Skip to content
titanization.patch 1.83 MiB
Newer Older
9001 9002 9003 9004 9005 9006 9007 9008 9009 9010 9011 9012 9013 9014 9015 9016 9017 9018 9019 9020 9021 9022 9023 9024 9025 9026 9027 9028 9029 9030 9031 9032 9033 9034 9035 9036 9037 9038 9039 9040 9041 9042 9043 9044 9045 9046 9047 9048 9049 9050 9051 9052 9053 9054 9055 9056 9057 9058 9059 9060 9061 9062 9063 9064 9065 9066 9067 9068 9069 9070 9071 9072 9073 9074 9075 9076 9077 9078 9079 9080 9081 9082 9083 9084 9085 9086 9087 9088 9089 9090 9091 9092 9093 9094 9095 9096 9097 9098 9099 9100 9101 9102 9103 9104 9105 9106 9107 9108 9109 9110 9111 9112 9113 9114 9115 9116 9117 9118 9119 9120 9121 9122 9123 9124 9125 9126 9127 9128 9129 9130 9131 9132 9133 9134 9135 9136 9137 9138 9139 9140 9141 9142 9143 9144 9145 9146 9147 9148 9149 9150 9151 9152 9153 9154 9155 9156 9157 9158 9159 9160 9161 9162 9163 9164 9165 9166 9167 9168 9169 9170 9171 9172 9173 9174 9175 9176 9177 9178 9179 9180 9181 9182 9183 9184 9185 9186 9187 9188 9189 9190 9191 9192 9193 9194 9195 9196 9197 9198 9199 9200 9201 9202 9203 9204 9205 9206 9207 9208 9209 9210 9211 9212 9213 9214 9215 9216 9217 9218 9219 9220 9221 9222 9223 9224 9225 9226 9227 9228 9229 9230 9231 9232 9233 9234 9235 9236 9237 9238 9239 9240 9241 9242 9243 9244 9245 9246 9247 9248 9249 9250 9251 9252 9253 9254 9255 9256 9257 9258 9259 9260 9261 9262 9263 9264 9265 9266 9267 9268 9269 9270 9271 9272 9273 9274 9275 9276 9277 9278 9279 9280 9281 9282 9283 9284 9285 9286 9287 9288 9289 9290 9291 9292 9293 9294 9295 9296 9297 9298 9299 9300 9301 9302 9303 9304 9305 9306 9307 9308 9309 9310 9311 9312 9313 9314 9315 9316 9317 9318 9319 9320 9321 9322 9323 9324 9325 9326 9327 9328 9329 9330 9331 9332 9333 9334 9335 9336 9337 9338 9339 9340 9341 9342 9343 9344 9345 9346 9347 9348 9349 9350 9351 9352 9353 9354 9355 9356 9357 9358 9359 9360 9361 9362 9363 9364 9365 9366 9367 9368 9369 9370 9371 9372 9373 9374 9375 9376 9377 9378 9379 9380 9381 9382 9383 9384 9385 9386 9387 9388 9389 9390 9391 9392 9393 9394 9395 9396 9397 9398 9399 9400 9401 9402 9403 9404 9405 9406 9407 9408 9409 9410 9411 9412 9413 9414 9415 9416 9417 9418 9419 9420 9421 9422 9423 9424 9425 9426 9427 9428 9429 9430 9431 9432 9433 9434 9435 9436 9437 9438 9439 9440 9441 9442 9443 9444 9445 9446 9447 9448 9449 9450 9451 9452 9453 9454 9455 9456 9457 9458 9459 9460 9461 9462 9463 9464 9465 9466 9467 9468 9469 9470 9471 9472 9473 9474 9475 9476 9477 9478 9479 9480 9481 9482 9483 9484 9485 9486 9487 9488 9489 9490 9491 9492 9493 9494 9495 9496 9497 9498 9499 9500 9501 9502 9503 9504 9505 9506 9507 9508 9509 9510 9511 9512 9513 9514 9515 9516 9517 9518 9519 9520 9521 9522 9523 9524 9525 9526 9527 9528 9529 9530 9531 9532 9533 9534 9535 9536 9537 9538 9539 9540 9541 9542 9543 9544 9545 9546 9547 9548 9549 9550 9551 9552 9553 9554 9555 9556 9557 9558 9559 9560 9561 9562 9563 9564 9565 9566 9567 9568 9569 9570 9571 9572 9573 9574 9575 9576 9577 9578 9579 9580 9581 9582 9583 9584 9585 9586 9587 9588 9589 9590 9591 9592 9593 9594 9595 9596 9597 9598 9599 9600 9601 9602 9603 9604 9605 9606 9607 9608 9609 9610 9611 9612 9613 9614 9615 9616 9617 9618 9619 9620 9621 9622 9623 9624 9625 9626 9627 9628 9629 9630 9631 9632 9633 9634 9635 9636 9637 9638 9639 9640 9641 9642 9643 9644 9645 9646 9647 9648 9649 9650 9651 9652 9653 9654 9655 9656 9657 9658 9659 9660 9661 9662 9663 9664 9665 9666 9667 9668 9669 9670 9671 9672 9673 9674 9675 9676 9677 9678 9679 9680 9681 9682 9683 9684 9685 9686 9687 9688 9689 9690 9691 9692 9693 9694 9695 9696 9697 9698 9699 9700 9701 9702 9703 9704 9705 9706 9707 9708 9709 9710 9711 9712 9713 9714 9715 9716 9717 9718 9719 9720 9721 9722 9723 9724 9725 9726 9727 9728 9729 9730 9731 9732 9733 9734 9735 9736 9737 9738 9739 9740 9741 9742 9743 9744 9745 9746 9747 9748 9749 9750 9751 9752 9753 9754 9755 9756 9757 9758 9759 9760 9761 9762 9763 9764 9765 9766 9767 9768 9769 9770 9771 9772 9773 9774 9775 9776 9777 9778 9779 9780 9781 9782 9783 9784 9785 9786 9787 9788 9789 9790 9791 9792 9793 9794 9795 9796 9797 9798 9799 9800 9801 9802 9803 9804 9805 9806 9807 9808 9809 9810 9811 9812 9813 9814 9815 9816 9817 9818 9819 9820 9821 9822 9823 9824 9825 9826 9827 9828 9829 9830 9831 9832 9833 9834 9835 9836 9837 9838 9839 9840 9841 9842 9843 9844 9845 9846 9847 9848 9849 9850 9851 9852 9853 9854 9855 9856 9857 9858 9859 9860 9861 9862 9863 9864 9865 9866 9867 9868 9869 9870 9871 9872 9873 9874 9875 9876 9877 9878 9879 9880 9881 9882 9883 9884 9885 9886 9887 9888 9889 9890 9891 9892 9893 9894 9895 9896 9897 9898 9899 9900 9901 9902 9903 9904 9905 9906 9907 9908 9909 9910 9911 9912 9913 9914 9915 9916 9917 9918 9919 9920 9921 9922 9923 9924 9925 9926 9927 9928 9929 9930 9931 9932 9933 9934 9935 9936 9937 9938 9939 9940 9941 9942 9943 9944 9945 9946 9947 9948 9949 9950 9951 9952 9953 9954 9955 9956 9957 9958 9959 9960 9961 9962 9963 9964 9965 9966 9967 9968 9969 9970 9971 9972 9973 9974 9975 9976 9977 9978 9979 9980 9981 9982 9983 9984 9985 9986 9987 9988 9989 9990 9991 9992 9993 9994 9995 9996 9997 9998 9999 10000
+                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
+                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
+                    }
+                } // End of 'alt' statement
+                
+                // Test Body
+                tc_ac.start;
+                alt {
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage_CAMs(
+                                    mw_header_field_signer_info_certificate_chain
+                    )))) -> value v_geoNwInd {
+                        var SignerInfo v_signerInfo;
+                        var CertificateChain v_certificates;
+                        var integer v_certificateChainLength;
+                        
+                        tc_ac.stop; 
+                        t_maxTransInterval.stop;
+                        // Extract certificate chain
+                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
+                        v_certificates := v_signerInfo.signerInfo.certificates;
+                        v_certificateChainLength := lengthof(v_certificates);
+                        if (v_certificateChainLength >= 2) { // Check length
+                            if ( // Check Content
+                                not(
+                                    (v_certificates[0].subject_info.subject_type == e_authorization_authority) and 
+                                        // Check the certificate chain contains certificates[last] indicating the AT certificate
+                                    (v_certificates[1].subject_info.subject_type == e_authorization_ticket)
+                                        // Check the certificate chain contains certificates[last-1] indicating the AA certificate
+                            )) {
+                                log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content ***");
+                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); 
+                            } else {
+                                log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate chain was successful ***");
+                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+                            } 
+                        } else {
+                            log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content length ***");
+                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); 
+                        }
+                    }
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage_CAMs
+                    ))) {
+                        log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate chain ***"); 
+                        repeat;
+                    }
+                    [] t_maxTransInterval.timeout {
+                        tc_ac.stop; 
+                        log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                    }
+                    
+                    [] tc_ac.timeout {
+                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+                    }
+                } // End of 'alt' statement
+                
+                // Postamble
+                f_terminateCam(v_component);
+                f_poNeighbour();
+                f_cf01Down();
+            } // End of testcase TC_SEC_ITSS_SND_CAM_09_01_BV
+            
+            /**
+             * @desc    Check that the IUT doesn't send a secured CAM contains the signer_info of type certificate_chain
+             *           when the AA certificate was previously requested and already received from another ITS-S 
+             * <pre>
+             * Pics Selection: PICS_GN_SECURITY PICS_PLUGTEST_VERSION
+             * Config Id: CF01
+             * Initial conditions:
+             * </pre>
+			 * with
+			 * 	the IUT being in the 'authorized' state
+			 * 	and the IUT is configured to send more than one CAM per second
+			 * 	and the IUT having already sent a CAM
+			 * 		containing header_fields['signer_info'].signer.type
+			 * 			indicating 'certificate'
+			 * 		at TIME_1
+			 * 	and the IUT having received a SecuredMessage
+			 * 		containing header_fields['request_unrecognized_certificate']
+			 * 			containing digests
+			 * 				containing HashedId3 value (HASH1)
+			 * 					referencing to the AA certificate
+			 * 		at TIME_2 (TIME_1 < TIME_2 < TIME_1+1sec)
+			 * 	and the IUT having received a SecuredMessage
+			 * 		containing header_fields['signer_info'].signer.type
+			 * 			indicating 'certificate_chain'
+			 * 				containing AA certificate
+			 * 					having HashedId3 value of HASH1
+			 * 		at TIME_3 (TIME_2 < TIME_3 < TIME_2+0.1sec)
+			 * ensure that
+			 * 	when
+			 * 		the IUT is requested to send a CAM
+			 * 			at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1+1sec)
+			 * 	then
+			 * 		the IUT sends a SecuredMessage
+			 * 			and containing header_fields['signer_info']
+			 * 				containing signer
+			 * 					containing type
+			 * 						indicating 'digest'
+			 * 						or indicating 'certificate'
+             *
+             * @see          ETSI TS 103 096-2 v1.3.3 TP_SEC_ITSS_SND_CAM_09_02_BV
+             * @reference    ETSI TS 103 097 [1], clause 7.1
+             */
+            testcase TC_SEC_ITSS_SND_CAM_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
+                
+                // Local variables
+                const float c_certificateGenerationTime := 1.0;
+                
+                timer t_maxTransInterval := c_certificateGenerationTime * 1.1;
+                var GeoNetworkingInd v_geoNwInd;
+                var ItsCam v_component;
+                var SignerInfo v_si;
+                
+                // Test control
+                if (not(PICS_GN_SECURITY)) {
+                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+                    stop;
+                }
+                if (not(PICS_PLUGTEST_VERSION)) {
+                    log("*** " & testcasename() & ": ERROR: 'PICS_PLUGTEST_VERSION' required for executing the TC ***");
+                    stop;
+                }
+                // Test component configuration
+                f_cf01Up();
+                
+                // Test adapter configuration
+                
+                // Preamble
+                f_prNeighbour();
+                geoNetworkingPort.clear;
+                v_component := f_setCamFrequencyGreatherThan1Hz();
+                tc_ac.start;
+                alt {
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage_CAMs(
+                                    mw_header_field_signer_info_certificate
+                    ))))  -> value v_geoNwInd { 
+                        tc_ac.stop;
+                        t_maxTransInterval.start;
+                        
+                        f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si);
+                        f_getCertificateSignerInfo(v_si.signerInfo.certificate, v_si);
+                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
+                                                
+                        // Send secured message with request for unrecognized certificate
+                        f_sendSecuredCam(
+                            cc_taCert_A,
+                            {
+                                m_header_field_unrecognised_certificate(                    // containing digests
+                                    f_HashedId3FromHashedId8(                               //     containing HashedId3 value
+                                        v_si.signerInfo.digest                              //         referencing to the AA certificate
+                                    )
+                                )
+                            });
+
+                        // Send secured message signed with certificate_chain
+                        f_sendSecuredCam(
+                            cc_taCert_A1,
+                            omit,
+							e_certificate_chain
+                        );
+                        
+                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+                    }
+                    [] tc_ac.timeout {
+                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
+                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
+                    }
+                } // End of 'alt' statement
+                
+                // Test Body
+                tc_ac.start;
+                alt {
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage_CAMs(
+                                    mw_header_field_signer_info_certificate_chain
+                    )))) {
+                        log("*** " & testcasename() & ": FAIL: CAM retransmition with unexpected certificate_chain ***");
+                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); 
+                    }
+					[] geoNetworkingPort.receive(
+						mw_geoNwInd(
+							mw_geoNwSecPdu(
+								mdw_securedMessage_CAMs
+					))) {
+						log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate chain ***"); 
+						repeat;
+					}
+                    [] t_maxTransInterval.timeout {
+                        tc_ac.stop; 
+						log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate chain was successfully skipped ***");
+						f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+                    }
+                    
+                    [] tc_ac.timeout {
+                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+                    }
+                } // End of 'alt' statement
+                
+                // Postamble
+                f_terminateCam(v_component);
+                f_poNeighbour();
+                f_cf01Down();
+            } // End of testcase TC_SEC_ITSS_SND_CAM_09_02_BV
+            
+            
+            /**
+             * @desc    Check that the sent secured CAM contains exactly one HeaderField generation_time which is inside 
+             *          the validity time of the certificate referenced by the signer_info
+             * <pre>
+             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT being in the 'authorized' state
+             *      the IUT being requested to include certificate in the next CAM 
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send CAM
+             *      } then {
+             *          the IUT sends a SecuredMessage 
+             *              containing security_profile
+             *                  indicating '1'
+             *              containing header_fields ['generation_time'] 
+             *                  containing generation_time
+             *                      indicating TIME_1 (CUR_TIME - 5min <= TIME_1 <= CUR_TIME + 5min)
+             *              containing header_fields ['signer_info'] 
+             *                  containing signer 
+             *                      containing type
+             *                          indicating 'certificate'
+             *                      and containing certificate 
+             *                          containing validity_restrictions['time_end']
+             *                              containing end_validity
+             *                                  indicating value > GEN_TIME
+             *                          or containing validity_restrictions['time_start_and_end']
+             *                              containing start_validity
+             *                                  indicating value <= GEN_TIME
+             *                              and containing end_validity
+             *                                  indicating value > GEN_TIME
+             *                          or containing validity_restrictions['time_start_and_duration']
+             *                              containing start_validity (X_START_VALIDITY)
+             *                                  indicating value <= GEN_TIME
+             *                              and containing duration
+             *                                  indicating value > GEN_TIME - X_START_VALIDITY 
+             *      }
+             *  }
+             * </pre>
+             *
+             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_10_01_BV
+             * @reference    ETSI TS 103 097 [1], clauses 5.4 and 7.1
+             */
+            testcase TC_SEC_ITSS_SND_CAM_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+                
+                // Local variables
+                const integer c_timeThreshold := 1000 * 60; /** Time threshold in milliseconds */
+                
+                var GeoNetworkingInd v_geoNwInd;
+                var SignerInfo v_signerInfo;
+                var Certificate v_certificate;
+                var HeaderField v_headerField;
+                var Time64 v_generationTime;
+                var ValidityRestriction v_validity;
+                var integer v_currentTime, v_lowerBound, v_upperBound;
+                
+                // Test control
+                if (not(PICS_GN_SECURITY)) {
+                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+                    stop;
+                }
+                
+                // Test component configuration
+                f_cf01Up();
+                
+                // Test adapter configuration
+                
+                // Preamble
+                f_prNeighbour();
+                
+                // Test Body
+                tc_ac.start;
+                alt {
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage(
+                                    superset(
+                                        mw_header_field_generation_time, 
+                                        mw_header_field_signer_info_certificate,
+                                        mw_header_field_its_aid_CAM
+                    ))))) -> value v_geoNwInd {
+                        tc_ac.stop; 
+                        log("*** " & testcasename() & ": INFO: CAM transmission with certificate ***");
+                        
+                        v_currentTime := f_getCurrentTime();
+                        log("v_currentTime (us)=", v_currentTime * 1000);
+                        v_lowerBound := (v_currentTime - c_timeThreshold) * 1000;
+                        v_upperBound := (v_currentTime + c_timeThreshold) * 1000;
+                        
+                        // Extract generation_time
+                        f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField);
+                        v_generationTime := v_headerField.headerField.generation_time;
+                        
+                        // Extract certificate
+                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
+                        v_certificate := v_signerInfo.signerInfo.certificate;
+                         
+                        // Check current time 
+                        if (match(v_generationTime, (v_lowerBound .. v_upperBound))) {
+                            log("*** " & testcasename() & ": PASS: Generation time matches current time ***");
+                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
+                        } else {
+                            log("*** " & testcasename() & ": FAIL: Generation time does not match current time " & int2str(v_currentTime-v_lowerBound) & " / " & int2str(v_upperBound - v_currentTime) & " . ***");
+                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                        }   
+                        
+                        // Check generation_time validity
+                        if (
+                            (f_getCertificateValidityRestriction(v_certificate, e_time_start_and_end, v_validity) == true) and 
+                            (v_generationTime >= (v_validity.validity.time_start_and_end.start_validity * 1000000) and 
+                            (v_generationTime < (v_validity.validity.time_start_and_end.end_validity * 1000000)))
+                        ) {
+                            log("*** " & testcasename() & ": PASS: Generation time within certificate validity/time_start_and_end ***");
+                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
+                        } else if (
+                            (f_getCertificateValidityRestriction(v_certificate, e_time_end, v_validity) == true) and 
+                            (v_generationTime < (v_validity.validity.end_validity * 1000000))
+                        ) {
+                            log("*** " & testcasename() & ": PASS: Generation time within certificate validity ***");
+                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
+                        } else if (f_getCertificateValidityRestriction(v_certificate, e_time_start_and_duration, v_validity) == true) {
+			                if (PICS_PLUGTEST_VERSION) {
+								log("*** " & testcasename() & ": FAIL: Usage of time_start_and_duration is forbidden in TS103097 v1.2.5 ***");
+								f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                			}
+                			if ((v_generationTime >= (v_validity.validity.time_start_and_duration.start_validity * 1000000)) and 
+    	                    	(v_generationTime < (f_duration2time(v_validity.validity.time_start_and_duration.duration_) * 1000000))
+                        	) {
+                            	log("*** " & testcasename() & ": PASS: Generation time within certificate validity ***");
+                            	f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
+                        	}
+                        }
+                        log("*** " & testcasename() & ": FAIL: Generation time not within certificate validity ***");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                    }
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage_CAMs
+                    ))) {
+                        log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate  ***"); 
+                        repeat;
+                    }
+                    [] tc_ac.timeout {
+                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+                    }
+                } // End of 'alt' statement
+                
+                // Postamble
+                f_poNeighbour();
+                f_cf01Down();
+            } // End of testcase TC_SEC_ITSS_SND_CAM_10_01_BV
+            
+            /**
+             * @desc    Check that the IUT sends certificate request when it receives a message from unknown station
+             * <pre>
+             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT being in the 'authorized' state
+             *      and the IUT has receiving a SecuredMessage
+             *          containing header_fields['signer_info'].signer
+             *              containing type
+             *                  indicating 'certificate_digest_with_sha256'
+             *              containing digest
+             *                  indicating HashedId3 value DIGEST_A
+             *                      referenced to unknown certificate
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send CAM
+             *      } then {
+             *          the IUT sends a SecuredMessage
+             *              containing header_fields['request_unrecognized_certificate']
+             *                  containing digests
+             *                      containing HashedId3 value
+             *                          indicating DIGEST_A
+             *      }
+             *  }
+             * </pre>
+             *
+             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_12_01_BV
+             * @reference    ETSI TS 103 097 [1], clause 7.1
+             */
+            testcase TC_SEC_ITSS_SND_CAM_12_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+                // Local variables
+                var HashedId8 v_expectedHashedId8;
+                var HashedId3 v_expectedHashedId3;
+                var GeoNetworkingPdu v_securedGnPduToBeSent;
+                
+                // Test control
+                if (not(PICS_GN_SECURITY)) {
+                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+                    stop;
+                }
+                
+                // Send secured message from unknown ITS-S
+                // Test component configuration
+                f_cf01Up();
+                
+                // Test adapter configuration
+                
+                // Preamble
+                f_prNeighbour();
+                
+                f_getCertificateDigest(
+                    cc_taCert_F,
+                    v_expectedHashedId8
+                );
+                v_expectedHashedId3 := f_HashedId3FromHashedId8(v_expectedHashedId8);
+                
+                // preamble: waiting for CAM with certificate and send a CAM with unknown digest right after that
+                v_securedGnPduToBeSent := f_prepareSecuredCam(cc_taCert_F);
+                   
+                geoNetworkingPort.clear;
+                tc_ac.start;
+                alt {
+                    [] geoNetworkingPort.receive
+                    {
+                        f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPduToBeSent));
+                        tc_ac.stop;
+
+                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
+                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+                    }                        
+                    [] tc_ac.timeout {
+                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
+                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
+                    }
+                } // End of preamble 'alt' statement
+
+                // Test Body
+                tc_ac.start;
+                alt {
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage_CAMs(
+                                    mw_header_field_request_unrecognized_certificate(
+                                        { v_expectedHashedId3 }
+                    ))))) {
+                        tc_ac.stop;
+                        log("*** " & testcasename() & ": PASS: CAM received with request for unrecognized certificate");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+                    }
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage_CAMs
+                    ))) {
+                        log("*** " & testcasename() & ": FAIL: CAM received without request for unrecognized certificate ***"); 
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                    }
+                    [] tc_ac.timeout {
+                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+                    }
+                } // End of 'alt' statement
+                
+                // Postamble
+                f_poNeighbour();
+                f_cf01Down();
+            } // End of testcase TC_SEC_ITSS_SND_CAM_12_01_BV
+            
+            /**
+             * @desc    Check that the Secured CAM contains non-empty payload of type signed
+             * <pre>
+             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT being in the 'authorized' state
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a CAM
+             *      } then {
+             *          the IUT sends a SecuredMessage
+             *              containing payload_field
+             *                  containing exactly one element of type Payload
+             *                      containing type
+             *                          indicating 'signed'
+             *                      containing not-empty data
+             *      }
+             *  }
+             * </pre>
+             *
+             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_14_01_BV
+             * @reference    ETSI TS 103 097 [1], clause 7.1
+             */
+            testcase TC_SEC_ITSS_SND_CAM_14_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+                // Local variables
+                
+                // Test control
+                if (not(PICS_GN_SECURITY)) {
+                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+                    stop;
+                }
+                
+                // Test component configuration
+                f_cf01Up();
+                
+                // Test adapter configuration
+                
+                // Preamble
+                f_prNeighbour();
+                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+                
+                // Test Body
+                tc_ac.start;
+                alt {
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage_CAMs(
+                                    ?, 
+                                    mw_payload(
+                                        e_signed
+                    ))))) {
+                        tc_ac.stop;
+                        
+                        log("*** " & testcasename() & ": PASS: CAM received with exactly 1 signed payload");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+                    }
+                    [] tc_ac.timeout {
+                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+                    }
+                } // End of 'alt' statement
+                
+                // Postamble
+                f_poNeighbour();
+                f_cf01Down();
+            } // End of testcase TC_SEC_ITSS_SND_CAM_14_01_BV
+			/**
+			 * @desc    Check that the secured CAM contains only the trailer field of type signature 
+			 *          and no other trailer fields
+			 * <pre>
+			 * Pics Selection: PICS_GN_SECURITY PICS_PLUGTEST_VERSION
+			 * Config Id: CF01
+			 * Initial conditions:
+			 * with
+			 * 		the IUT being in the 'authorized' state
+			 * ensure that
+			 * 	when
+			 * 		the IUT is requested to send a CAM
+			 * 	then
+			 * 		the IUT sends a SecuredMessage
+			 * 			containing trailer_fields
+			 * 				containing trailer_fields[0]
+			 * 					containing type
+			 * 						indicating 'signature'
+			 * 				and not containing any other items
+
+			 * </pre>
+			 *
+			 * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_15_01_BV
+			 * @reference    ETSI TS 103 097 [1], clause 7.1
+			 */
+			testcase TC_SEC_ITSS_SND_CAM_15_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+                
+				//  Local variables
+				const integer c_nbVerification := 3;
+				var integer v_nbVerification := 0;
+				var GeoNetworkingInd v_geoNwInd;
+				var SignerInfo v_signerInfo;
+				var Certificate v_certificate;
+				var boolean v_certificateReceived := false;
+                
+				// Test control
+				if (not(PICS_GN_SECURITY)) {
+					log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+					stop;
+				}
+				if (not(PICS_PLUGTEST_VERSION)) {
+					log("*** " & testcasename() & ":ERROR: 'PICS_PLUGTEST_VERSION' required for executing the TC ***");
+					stop;
+				}
+                
+				// Test component configuration
+				f_cf01Up();
+                
+				// Test adapter configuration
+                
+				// Preamble
+				f_prNeighbour();
+				f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+                
+				// Test Body
+				tc_ac.start;
+				alt {
+					[] geoNetworkingPort.receive(
+						mw_geoNwInd(
+							mw_geoNwSecPdu(
+								mdw_securedMessage_CAMs(?, ?,
+									superset(mw_trailer_field_signature,
+									         mw_trailer_field
+					))))){
+						tc_ac.stop;
+						log("*** " & testcasename() & ": FAIL: CAM received with more then one trailer fields");
+						f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+					}
+					[] geoNetworkingPort.receive(
+						mw_geoNwInd(
+							mw_geoNwSecPdu(
+								mdw_securedMessage_CAMs(?, ?,
+								{ mw_trailer_field_signature }
+					)))){
+						tc_ac.stop;
+						log("*** " & testcasename() & ": INFO: CAM message with signature trailer received ***");
+						v_nbVerification := v_nbVerification + 1;
+						if (v_nbVerification < c_nbVerification) {
+							tc_ac.start;
+							repeat;
+						}
+					}
+					[] tc_ac.timeout {
+						log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
+						f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+					}
+				} // End of 'alt' statement
+				log("*** " & testcasename() & ": PASS: All CAMs received with correct trailer fields count");
+				f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+                
+				// Postamble
+				f_poNeighbour();
+				f_cf01Down();
+			} // End of testcase TC_SEC_ITSS_SND_CAM_15_01_BV
+             
+            
+            /**
+             * @desc    Check that the secured CAM contains only one TrailerField of type signature.
+             *          Check that the signature contained in the SecuredMessage is calculated over the right fields by 
+             *          cryptographically verifying the signature.
+             * <pre>
+             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT being in the 'authorized' state
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a CAM
+             *      } then {
+             *          the IUT sends a SecuredMessage
+            *              containing header_fields ['signer_info']
+             *                  containing signer
+             *                      containing type
+             *                          indicating 'certificate_digest_with_sha256'
+             *                      containing digest
+             *                          referenced to the certificate
+             *                              containing subject_info.subject_type
+             *                                  indicating 'authorization_ticket' (2)
+             *                              and containing subject_attributes['verification key'] (KEY)
+             *                  or containing signer
+             *                      containing type
+             *                          indicating 'certificate'
+             *                      containing certificate
+             *                          containing subject_info.subject_type
+             *                              indicating 'authorization_ticket' (2)
+             *                          and containing subject_attributes['verification key'] (KEY)
+             *              containing trailer_fields
+             *                  containing single instance of type TrailerField
+             *                      containing type
+             *                          indicating 'signature'
+             *                      containing signature
+             *                          verifiable using KEY
+             *      }
+             *  }
+             * </pre>
+             *
+             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_16_01_BV
+             * @reference    ETSI TS 103 097 [1], clause 7.1
+             */
+            testcase TC_SEC_ITSS_SND_CAM_16_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+                
+                //  Local variables
+                const integer c_nbVerification := 3;
+                var integer v_nbVerification := 0;
+                var GeoNetworkingInd v_geoNwInd;
+                var SignerInfo v_signerInfo;
+                var Certificate v_certificate;
+                var boolean v_certificateReceived := false;
+                
+                // Test control
+                if (not(PICS_GN_SECURITY)) {
+                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+                    stop;
+                }
+                
+                // Test component configuration
+                f_cf01Up();
+                
+                // Test adapter configuration
+                
+                // Preamble
+                f_prNeighbour();
+                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+                
+                // Test Body
+                tc_ac.start;
+                alt {
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage_CAMs(
+                                    mw_header_field_signer_info_certificate
+                    )))) -> value v_geoNwInd { 
+                        tc_ac.stop;
+                        log("*** " & testcasename() & ": INFO: CAM message with certificate received ***");
+                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
+                        v_certificate := v_signerInfo.signerInfo.certificate;
+                        v_certificateReceived := true;
+                        
+                        if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) {
+                            log("*** " & testcasename() & ": FAIL: CAM received with invalide signature");
+                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                        }
+                        
+                        v_nbVerification := v_nbVerification + 1;
+                        if (v_nbVerification < c_nbVerification) {
+                            tc_ac.start;
+                            repeat;
+                        }
+                    }
+                    [v_certificateReceived == true] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage_CAMs(
+                                    mw_header_field_signer_info_digest
+                    )))) -> value v_geoNwInd {
+                        tc_ac.stop;
+                        
+                        if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) {
+                            log("*** " & testcasename() & ": FAIL: CAM received with invalide signature");
+                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                        }
+                        
+                        v_nbVerification := v_nbVerification + 1;
+                        if (v_nbVerification < c_nbVerification) {
+                            tc_ac.start;
+                            repeat;
+                        }
+                    }
+                    [] tc_ac.timeout {
+                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+                    }
+                } // End of 'alt' statement
+                log("*** " & testcasename() & ": PASS: All CAMs received with correct signature");
+                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+                
+                // Postamble
+                f_poNeighbour();
+                f_cf01Down();
+            } // End of testcase TC_SEC_ITSS_SND_CAM_16_01_BV
+            
+        } // End of group sendCAMProfile
+        
+        /**
+         * @desc Sending behaviour test cases for DENM profile
+         * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.5 DENM profile
+         */
+        group sendDENMProfile {
+            
+            /**
+             * @desc   Check that the sent Secured DENM contains a HeaderField its_aid that is set to 'AID_DENM' 
+             * <pre>
+             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             * with {
+             *   the IUT being in the 'authorized' state
+             * }
+             * ensure that {
+             *   when {
+             *     the IUT is requested to send DENM
+             *   } then {
+             *     the IUT sends a SecuredMessage
+             *         containing header_fields ['its_aid']
+             *             containing its_aid
+             *                 indicating 'AID_DENM'
+             *   }
+             * }
+             * </pre>
+             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_01_01_BV
+             * @reference    ETSI TS 103 097 [1], clauses 5.4 and 7.2
+             */
+            testcase TC_SEC_ITSS_SND_DENM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+                // Local variables
+                var GeoNetworkingInd v_geoNwInd;
+                var HeaderFields v_headersFields;
+                var ItsDenm v_denmComponent;
+                var integer v_previousHeaderType;
+                
+                // Test control
+                if (not(PICS_GN_SECURITY)) {
+                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+                    stop;
+                }
+                
+                // Test component configuration
+                f_cf01Up();
+                
+                // Test adapter configuration
+                
+                // Preamble
+                f_prNeighbour();
+                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
+                
+                // Test Body
+                v_denmComponent := f_triggerDenmEvent();
+                tc_ac.start;
+                alt {
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage(
+                                    superset(
+                                        ?, 
+                                        ?, 
+                                        ?, 
+                                        mw_header_field_its_aid_DENM
+                                    )
+                                ), 
+                                ?
+                    ))) -> value v_geoNwInd {
+                        tc_ac.stop;
+                        log("*** " & testcasename() & ": PASS: 'its_aid' is set to 'AID_DENM'");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+                    }
+                    
+                    // DENM without mandatory fields 
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage(
+                                    superset(
+                                        mw_header_field_its_aid_DENM
+                                    )
+                    )))) {
+                        log("*** " & testcasename() & ": FAIL: Secured DENM doesnt contain required headers");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                    }
+                    [] tc_ac.timeout {
+                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+                    } 
+                } // End of 'alt' statement
+                
+                // Postamble
+                f_cancelDenmEvent(v_denmComponent);
+                f_poNeighbour();
+                f_cf01Down();
+            } // End of testcase TC_SEC_ITSS_SND_DENM_01_01_BV
+            
+            /**
+             * @desc   Check that the secured DENM contains exactly one element of these header fields: signer_info, generation_time, 
+             *         generation_location, message_type.
+             *         Check that the header fields are in the ascending order according to the numbering of the enumeration except 
+             *         of the signer_info, which is encoded first.
+             *         Check that generation_time_with_confidence (generation_time_standard_deviation) is not used
+             * <pre>
+             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             * with {
+             *   the IUT being in the 'authorized' state
+             * }
+             * ensure that {
+             *   when {
+             *     the IUT is requested to send DENM
+             *   } then {
+             *     the IUT sends a SecuredMessage
+             *       containing header_fields[0]
+             *         containing type 
+             *           indicating 'signer_info'
+             *       containing header_fields [n].type
+             *         indicating value less then header_fields [n+ 1].type
+             *       containing header_fields ['generation_time']
+             *       containing header_fields ['generation_location']
+             *       not containing header_fields ['generation_time_with_confidence']
+             *   }
+             * }
+             * </pre>
+             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_02_01_BV
+             * @reference    ETSI TS 103 097 [1], clause 7.2
+             */
+            testcase TC_SEC_ITSS_SND_DENM_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+                // Local variables
+                var GeoNetworkingInd v_geoNwInd;
+                var HeaderFields v_headersFields;
+                var ItsDenm v_denmComponent;
+                var integer v_previousHeaderType;
+                
+                // Test control
+                if (not(PICS_GN_SECURITY)) {
+                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+                    stop;
+                }
+                
+                // Test component configuration
+                f_cf01Up();
+                
+                // Test adapter configuration
+                
+                // Preamble
+                f_prNeighbour();
+                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
+                
+                // Test Body
+                v_denmComponent := f_triggerDenmEvent();
+                tc_ac.start;
+                alt {
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(
+                                mdw_securedMessage(
+                                    superset(
+                                        mw_header_field( e_signer_info ), 
+                                        mw_header_field( e_generation_time ), 
+                                        mw_header_field( e_generation_location ), 
+                                        mw_header_field_its_aid_DENM
+                                    )
+                                ), 
+                                mw_geoNwAnyPacket_withPayload(
+                                    ?
+                    )))) -> value v_geoNwInd {
+                        tc_ac.stop;
+                        
+                        // Process header fields manually
+                        v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields);
+                        
+                        // Check that signerInfo is first header
+                        if (lengthof(v_headersFields) < 1 or (v_headersFields[0].type_ != e_signer_info)) {
+                            log("*** " & testcasename() & ": FAIL: SignerInfo is not first header");
+                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);    
+                        }
+                       
+                        v_previousHeaderType := enum2int(v_headersFields[0].type_);
+                        for (var integer v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) {
+                            // Check forbidden header
+                            if (v_headersFields[v_counter].type_ == e_generation_time_standard_deviation) {
+                                log("*** " & testcasename() & ": FAIL: Forbidden header present");
+                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                            }
+                            if (v_headersFields[v_counter].type_ == e_signer_info) {
+                                log("*** " & testcasename() & ": FAIL: multiple instances of signer_info header");
+                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                            }
+                            if (v_counter > 1 ) {
+                                // Check that no header is duplicated
+                                if (enum2int(v_headersFields[v_counter].type_) == v_previousHeaderType) {
+                                    log("*** " & testcasename() & ": FAIL: multiple instances of the same header");
+                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                                }
+                                
+                                // Check that headers are ordered
+                                if (enum2int(v_headersFields[v_counter].type_) <= v_previousHeaderType) { 
+                                    log("*** " & testcasename() & ": FAIL: headers are not in the correct order");
+                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+                                }
+                            }
+                            v_previousHeaderType := enum2int(v_headersFields[v_counter].type_);
+                        } // End of 'for' statement
+                        
+                        log("*** " & testcasename() & ": PASS: correct secured packet received");
+                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+                    }
+                    
+                    // DENM without mandatory fields 
+                    [] geoNetworkingPort.receive(
+                        mw_geoNwInd(
+                            mw_geoNwSecPdu(