TOs to be implemented in TP and TTCN3 moved into correct section. Under Ideas...

- TP_5GNAS_AMF_REG_ACC_03

    - Verify that the IUT sends a REGISTRATION ACCEPT message indicating SMS over NAS not allowed when initial registration with SMS over NAS is requested and network does not support SMS service.

# TP objective ideas reviewed

## Section 5.4.1.3.7 (FF)

- TP_5GNAS_AMF_AUT_ABN_01

    - Verify that the IUT sends a new AUTHENTICATION REQUEST message to obtain the SUCI from the UE upon receipt of an AUTHENTICATION FAILURE message indicating a 5GMM cause value #26 - non-5G authentication unacceptable. (FF)

        - This case is also valid in cases where the UE send Auth Response, but the response parameters do not match.

        - Please check Note 2: "... the network may also terminate the 5G AKA based primary authentication ..." Depends on ID used in Initial NAS message

- TP_5GNAS_AMF_AUT_ABN_02

    - Verify that the IUT sends a new AUTHENTICATION REQUEST message to re-initiate the 5G AKA based primary authentication upon receipt of an IDENTIFICATION RESPONSE message indicating an incorrect 5G-GUTI to SUPI mapping. (FF)

- TP_5GNAS_AMF_AUT_ABN_03

    - Verify that the IUT sends a AUTHENTICATION REJECT message to terminate the 5G AKA based primary authentication and key agreement authentication procedure upon receipt of an IDENTIFICATION RESPONSE message indicating an correct 5G-GUTI to SUPI mapping. (FF)

- TP_5GNAS_AMF_AUT_ABN_04

    - Verify that the IUT sends a new AUTHENTICATION REQUEST message after a successful re-synchronisation procedure upon receipt of an AUTHENTICATION FAILURE message indicating a 5GMM cause value #21 (Synch failure) and including the AUTS parameter. (FF)

## Section 5.4.2: Security mode control procedure (FF)

- TP_5GNAS_AMF_SEC_ACC_01

    - Verify that the IUT, upon receiving the NAS Security Mode Complete Message after completing the NAS Authentication and Security procedure, successfully completes the registration process by accepting the registration.

- TP_5GNAS_AMF_SEC_REJ_01

    - Verify that the IUT, upon receiving the NAS Security Mode Reject Message after a failed NAS Authentication and security procedure, successfully aborts the registration process by rejecting the registration.

- TP_5GNAS_AMF_SEC_ABN_01

    - Verify that the IUT sends a new AUTHENTICATION REQUEST message to re-initiate the 5G AKA based primary authentication upon receipt of an AUTHENTICATION FAILURE message indicating a 5GMM cause value #71 (ngKSI already in use). (FF)    See above in Section 5.4.1.3.7

## ## Section 5.4.3: Identification procedure (FF)

- TP_5GNAS_AMF_IDN_ACC_02

    - Verify that the IUT sends an IDENTITY REQUEST message correctly upon receipt of an AUTHENTICATION FAILURE message indicating a 5GMM cause value #20. (already implemented as: TP_5GNAS_AMF_AUT_REQ_04)

- TP_5GNAS_AMF_IDN_RES_01

    - Verify that the IUT, upon receiving an IDENTITY RESPONSE message from the UE with an incorrect IMSI, correctly sends an AUTHENTICATION REQUEST message. The IDENTITY REQUEST message is triggered during an authentication procedure with a failed authentication (AUTHENTICATION FAILURE).

- TP_5GNAS_AMF_IDN_REJ_01

    - Verify that the IUT, upon receiving an IDENTITY RESPONSE message from the UE with a correct IMSI, correctly sends an AUTHENTICATION REJECT message. The IDENTITY REQUEST message is triggered during an authentication procedure with a failed authentication (AUTHENTICATION FAILURE).

- TP_5GNAS_AMF_IDN_RES_02

    - Verify that the IUT stops re-sending an Identity REQUEST message if no Identity RESPONSE message is received on the fifth expiry of timer T3519.

## Section 5.4.5: NAS transport procedure (FF) ( 8.2.10, 8.2.11)

- TP_5GNAS_AMF_DLN_ACC_01

    - Verify that the IUT correctly handles a UL NAS transport message containing a PDU SESSION ESTABLISHMENT REQUEST from the UE and responds with a DL NAS transport message containing a PDU SESSION ESTABLISHMENT ACCEPT.

    **Note:** This test idea could be unnecessary. Since the messages DL and UL NAS transport are intrinsically linked to PDU Sessions, their functionality is already verified within the scope of sections 6.3 and 6.4.

[KSCH] PDU Session control is just one procedure using UL and DL TRANSFERs. Chapter 5.4.5.1 lists 9 different payload container types (a) to (i) most of them are not covered by the proposed TPs till now.

## Section 5.5.1.2.4: Initial registration accepted by the network (SINTESIO)

- TP_5GNAS_AMF_REG_ACC_04

- TP_5GNAS_AMF_DRG_REQ_03

    - Verify that the IUT initiates network de-registration by sending DEREGISTRATION REQUEST message containing De-registration type IE with re-registration required and the access type based on the UE’s registration status (3GPP access only). **NOTE 1:** UE sends DEREGISTRATION ACCEPT and starts with re-registration procedure.(also used ref 5.5.2.3.2 1st paragraph) **NOTE 2:** explicit network deregistration triggered by O&M - UE deregistration

# TP objective ideas reviewed

## Section 5.4.1.3.7 (FF)

- TP_5GNAS_AMF_AUT_ABN_02

    - Verify that the IUT sends a new AUTHENTICATION REQUEST message to re-initiate the 5G AKA based primary authentication upon receipt of an IDENTIFICATION RESPONSE message indicating an incorrect 5G-GUTI to SUPI mapping. (FF)

- TP_5GNAS_AMF_AUT_ABN_03

    - Verify that the IUT sends a AUTHENTICATION REJECT message to terminate the 5G AKA based primary authentication and key agreement authentication procedure upon receipt of an IDENTIFICATION RESPONSE message indicating an correct 5G-GUTI to SUPI mapping. (FF)

- TP_5GNAS_AMF_AUT_ABN_04

    - Verify that the IUT sends a new AUTHENTICATION REQUEST message after a successful re-synchronisation procedure upon receipt of an AUTHENTICATION FAILURE message indicating a 5GMM cause value #21 (Synch failure) and including the AUTS parameter. (FF)

## Section 5.4.2: Security mode control procedure (FF)

- TP_5GNAS_AMF_SEC_ABN_01

    - Verify that the IUT sends a new AUTHENTICATION REQUEST message to re-initiate the 5G AKA based primary authentication upon receipt of an AUTHENTICATION FAILURE message indicating a 5GMM cause value #71 (ngKSI already in use). (FF)    See above in Section 5.4.1.3.7

## ## Section 5.4.3: Identification procedure (FF)

- TP_5GNAS_AMF_IDN_ACC_02

    - Verify that the IUT sends an IDENTITY REQUEST message correctly upon receipt of an AUTHENTICATION FAILURE message indicating a 5GMM cause value #20. (already implemented as: TP_5GNAS_AMF_AUT_REQ_04)

- TP_5GNAS_AMF_IDN_RES_01

    - Verify that the IUT, upon receiving an IDENTITY RESPONSE message from the UE with an incorrect IMSI, correctly sends an AUTHENTICATION REQUEST message. The IDENTITY REQUEST message is triggered during an authentication procedure with a failed authentication (AUTHENTICATION FAILURE).

- TP_5GNAS_AMF_IDN_REJ_01

    - Verify that the IUT, upon receiving an IDENTITY RESPONSE message from the UE with a correct IMSI, correctly sends an AUTHENTICATION REJECT message. The IDENTITY REQUEST message is triggered during an authentication procedure with a failed authentication (AUTHENTICATION FAILURE).

- TP_5GNAS_AMF_IDN_RES_02

    - Verify that the IUT stops re-sending an Identity REQUEST message if no Identity RESPONSE message is received on the fifth expiry of timer T3519.

## Section 5.5.2.3.1 Network-initiated de-registration procedure initiation (SINTESIO)

- TP_5GNAS_AMF_DRG_REQ_04

    - Verify that if de-registration is triggered due to IUT slice-specific authentication and authorization failure or revocation, the network sets the 5GMM cause value to #62 "No network slices available" and includes the rejected NSSAI IE in the DEREGISTRATION REQUEST message.

- TP_5GNAS_AMF_EST_STA_02

    - Verify that IUT is able to receive 5GMM STATUS message from UE and no state transition and no specific action shall be taken.

## 6.5 5GSM status procedure  (SINTESIO)

## 6.5.2 5GSM status received in the UE

## 6.5.2 5GSM status received in the UE  (SINTESIO)

- TP_5GNAS_AMF_SST_STA_01

    - Verify that IUT is able to trigger 5GSM STATUS message with all mandatory IEs. 

## 6.5.3 5GSM status received in the SMF

## 6.5.3 5GSM status received in the SMF  (SINTESIO)

- TP_5GNAS_AMF_SST_STA_02

    - Verify that IUT is able to receive 5GSM STATUS message from UE and no state transition and no specific action shall be taken.

procedure has been completed

# TP objectives ideas

[BPIN] TODOs for future TTFs

## Section 5.4.5: NAS transport procedure (FF) ( 8.2.10, 8.2.11)

[KSCH] PDU Session control is just one procedure using UL and DL TRANSFERs. Chapter 5.4.5.1 lists 9 different payload container types (a) to (i) most of them are not covered by the proposed TPs till now. [BPIN] Comment is related to "Section 5.4.5: NAS transport procedure" and need to be considered in future to prepare additional TOs

## 6.3.3.2 Network-requested PDU session release procedure initiation (FF)

Note: possible to test? In this case the IUT can't be triggered with a (interface) message.

[KSCH] Potential Tigger is also the UE originateed PDU SESSION RELEASE REQUEST, besides others e.g. O&M Disable SMF 

[KSCH] There are several procedures, which can't be triggered with an interfce message. We should not restrict the environment in that way, as the overall test coverage would be reduced drastically. As mentioned above an O&M Interface has to be supported for other reasons as well. 

##

[KSCH] General Remark on Test Coverage

Potential Proedures to be tested - for the sake of total test coverage

Potential Procedures to be tested - for the sake of total test coverage

- 5.6.1 Service request procedure (a) to l) 12 different types - some are covered) [BPIN 5.6.1.1 Done]

- 5.6.2 Paging procedure

- 5.6.3 Notification procedure