Newer
Older
# ETSI ITS protocols project
## General Information
This repositories contains the test specifications and test adapter code for ETSI ITS protocols testing.
ETSI ITS protocols project supports:
- ETSI EN 302 637-2: "Intelligent Transport Systems (ITS); Vehicular Communications; Basic Set of Applications; Part 2: Specification of Cooperative Awareness Basic Service"
- ETSI EN 102 637-3: "Intelligent Transport Systems (ITS); Vehicular Communications; Basic Set of Applications; Part 3: Specifications of Decentralized Environmental Notification Basic Service"
- ETSI TS 103 301: "Intelligent Transport Systems (ITS); Vehicular Communications; Basic Set of Applications; Facilities layer protocols and communication requirements for infrastructure services"
- EN 302 636-5-1: "Intelligent Transport Systems (ITS); Vehicular Communications; GeoNetworking; Part 5: Transport Protocols; Sub-part 1: Basic Transport Protocol"
- EN 302 636-4-1: "Intelligent Transport Systems (ITS); Vehicular Communications; GeoNetworking; Part 4: Geographical addressing and forwarding for point-to-point and point-to-multipoint communications; Sub-part 1: Media-Independent Functionality"
In addition, it also support ITS Security as define by:
- ETSI TS 103 940: "Intelligent Transport Systems (ITS); Security; Security Architecture and Management".
- ETSI TS 103 097: "Intelligent Transport Systems (ITS); Security; Security header and certificate formats".
- ETSI TS 102 941: "Intelligent Transport Systems (ITS); Security; Trust and Privacy Management technical specification"
- IEEE Std 1609.2™-2016: "IEEE Standard for Wireless Access in Vehicular Environments –Security Services for Applications and Management Messages"
- IEEE Std 1609.2a™-2017: "Standard for Wireless Access In Vehicular Environments – Security Services for Applications and Management Messages Amendment 1".
Contact information
Email at cti_support at etsi dot org
License
Unless specified otherwise, the content of this repository and the files contained are released under the ETSI Software License.
See the attached LICENSE file or visit
https://forge.etsi.org/etsi-software-license
## STFs
The following STFs were or are currently involved in the evolutions of the ETSI ITS protocols project:
- STF 405, STF 422, STF 424, STF 455, STF 462, STF 481, STF 484, STF 507, STF 517, STF 525, STF 538, STF 545, TTF T0002
The ETSI ITS protocols project builds and tests regularly on the following platforms:
- Windows ([Cygwin x64](https://cygwin.com/install.html), [Npcap SDK x64](https://nmap.org/npcap/#download) and [OpenSSL-Windows x64](https://www.openssl.org) are required)
Note: The [OpenSSL](https://www.openssl.org) version >= 1.1.1 is also required.
- Using [Vagrant](https://www.vagrantup.com/)
- Using [Docker](https://www.docker.com/)
- Using [Eclipse TITAN on Windows or Linux](https://projects.eclipse.org/projects/tools.titan/downloads)
How to choose one of these methods is depending of your host system.
NOTE: In all case, if you want to setup an continuous integration process (e.g. Jenkins), Docker is the best choice.
#### The host system is Windows
The both methods require a virtual machine. You can use either VirtualBox or WMware.
In this case, the easiest way is to use Vagrant.
#### The host system is Linux
Vagrant requires a virtual machine. You can use either VirtualBox or WMware.
Docker does not need a virtual machine, so it is the more efficant way.
Pre-requisites on your host machine:
- Install [Virtualbox](https://www.virtualbox.org/manual/ch01.html)
- Install [Vagrant](https://www.vagrantup.com/intro/getting-started/)
- Credentials to access [ETSI forge](https://forge.etsi.org/gitlab/users/sign_in)
- Set the environment variable USERNAME to your ETSI EOL account user name
- Set the environment variable PASSWORD to your ETSI EOL account password
- On your host machine, open a command line session (PuTTY, DOS window...)
- In the file Vagrantfile, modify the tag config.vm.provision replacing <username> & <password> strings by your ETSI credentials
- In the Vagrant folder, execute the following commands:
```sh
$ vagrant up --provider virtualbox --provision
...
```
NOTE The creation and the installations will take some time to achieve
- Stop vagrant virtual machine
```sh
$ vagrant halt
...
```
- Update the file 'Vagrantfile' to match with your networks configuration
- Re-start the vagrant virtual machine and log to to the machine
```sh
$ vagrant up
...
$ vagrant ssh
```
- On your host machine, open a the Docker Quickstart Terminal and change to a working folder such as ./temp/docker_its
- On your host machine, open a terminal and change to a working folder such as $HOME/temp/docker_its
On your host machine, download the following items from ETSI ITS protocols project:
- The docker folder
- The .jenkins.sh script file (hidden file) and add the execution rights on it
- Check the rights of the script files and the folders
From the your current directory, execute the following commands:
```sh
$ ./.jenkins.sh
...
```
NOTE The creation and the installations will take some time to achieve
- Start the container
```sh
$ ./docker/run-container.sh
Pre-requisites:
- Install Virtualbox
Procedure:
- Install a new Linux Virtual machine (Mint, Debian...)
- Update your system with the latest version of kernel and security packages
- Install the following packages (According to the Linux chosen, the package naming can be different)
autoconf
bison
build-essential
cmake
curl
graphviz
gdb
git-core
gnutls-bin
libglib2.0-dev
libpcap-dev
libgcrypt-dev
libncurses5-dev
libssl-dev
libtool-bin
libtool
libwireshark-dev
libxml2-dev
lsof
ntp
pkg-config
qt5-default
qtmultimedia5-dev
libqt5svg5-dev
subversion
sudo
sshpass
tcpdump
texlive-font-utils
tshark
valgrind
- In your home directory, create the following folders:
- $HOME/frameworks,
- $HOME/dev
- $HOME/lib
- In $HOME/frameworks, build the following package:
- asn1c, according the procedure specified [here](https://github.com/vlm/asn1c.git)
- Eclipse IDE for C/C++ Developers, according the procedure specified [here](https://www.eclipse.org/cdt/)
- TITAN, according the procedure specified [here](https://github.com/eclipse/titan.core)
- Import the TITAN plugin into your Eclipse IDE, according the procedure specified [here](https://github.com/eclipse/titan.core)
- Clone the ETSI ITS protocols project into $HOME/dev folder
$ git clone git clone --recurse-submodules -b TTF0002_Its --single-branch https://forge.etsi.org/gitlab/ITS/ITS.git ./TTF0002_Its
- Update your default environment with the content of the script $HOME/dev/TTF0002_Its/scripts/devenv.bash.ubuntu
#### Using Eclipse TITAN
When cloning the ETSI ITS project, you can find two specific files:
- TTF0002.tpd
- TTF0002_Linux.tpd
These two files are used create the ETSI ITS project workspace on Eclipse TITAN. To do it, please follow the steps below:
- Start eclipse using a new workspace, (e.g. with the name workspace_titan)
- Select the menu option File/import
- In the Dialog box,select TITAN/Project from .tpd file
- Select the correct TTF0002 .tpd file and follow the instructions
NOTE: When the Eclipse TITAN workspace is created, you have to build manually the librairy 'libasn1c.so' following the commands below:
```sh
$ cd <eclipse workspace>/TTF0002
$ mkdir -p ./bin/asn1
$ cd ./bin/asn1
$ make CC=gcc -f ../../asn1/Makefile
$ rm *.cc # To prevent TITAN to import these .cc source files into our project
## Usage
This clause describes how to compile and execute an Abstract Test Suite.
The procedures below illustrate how to run the CAM test suite. The same procedures will apply for any other ETSI ITS test suite.
Pre-requisites:
- Your machine is installed following one of the installation method describes in the previous clause
- Refer to the ETSI TS 103 099 for the description of the Test System architecture and configuration
- Procedure using TITAN command line (only):
- Open several SSH session (PuTTY...)
- Change to the directory ~/dev/TTF0002_Its/
- Modify the file config.mk according to your system:
- On Linux, comment all the lines using the '#' character
- On Windows, update the path accordingly
- Build the test suite AtsCAM using the following command:
$ export ATS=AtsCAM # The Abstract Test Suite you wnat to build, such as AtsDENM, AtsSecurity...
$ make
- Update the following fields (see ETSI TS 103 099 for details):
- To run the test suitem, execute the following command:
- The log files are located in ../logs/AtsCAM folder for this example. You can edit them using any editor or using the Eclipse TITAN log plugins
## How to generate ITS test certificates
The Test System includes a tool, asn1certgen, to generate ITS test certificates used for Conformance Testing.
This tool is located in the folder '~/dev/TTF0002_Its/tools/itscertgen/'.
Note: These certificates can not be used in a true architectures, there are present only for testing and/or debug purposes.
### Build the tool 'asn1certgen' to generate new certificates bundle
To build the tool, run the 'make' command in each of the following folders:
- cshared
- cxml
- checker
- asn1certgen
### Generate the certificates
After applying the previous clause, change to the folder '~/dev/TTF0002_Its/data/v3' and execute 'make' command:
```
The certificates will be located in the folder '~/dev/TTF0002_Its/data/v3/certificates'.
To use this newly generated certificates, you shall update two parameters located in the TTCN-3 file LibItsSecurity_Pixits. These are:
- LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH, which is the path the certificates folder (e.g. LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/<user>/tmp")
- LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME, which is the name of the certificates folder (e.g. LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "asn1c_cert")
### Modify or create new certificates
The folder '~/dev/TTF0002_Its/data/v3/profiles' contains an XML file for each certificate to be generated.
This XML file describes the certificate content (e.g. CERT_IUT_A_RCA.xml describes the root certificate for all CERT_IUT_A certificates).
By modifying these files, you can change create new certificate with different geographical area, different validity periods or different SSPs.
To re-generates the certificates, refer to the previous clause.
## Security Test suites configurations
The security Test suites configurations depends of the Test suite to be executed.
### ITS Protocol Test suites for Facilities layer
These are the ITS Test suites such as AtsCAM (102 868-x) , AtsDENM (102 869-x) or IVI (103 191-x) Test suites. These Test suite can be executed againt an ITS device configured to use Security.
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
In this cases, the following parameters shall be modified to match the ITS device configuration:
- PICS_IS_IUT_SECURED=true which indicates that the ITS device under test is secured
In addition, the Test System shall be configured to support the security modifying the following settings as described below:
- device_mode=1
- secured_mode=1
- sec_db_path=/home/<user>/dev/TTF0002_Its/data/v3/certificates
### ITS Protocol Test suites for Transport layer
This is the AtsGeoNetworking Test suite (ETSI TS 102 871-x) which required more specific configuration (ETSI EN 302 636-4-1).
In this cases, the following parameters shall be modified to match the ITS device configuration:
- PICS_GN_SECURITY=false, which indicate the GeoNetworking Test Suite does not manage ITS Security protocol
- PICS_IS_IUT_SECURED=true, which indicates that the ITS device under test is secured
In addition, the Test System shall be configured to support the security modifying the following settings as described below:
- device_mode=1
- secured_mode=1
- sec_db_path=/home/<user>/dev/TTF0002_Its/data/v3/certificates
### ITS Protocol Test suites for Security
This clause is relative to the AtsSecurity (ETSI TS 103 096-x) Test suite which are focused on ITS Security protocol (ETSI TS 103 097).
In this cases, the following parameters shall be modified to match the ITS device configuration:
- PICS_GN_SECURITY=true, which indicate the GeoNetworking Test Suite manages ITS Security protocol
- PICS_IS_IUT_SECURED=false
In addition, the Test System shall be configured to support the security modifying the following settings as described below:
- device_mode=0
- secured_mode=0
- its_aid=36 for CAM or 37 for DENM
### ITS Protocol Test suites for Security/PKI
This clause is relative to the AtsPki (ETSI TR 103 525-x) Test suite which are focused on ITS PKI Security protocol (ETSI TS 102 941).
In this cases, the following parameters shall be modified according to the considered group of tests:
- For all tests focused on ITS device enrolment:
- PICS_GN_SECURITY=true, which indicate the GeoNetworking Test Suite manages ITS Security protocol
- PICS_IS_IUT_SECURED=false
- HTTP_P_PL_ACT_AS_SERVER=true
- PICS_MULTIPLE_END_POINT=false
- PICS_IUT_ITS_S_ROLE=true
- For all tests focused on PKI:
- HTTP_P_PL_ACT_AS_SERVER=true
- PICS_MULTIPLE_END_POINT=true
In addition, the Test System shall be configured to support the security modifying the following settings as described below:
- device_mode=0
- secured_mode=0
The official version of Wireshark, supporting ETSI ITS Protocols, is available [here](https://www.wireshark.org/download.html).
Some sample capture files are available [here](https://wiki.wireshark.org/SampleCaptures).
The ETSI ITS protocols project is under constant development, so it is possible that you will
encounter a bug while using it. Please report bugs at cti_support at etsi dot org.