data_Generation Security data generation algorithms must be accessible to authorised and trusted persons only. They must be cryptographic strong. M.
The copying, distribution and utilization of this document as well as the communication of its contents to others without expressed authorization is prohibited. Offenders will be held liable for the payment of damages. All rights reserved in the event of the grant of a patent, utility model or ornamental design registration.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 6 Security enforcing functions 6.1 Identification and authentication The TOE provides this security enforcing function of identification and authentication of entities and human users. This SEF includes the following features: 6.1.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 6.1.2 User identification and authentication UIA_207 The VU shall permanently and selectively track the identity of two users, by monitoring the tachograph cards inserted in respectively the driver slot and the co-driver slot of the equipment.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v definition z in 2 “non valid card” means: a card detected as faulty, or which initial authentication failed, or which start of validity date is not yet reached, or which expiry date has passed.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v - 6.1.4 warn the remotely connected company. Management device identification and authentication VU manufacturers may foresee dedicated devices for additional VU management functions (e.g. Software upgrading, security data reloading, …).
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v This SEF includes the following features: 6.2.1 Access control policy ACC_201 6.2.2 The VU shall manage and check access control rights to functions and to data.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v facturer, except the software related data and the approval number which may be changed in case of software upgrade.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 6.2.4 File structure and access conditions ACC_211 Application and data files structure and access conditions shall be created during the manufacturing process, and then locked from any future modification or deletion. 6.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v ACT_203 The VU shall ensure that workshops are accountable for their activities (requirements 098, 101 and 109).
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v ACT_205 The VU shall record odometer data (requirement 090) and detailed speed data (requirement 093). requirement 090 in 2: The data memory shall be able to store midnight odometer values for at least 365 calendar days.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 6.4 Audit Audit capabilities are required only for events that may indicate a manipulation or a security breach attempt. It is not required for the normal exercising of rights even if relevant to security.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v Over speeding (1) the most serious event for each of the 10 last days of occurrence (i.e. the one with the highest average speed), the 5 most serious events over the last 365 days.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 6.6 Accuracy The TOE provides this security enforcing function of accuracy of stored data in the TOE. This SEF includes the following features: 6.6.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v swered, the recording equipment shall require the cardholder to confirm his answer.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 6.7 Reliability of service The TOE provides this security enforcing function of reliability of service This SEF includes the following features: 6.7.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v The audit record is displayed and stored in the memory for event and faults. If possible the data will be stored on the tachograph card and than the tachograph card withdrawals. 6.7.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v not share security data. Only one task shall be active at a time. 6.8 Data exchange This paragraph addresses data exchange between the VU and connected devices. This SEF includes the following features: 6.8.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 6.8.3 Data exchange with external storage media (downloading function)) DEX_206 The VU shall generate an evidence of origin for data downloaded to external media. DEX_207 The VU shall provide a capability to verify the evidence of origin of downloaded data to the recipient.
Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 34: 1998-01) SECURITY TARGET DTCO 1381, Release 1.3v 7 Definition of security mechanisms Required security mechanisms are specified in Appendix 11 6. All other security mechanisms are to be defined by manufacturers. The TOE provides the security mechanisms as described in the documents for the detailed design to its users and entities.
The copying, distribution and utilization of this document as well as the communication of its contents to others without expressed authorization is prohibited. Offenders will be held liable for the payment of damages. All rights reserved in the event of the grant of a patent, utility model or ornamental design registration.
Security Enforcing Functions Identification and Authentication UIA_201 UIA_202 UIA_203 UIA_204 UIA_205 UIA_206 UIA_207 UIA_208 UIA_209 UIA_210 UIA_211 UIA_212 UIA_213 UIA_214 UIA_215 The copying, distribution and utilization of this document as well as the communication of its contents to others without expressed authorization is prohibited. Offenders will be held liable for the payment of damages.
IT Objectives Security_Data Software Stored_Data Access Accountability Audit Authentication Integrity Output Processing Reliability Secured_Data_Exchange Threats Access Identification Faults Tests Design Calibration_Parameters Card_Data_Exchange Clock Environment Fake_Devices Hardware Motion_Data Non_Activated Output_Data Power_Supply Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 3
IT Objectives Security_Data Software Stored_Data Access Accountability Audit Authentication Integrity Output Processing Reliability Secured_Data_Exchange Threats Access Identification Faults Tests Design Calibration_Parameters Card_Data_Exchange Clock Environment Fake_Devices Hardware Motion_Data Non_Activated Output_Data Power_Supply Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 3
IT Objectives Security_Data Software Stored_Data Access Accountability Audit Authentication Integrity Output Processing Reliability Secured_Data_Exchange Threats Access Identification Faults Tests Design Calibration_Parameters Card_Data_Exchange Clock Environment Fake_Devices Hardware Motion_Data Non_Activated Output_Data Power_Supply Observe Observe Protection marks for restricting the use of documents products Protection marks for restricting the use of documents and and products (DIN(DIN 34: 1998-01) 3
The copying, distribution and utilization of this document as well as the communication of its contents to others without expressed authorization is prohibited. Offenders will be held liable for the payment of damages. All rights reserved in the event of the grant of a patent, utility model or ornamental design registration.
