M/338 - Electronic road toll systems

This document gives guidelines for the development of multi-operator/multi-service interoperable
public surface (including subways) transport fare management systems (IFMSs) on a national and
international level.
This document is applicable to bodies in public transport and related services which agree that their
systems need to interoperate.
This document defines a conceptual framework which is independent of organizational and physical
implementation. Any reference within this document to organizational or physical implementation is
purely informative.
This document defines a reference functional architecture for IFMSs and establishes the requirements
that are relevant for ensuring interoperability between several actors in the context of the use of
electronic tickets.
The IFMS includes all the functions involved in the fare management process, such as:
— management of media,
— management of applications,
— management of products,
— security management, and
— certification, registration, and identification.
This document defines the following main elements:
— identification of the different sets of functions in relation to the overall IFMS and services and media
from non-transport systems which interact with fare management systems;
— a generic model of an IFMS describing the logical and functional architecture and the interfaces
within the system, with other IFMSs and with services and media from non-transport systems;
— use cases describing the interactions and data flows between the different sets of functions;
— security requirements.
In its annexes, this document provides a framework for mobility platforms that integrate fare
management and travel information for inter- and multimodal travel (see Annex A). It also elaborates
on specific subjects covered in document and offers some national examples with regard to IFMS
implementations (see Annex B, Annex C, Annex D and Annex E).
This document does not define:
— the technical aspects of the interface between the medium and the medium access device;
— the data exchanges between the medium and the medium access device;
NOTE The data exchanges between the medium and the medium access device are proposed by other
standardization committees.
— the financial aspects of fare management systems (e.g. customer payments, method of payment,
settlement, apportionment, reconciliation).

This document provides an EETS gap analysis with the aim to identify the need for new or updated standards to provide an enhanced support of the recast of the EU EETS legislation [29], [31], [32].

This document specifies the test suite structure (TSS) and test purposes (TPs) for evaluating the
conformity of on-board equipment (OBE) and roadside equipment (RSE) to ISO 12813.
It provides a basis for conformance tests for dedicated short-range communication (DSRC) OBE and
RSE to support interoperability between different equipment supplied by different manufacturers.
ISO 12813 defines requirements on the compliance check communication (CCC) interface level, but
not for the RSE or OBE internal functional behaviour. Consequently, tests regarding OBE and/or RSE
functional behaviour remain outside the scope of this document.

This document defines an information security framework for all organizational and technical entities
of an EFC scheme and for the related interfaces, based on the system architecture defined in ISO 17573-1.
The security framework describes a set of security requirements and associated security measures.
Annex D contains a list of potential threats to EFC systems and a possible relation to the defined
security requirements. These threats can be used for a threat analysis to identify the relevant security
requirements for an EFC system.
The relevant security measures to secure EFC systems can then be derived from the identified security
requirements.

This document specifies transactions and data for Compliance Checking - Secure Monitoring. The Scope of this document consists of:
-   the concept and involved processes for Secure Monitoring;
-   the definition of transactions and data;
-   the use of the OBE compliance checking transaction as specified in EN ISO 12813, for the purpose of Compliance Checking - Secure Monitoring;
-   the use of back end transactions as specified in EN ISO 12855, for the purpose of Compliance Checking – Secure Monitoring. This includes definitions for the use of optional elements and reserved attributes;
-   a specification of technical and organizational security measures involved in Secure Monitoring, on top of measures provided for in the EFC Security Framework;
-   the interrelations between different options in the OBE, TSP and TC domain and their high level impacts.
NOTE   Outside the Scope of this document is: The information exchange between OBE and TR, choices related to compliance checking policies e.g. which options are used, whether undetected/unexpected observations are applied, whether fixed, transportable or mobile compliance checking are deployed, locations and intensity of checking of itinerary freezing and checking of toll declaration, details of procedures and criteria for assessing the validity or plausibility of Itinerary Records.

This document defines requirements for short-range communication for the purposes of compliance checking in autonomous electronic fee collecting systems. Compliance checking communication (CCC) takes place between a road vehicle's on-board equipment (OBE) and an interrogator (roadside mounted equipment, mobile device or hand-held unit), and serves to establish whether the data that are delivered by the OBE correctly reflect the road usage of the corresponding vehicle according to the rules of the pertinent toll regime. The operator of the compliance checking interrogator is assumed to be part of the toll charging role as defined in ISO 17573-1. The CCC permits identification of the OBE, vehicle and contract, and verification of whether the driver has fulfilled his obligations and the checking status and performance of the OBE. The CCC reads, but does not write, OBE data. This document is applicable to OBE in an autonomous mode of operation; it is not applicable to compliance checking in dedicated short-range communication (DSRC)-based charging systems. It defines data syntax and semantics, but not a communication sequence. All the attributes defined herein are required in any OBE claimed to be compliant with this document, even if some values are set to “not defined” in cases where certain functionality is not present in an OBE. The interrogator is free to choose which attributes are read in the data retrieval phase, as well as the sequence in which they are read. In order to achieve compatibility with existing systems, the communication makes use of the attributes defined in ISO 14906 wherever useful. The CCC is suitable for a range of short-range communication media. Specific definitions are given for the CEN-DSRC as specified in EN 15509, as well as for the use of ISO CALM IR, the Italian DSRC as specified in ETSI ES 200 674-1, ARIB DSRC and WAVE DSRC as alternatives to the CEN-DSRC. The attributes and functions defined are for compliance checking by means of the DSRC communication services provided by DSRC application layer, with the CCC attributes and functions made available to the CCC applications at the roadside equipment (RSE) and OBE. The attributes and functions are defined on the level of application data units (ADU).

This document defines the requirements for the secure application module (SAM) used in the secure monitoring compliance checking concept. It specifies two different configurations of a SAM:
-   trusted recorder, for use inside an OBE;
-   verification SAM, for use in other EFC system entities.
This document describes
-   terms and definitions used to describe the two Secure Application Module configurations;
-   operation of the two Secure Application Modules in the secure monitoring compliance checking concept;
-   functional requirements for the two Secure Application Modules configurations, including a classification of different security levels;
-   the interface, by means of transactions, messages and data elements, between an OBE or Front End and the trusted recorder;
—   requirements on basic security primitives and key management procedures to support Secure Monitoring using a trusted recorder.
This document is consistent with the EFC architecture as defined in FprEN ISO 17573-1 and the derived suite of standards and Technical Specifications, especially FprCEN/TS 16702-1 and CEN ISO/TS 19299.
The following is outside the scope of this document:
-   The life cycle of a Secure Application Module and the way in which this is managed;
-   The interface commands needed to get a Secure Application Module in an operational state;
-   The interface definition of the verification SAM;
-   Definition of a hardware platform for the implementation of a Secure Application Module.

This document defines the requirements for the secure application module (SAM) used in the secure monitoring compliance checking concept. It specifies two different configurations of a SAM:
-   trusted recorder, for use inside an OBE;
-   verification SAM, for use in other EFC system entities.
This document describes
-   terms and definitions used to describe the two Secure Application Module configurations;
-   operation of the two Secure Application Modules in the secure monitoring compliance checking concept;
-   functional requirements for the two Secure Application Modules configurations, including a classification of different security levels;
-   the interface, by means of transactions, messages and data elements, between an OBE or front end and the trusted recorder;
-   requirements on basic security primitives and key management procedures to support Secure Monitoring using a trusted recorder.
This document is consistent with the EFC architecture as defined in EN ISO 17573-1 and the derived suite of standards and Technical Specifications, especially CEN/TS 16702-1 and CEN ISO/TS 19299.
The following is outside the scope of this document:
-   The life cycle of a Secure Application Module and the way in which this is managed;
-   The interface commands needed to get a Secure Application Module in an operational state;
-   The interface definition of the verification SAM;
-   Definition of a hardware platform for the implementation of a Secure Application Module.

This document specifies transactions and data for Compliance Checking - Secure Monitoring. The Scope of this document consists of:
—-   the concept and involved processes for Secure Monitoring;
-   the definition of transactions and data;
-   the use of the OBE compliance checking transaction as specified in EN ISO 12813, for the purpose of Compliance Checking - Secure Monitoring;
-   the use of back end transactions as specified in EN ISO 12855, for the purpose of Compliance Checking – Secure Monitoring. This includes definitions for the use of optional elements and reserved attributes;
-   a specification of technical and organizational security measures involved in Secure Monitoring, on top of measures provided for in the EFC Security Framework;
-   the interrelations between different options in the OBE, TSP and TC domain and their high level impacts.
NOTE   Outside the Scope of this document is: The information exchange between OBE and TR, choices related to compliance checking policies e.g. which options are used, whether undetected/unexpected observations are applied, whether fixed, transportable or mobile compliance checking are deployed, locations and intensity of checking of itinerary freezing and checking of toll declaration, details of procedures and criteria for assessing the validity or plausibility of Itinerary Records.

This document defines requirements for short-range communication for the purposes of compliance checking in autonomous electronic fee collecting systems. Compliance checking communication (CCC) takes place between a road vehicle's on-board equipment (OBE) and an interrogator (roadside mounted equipment, mobile device or hand-held unit), and serves to establish whether the data that are delivered by the OBE correctly reflect the road usage of the corresponding vehicle according to the rules of the pertinent toll regime.
The operator of the compliance checking interrogator is assumed to be part of the toll charging role as defined in ISO 17573-1. The CCC permits identification of the OBE, vehicle and contract, and verification of whether the driver has fulfilled his obligations and the checking status and performance of the OBE. The CCC reads, but does not write, OBE data.
This document is applicable to OBE in an autonomous mode of operation; it is not applicable to compliance checking in dedicated short-range communication (DSRC)-based charging systems.
It defines data syntax and semantics, but not a communication sequence. All the attributes defined herein are required in any OBE claimed to be compliant with this document, even if some values are set to "not defined" in cases where certain functionality is not present in an OBE. The interrogator is free to choose which attributes are read in the data retrieval phase, as well as the sequence in which they are read. In order to achieve compatibility with existing systems, the communication makes use of the attributes defined in ISO 14906 wherever useful.
The CCC is suitable for a range of short-range communication media. Specific definitions are given for the CEN-DSRC as specified in EN 15509, as well as for the use of ISO CALM IR, the Italian DSRC as specified in ETSI ES 200 674-1, ARIB DSRC and WAVE DSRC as alternatives to the CEN-DSRC. The attributes and functions defined are for compliance checking by means of the DSRC communication services provided by DSRC application layer, with the CCC attributes and functions made available to the CCC applications at the roadside equipment (RSE) and OBE. The attributes and functions are defined on the level of application data units (ADU).
The definition of the CCC includes:
— the application interface between OBE and RSE (as depicted in Figure 2);
— use of the generic DSRC application layer as specified in ISO 15628 and EN 12834;
— CCC data type specifications given in Annex A;
— a protocol implementation conformance statement (PICS) proforma is given in Annex B;
— use of the CEN-DSRC stack as specified in EN 15509, or other equivalent DSRC stacks as described in Annex C, Annex D, Annex E and Annex F;
— security services for mutual authentication of the communication partners and for signing of data (see Annex H);
— an example CCC transaction is presented in Annex G;
— the informative Annex I highlights how to use this document for the European electronic toll service (as defined in Commission Decision 2009/750/EC).
Test specifications are not within the scope of this document.

This document defines the architecture of toll system environments in which a customer with one contract may use a vehicle in a variety of toll domains and with a different Toll Charger for each domain.
Toll systems conforming to this document may be used for various purposes including road (network) tolling, area tolling, collecting toll for bridges, tunnels, ferries, for access, for parking. From a technical point of view the considered toll systems use electronic equipment on-board of a vehicle.
The actual collection of the toll, i.e. collecting payments, is outside of the scope of this document.
The architecture in this document is defined with no more details than those required for an overall overview, a common language, an identification of the need for and interactions among other standards, and the drafting of these standards.
This document as a whole provides:
• The enterprise view on the architecture, which is concerned with the purpose, scope and policies governing the activities of the specified system within the organization of which it is a part.
• Terms and definitions for common use in a toll environment
• A decomposition of the toll systems environment into its main enterprise objects
• The roles and responsibilities of the main actors
• Identification of the provided services by means of action diagrams that underline the needed standardised exchanges
• Identification of interoperability interfaces and related standards

This document defines the architecture of electronic fee collection (EFC) system environments, in which a customer with one contract may use a vehicle in a variety of toll domains with a different toll charger for each domain.
EFC systems conforming to this document can be used for various purposes including road (network) tolling, area tolling, collecting fees for the usage of bridges, tunnels, ferries, for access or for parking. From a technical point of view the considered toll systems may identify vehicles subject to tolling by means of electronic equipment on-board in a vehicle or by other means (e.g. automatic number plate recognition, ANPR).
From a process point of view the architectural description focuses on toll determination, toll charging, and the associated enforcement measures. The actual collection of the toll, i.e. collecting payments, is outside of the scope of this document.
The architecture in this document is defined with no more details than required for an overall overview, a common language, an identification of the need for and interactions among other standards, and the drafting of these standards.
This document as a whole provides:
— the enterprise view on the architecture, which is concerned with the purpose, scope and policies governing the activities of the specified system within the organization of which it is a part;
— the terms and definitions for common use in an EFC environment;
— a decomposition of the EFC systems environment into its main enterprise objects;
— the roles and responsibilities of the main actors. This document does not impose that all roles perform all indicated responsibilities. It should also be clear that the responsibilities of a role may be shared between two or more actors. Mandating the performance of certain responsibilities is the task of standards derived from this architecture;
— identification of the provided services by means of action diagrams that underline the needed standardised exchanges;
— identification of the interoperability interfaces for EFC systems, in specialised standards (specified or to be specified).

This document provides a suite of tests in order to assess the central equipment of toll chargers and toll service providers for compliancy towards the requirements listed in CEN/TS 16986. This document contains the definition of such tests in the form of test cases, reflecting the required individual steps listed in specific Test Purposes defined in FprCEN/TS 17154-1. The test cases are written in Testing and Test Control Notation version 3 (TTCN v3).

This document provides a suite of tests in order to assess the central equipment of toll chargers and toll service providers for compliancy towards the requirements listed in CEN/TS 16986. This document contains the definition of such tests in the form of test cases, reflecting the required individual steps listed in specific Test Purposes defined in FprCEN/TS 17154-1. The test cases are written in Testing and Test Control Notation version 3 (TTCN v3).

This document provides a suite of tests in order to assess the central equipment of toll chargers and toll service providers for compliancy towards the requirements listed in CEN/TS 16986. This document contains the definition of such tests in the form of test cases, reflecting the required individual steps listed in specific Test Purposes defined in CEN/TS 17154-1. The test cases are written in Testing and Test Control Notation version 3 (TTCN v3).

This document specifies the test suite structure (TSS) and test purposes (TP) to test conformity of central equipment of both toll chargers and toll service providers versus CEN/TS 16986.
It further provides templates for the protocol conformance test reports (PCTR) for the implementation under tests (IUT) for both the toll charger and the toll service provider.
This document contains the technical provisions to perform conformance testing of functional and dynamic behaviour of implementations conforming to CEN/TS 16986.
NOTE   The specifications in this Part provide the base for the tree and tabular combined notation (TTCN) of the test cases and steps which are provided in CEN/TS 17154 2.

The ISO 16410 series provides a suite of tests in order to assess the Front End (FE) and Back End (BE)
behaviour’s compliancy towards the requirements listed in ISO 17575-3. This document contains
the definition of such tests in the form of test cases, reflecting the required individual steps listed in
specific test purposes defined in ISO 16410-1. The test cases are written in Testing and Test Control
Notation version 3 (TTCN v3).

The ISO 16407 series provides a suite of tests in order to assess the Front End (FE) and Back End
(BE) behaviour compliancy towards the requirements listed in ISO 17575-1. This document contains
the definition of such tests in the form of test cases, reflecting the required individual steps listed in
specific test purposes defined in ISO 16407-1. The test cases are written in Testing and Test Control
Notation version 3 (TTCN v3).

The ISO 16410 series provides a suite of tests in order to assess the Front End (FE) and Back End (BE) behaviour's compliancy towards the requirements listed in ISO 17575‑3. This document contains the definition of such tests in the form of test cases, reflecting the required individual steps listed in specific test purposes defined in ISO 16410‑1. The test cases are written in Testing and Test Control Notation version 3 (TTCN v3).

The ISO 16407 series provides a suite of tests in order to assess the Front End (FE) and Back End (BE) behaviour compliancy towards the requirements listed in ISO 17575‑1. This document contains the definition of such tests in the form of test cases, reflecting the required individual steps listed in specific test purposes defined in ISO 16407‑1. The test cases are written in Testing and Test Control Notation version 3 (TTCN v3).

This document specifies the application interface in the context of electronic fee collection (EFC) systems using the dedicated short-range communication (DSRC).

This document contains the definition of test cases, reflecting the individual steps listed in specific test
purposes defined in ISO/TR 16401-1. The test cases are written in Testing and Test Control Notation
version 3 (TTCN-3).

This document covers the test purposes for Front End Communications API covering functionalities
related to instance handling, session handling, communication service primitives (i.e.
sending/receiving of ADUs) and visible state transitions. It covers EFC communication services
described in ISO 17575-2:2016, Clause 5 and PICS proforma in ISO 17575-2:2016, B.2. Claims related to
Front End storage capacity are out of scope of this document.
This document covers the test purposes for Front End Application related to session establishment on
Back End request and related to session re-establishment when session requested by Back End failed.
There are no other claims with respect to Front End Application described in ISO 17575-2.
The underlying communication technology requirements for layer 1 to 4 specified in ISO 17575-2:2016,
Clause 6 are out of scope of this document.
Similarly, Back End Communications API is out of scope of this document. According to ISO 17575-2
it is expected that these Front End Communications API will be “reflected” in the BE; however, BE
Communications API is out of scope of ISO 17575-2.
Test purposes have been organized into the test suite groups, designated for the Front End
Communications API and Front End Application, respectively.
Aside from the test purposes, this document also provides proforma conformance test reports
templates for both the Front End and Back End test purposes.
ISO 17575-2 contains more information regarding the requirements against which the conformance is
evaluated in this document.

This document defines the data transfer models between roadside equipment (RSE) and integrated
circuit card (ICC) and the interface descriptions between the RSE and on-board equipment (OBE) for
on-board accounts using the ICC. It also provides examples of interface definitions and transactions
deployed in several countries.
This document covers:
— data transfer models between the RSE and ICC which correspond to the categorized operational
requirements and the data transfer mechanism for each model;
— interface definition between the RSE and OBE based on each data transfer model;
— interface definition for each model;
— functional configuration;
— RSE command definitions for ICC access;
— data format and data element definitions of RSE commands;
— a transaction example for each model in Annex B.

The ISO 16407 series of standards specifies a suite of tests in order to assess the Front End and Back
End behaviour compliancy towards the requirements listed in ISO 17575-1. This document contains the
definition of such tests in the form of test purposes, listing the required initial conditions, references
and individual steps in a structured textual manner.
Test purposes defined in this document reflect the structural and semantical requirements stated in
ISO 17575-1:
— presence/absence of particular data elements;
— semantics related to various data elements:
— data group General (see ISO 17575-1:2016, 7.3);
— data group Security (see ISO 17575-1:2016, 7.4);
— data group Contract (see ISO 17575-1:2016, 7.5);
— data group Usage (see ISO 17575-1:2016, 7.6);
— data group Account (see ISO 17575-1:2016, 7.7);
— data group Versioning (see ISO 17575-1:2016, 7.8).
With regard to the individual data sets and EFC attributes defined in ISO 17575-1, the test purposes
have been organized into the test suite groups designated for the Front End and Back End, respectively.
Besides the test purposes, this document also specifies proforma conformance test report templates for
both the Front End and Back End test purposes.
For more information regarding the requirements against which the conformance is evaluated in this
document, see ISO 17575-1.
Testing of the following behaviours and functionalities is outside of the scope of this document:
— dynamic behaviour, i.e. sequence of messages and triggering events that can be exchanged/happen
to fulfil certain charging scenarios;
— profiles and business logic built on top of particular pricing schemas;
— as ISO 17575-1 does not specify any Behaviour Invalid of Front End and Back End, BI test purposes
are not applicable for any test purpose group.

The ISO 16410 series provides a suite of tests in order to assess compliance of the Front End and Back
End behaviours in relation to the requirements in ISO 17575-3. This document contains the definition of
such tests in the form of test purposes, listing the required initial conditions, references and individual
steps in a structured textual manner. ISO 16410-2 contains the identical tests written in testing and
test control notation version 3 (TTCN v3).
The test purposes defined in this document reflect the structural and semantic requirements stated in
ISO 17575-3.
— Presence/absence of particular data elements (see ISO 17575-3:2016, 8.5.5);
— Semantics related to various data elements, e.g.:
— Activation of context data and handling multiple contexts (see ISO 17575-3:2016, 8.3);
— Handling the precedence and priority levels (see ISO 17575-3:2016, 8.5.2 to 8.5.4);
— Uniqueness of relevant data elements (see ISO 17575-3:2016, 8.5.2 to 8.5.4);
— Correct definition of the charge objects (see ISO 17575-3:2016, 8.5.4);
— Fee calculation algorithm (see ISO 17575-3:2016, 8.5.3.7);
— Security (see ISO 17575-3:2016, 7.2).
With regard to the individual data sets and EFC attributes defined in ISO 17575-3, the test purposes
have been organized into the test suite groups, designated for the Front End and Back End respectively.
In addition to the test purposes, this document also provides proforma conformance test report
templates for both the Front End and Back End test purposes and an informative statement on the
usage of this document for the European electronic toll service (EETS).
For more information regarding the requirements against which the conformance is evaluated in this
document, refer to ISO 17575-3.
Testing of the following behaviours and functionalities is outside the scope of this document:
— dynamic behaviour, i.e. sequence of messages and triggering events that must be exchanged/happen
to fulfil certain charging scenarios;
— profiles and business logic built on top of particular pricing schemas;
— behaviour invalid of Front End and Back End, BI test purposes are not applicable for any test purpose
group (as ISO 17575-3 does not specify behaviour invalid).

ISO/TR 16401-1:2018 covers the test purposes for Front End Communications API covering functionalities related to instance handling, session handling, communication service primitives (i.e. sending/receiving of ADUs) and visible state transitions. It covers EFC communication services described in ISO 17575‑2:2016, Clause 5 and PICS proforma in ISO 17575‑2:2016, B.2. Claims related to Front End storage capacity are out of scope of this document.
ISO/TR 16401-1:2018 covers the test purposes for Front End Application related to session establishment on Back End request and related to session re-establishment when session requested by Back End failed. There are no other claims with respect to Front End Application described in ISO 17575‑2.
The underlying communication technology requirements for layer 1 to 4 specified in ISO 17575‑2:2016, Clause 6 are out of scope of this document.
Similarly, Back End Communications API is out of scope of this document. According to ISO 17575‑2 it is expected that these Front End Communications API will be "reflected" in the BE; however, BE Communications API is out of scope of ISO 17575‑2.
Test purposes have been organized into the test suite groups, designated for the Front End Communications API and Front End Application, respectively.
Aside from the test purposes, this document also provides proforma conformance test reports templates for both the Front End and Back End test purposes.
ISO 17575‑2 contains more information regarding the requirements against which the conformance is evaluated in this document.

ISO/TR 16401-2:2018 contains the definition of test cases, reflecting the individual steps listed in specific test purposes defined in ISO/TR 16401-1. The test cases are written in Testing and Test Control Notation version 3 (TTCN-3).

This document defines the Examination Framework for the measurement of charging performance
metrics defined in ISO/TS 17444-1 to be used during Evaluation and/or on-going Monitoring.
It specifies a method for the specification and documentation of a Specific Examination Framework
which can be used by the responsible entity to evaluate charging performance for a particular
information exchange interface or for overall charging performance within a Toll Scheme.
It provides a toolbox of Examination Tests for the roles of Toll Charger and Toll Service Provider for the
following Scheme types:
a) DSRC Discrete;
b) Autonomous Discrete;
c) Autonomous Continuous.
The detailed choice of the set of examination tests to be used depends on the application and the
respective context. Compliance with this specification is understood as using the definitions and
prescriptions laid out in this document whenever the respective system aspects are subjected to
performance measurements, rather than using other definitions and examination methods than the
ones specified in this document.
The following aspects are outside the scope of this document.
— This document does not propose specific numeric performance bounds, or average or worst-case
error bounds in percentage or monetary units. Those decisions are left to the Toll Charger (or
to agreements between Toll Charger and Service Provider).This document does not consider the
evaluation of the expected performance of a system based on modelling and measured data from
trial at another place.
— This document does not consider the specification of a common reference system which would be
required for comparison of performance between systems.
— This document defines measurements only on standardized interfaces. Proprietary interfaces
are excluded, because it is not possible to define standardized metrics on such system properties.
These excluded interfaces are among others the link between Toll Charger RSE and central systems
in DSRC systems, and the additional sensor input of GNSS modules (inertial sensors, CAN-bus for
wheel ticks, etc.).

This document defines metrics for the charging performance of electronic fee collection (EFC) systems
in terms of the level of errors associated with charging computation.
This document is a toolbox standard of metrics. The detailed choice of metrics depends on the
application and the respective context.
This document describes a set of metrics with appropriate definitions, principles and formulations,
which together make up a reference framework for the establishment of requirements for EFC systems
and their later examination of the charging performance.
The charging performance metrics defined in this document are intended for use with any Charging
Scheme, regardless of its technical underpinnings, system architecture, tariff structure, geographical
coverage, or organizational model. They are defined to treat technical details that can be different
among technologies and vendors or vary over time as a “black box”.
They focus solely on the outcome of the charging process, i.e. the amount charged in relation to a premeasured
or theoretically correct amount, rather than intermediate variables from various components
as sensors, such as positioning accuracy, signal range, or optical resolution. This approach ensures
comparable results for each metric in all relevant situations.
The metrics are designed to cover the information exchanged on the Front End interface and the
interoperability interfaces between Toll Service Providers, Toll Chargers and Road Users as well as on
the End-to-End level.
Metrics on the following information exchanges are defined:
— Charge Reports;
— Toll Declarations;
— Billing Details and associated event data;
— Payment Claims on the level of toll service user accounts;
— User Accounts;
— End-to-End Metrics which assess the overall performance of the charging process.
The details on the rationale of this choice are described in 5.1.
The proposed metrics are specifically addressed to protect the interests of the actors in a toll system,
such as Toll Service Providers, Toll Chargers and Road Users. The metrics can be used to define
requirements (e.g. for requests for proposals) and for performance assessment.
This document recognises two types of situations where a performance assessment is necessary:
a) when an assessment is carried out during a limited time span, such as when formulating
requirements and assessing systems for acquisition purposes, conducting acceptance testing as
assessment is referred to as an evaluation;
b) when an assessment is needed as an ongoing supervision process, throughout the lifetime of
a system, in order to validate contracted service levels, to identify fraud or malfunction, or to
support ongoing maintenance and performance improvement processes. This type of assessment is
referred to as monitoring.

The ISO 16410 series provides a suite of tests in order to assess compliance of the Front End and Back End behaviours in relation to the requirements in ISO 17575‑3. ISO 16410-1:2017 contains the definition of such tests in the form of test purposes, listing the required initial conditions, references and individual steps in a structured textual manner. ISO 16410‑2 contains the identical tests written in testing and test control notation version 3 (TTCN v3).
The test purposes defined in ISO 16410-1:2017 reflect the structural and semantic requirements stated in ISO 17575‑3.
- Presence/absence of particular data elements (see ISO 17575‑3:2016, 8.5.5);
- Semantics related to various data elements, e.g.:
- Activation of context data and handling multiple contexts (see ISO 17575‑3:2016, 8.3);
- Handling the precedence and priority levels (see ISO 17575‑3:2016, 8.5.2 to 8.5.4);
- Uniqueness of relevant data elements (see ISO 17575‑3:2016, 8.5.2 to 8.5.4);
- Correct definition of the charge objects (see ISO 17575‑3:2016, 8.5.4);
- Fee calculation algorithm (see ISO 17575‑3:2016, 8.5.3.7);
- Security (see ISO 17575‑3:2016, 7.2).
With regard to the individual data sets and EFC attributes defined in ISO 17575‑3, the test purposes have been organized into the test suite groups, designated for the Front End and Back End respectively.
In addition to the test purposes, ISO 16410-1:2017 also provides proforma conformance test report templates for both the Front End and Back End test purposes and an informative statement on the usage of ISO 16410-1:2017 for the European electronic toll service (EETS).
For more information regarding the requirements against which the conformance is evaluated in ISO 16410-1:2017, refer to ISO 17575‑3.
Testing of the following behaviours and functionalities is outside the scope of ISO 16410-1:2017:
- dynamic behaviour, i.e. sequence of messages and triggering events that must be exchanged/happen to fulfil certain charging scenarios;
- profiles and business logic built on top of particular pricing schemas;
- behaviour invalid of Front End and Back End, BI test purposes are not applicable for any test purpose group (as ISO 17575‑3 does not specify behaviour invalid).

The ISO 16407 series of standards specifies a suite of tests in order to assess the Front End and Back End behaviour compliancy towards the requirements listed in ISO 17575-1. ISO 16407-1:2017 contains the definition of such tests in the form of test purposes, listing the required initial conditions, references and individual steps in a structured textual manner.

ISO 25110:2017 defines the data transfer models between roadside equipment (RSE) and integrated circuit card (ICC) and the interface descriptions between the RSE and on-board equipment (OBE) for on-board accounts using the ICC. It also provides examples of interface definitions and transactions deployed in several countries.

ISO/TS 17444-2:2017 defines the Examination Framework for the measurement of charging performance metrics defined in ISO/TS 17444‑1 to be used during Evaluation and/or on-going Monitoring.
It specifies a method for the specification and documentation of a Specific Examination Framework which can be used by the responsible entity to evaluate charging performance for a particular information exchange interface or for overall charging performance within a Toll Scheme.
It provides a toolbox of Examination Tests for the roles of Toll Charger and Toll Service Provider for the following Scheme types:
a) DSRC Discrete;
b) Autonomous Discrete;
c) Autonomous Continuous.
The detailed choice of the set of examination tests to be used depends on the application and the respective context. Compliance with this specification is understood as using the definitions and prescriptions laid out in ISO/TS 17444-2:2017 whenever the respective system aspects are subjected to performance measurements, rather than using other definitions and examination methods than the ones specified in ISO/TS 17444-2:2017.
The following aspects are outside the scope of ISO/TS 17444-2:2017.
- ISO/TS 17444-2:2017 does not propose specific numeric performance bounds, or average or worst-case error bounds in percentage or monetary units. Those decisions are left to the Toll Charger (or to agreements between Toll Charger and Service Provider). ISO/TS 17444-2:2017 does not consider the evaluation of the expected performance of a system based on modelling and measured data from trial at another place.
- ISO/TS 17444-2:2017 does not consider the specification of a common reference system which would be required for comparison of performance between systems.
- ISO/TS 17444-2:2017 defines measurements only on standardized interfaces. Proprietary interfaces are excluded, because it is not possible to define standardized metrics on such system properties. These excluded interfaces are among others the link between Toll Charger RSE and central systems in DSRC systems, and the additional sensor input of GNSS modules (inertial sensors, CAN-bus for wheel ticks, etc.).

ISO/TS 17444-1:2017 defines metrics for the charging performance of electronic fee collection (EFC) systems in terms of the level of errors associated with charging computation.
ISO/TS 17444-1:2017 is a toolbox standard of metrics. The detailed choice of metrics depends on the application and the respective context.
ISO/TS 17444-1:2017 describes a set of metrics with appropriate definitions, principles and formulations, which together make up a reference framework for the establishment of requirements for EFC systems and their later examination of the charging performance.
The charging performance metrics defined in ISO/TS 17444-1:2017 are intended for use with any Charging Scheme, regardless of its technical underpinnings, system architecture, tariff structure, geographical coverage, or organizational model. They are defined to treat technical details that can be different among technologies and vendors or vary over time as a "black box".
They focus solely on the outcome of the charging process, i.e. the amount charged in relation to a pre-measured or theoretically correct amount, rather than intermediate variables from various components as sensors, such as positioning accuracy, signal range, or optical resolution. This approach ensures comparable results for each metric in all relevant situations.
The metrics are designed to cover the information exchanged on the Front End interface and the interoperability interfaces between Toll Service Providers, Toll Chargers and Road Users as well as on the End-to-End level.

This Technical Specification defines an application interface definition by selecting suitable options from the base standard EN ISO 12855:2015. Furthermore, it defines transfer mechanisms and supporting functions to ensure the interoperability between TCs and TSPs.
This Technical Specification covers:
-   exchange of information between the central equipment associated with the two roles service provision and toll charging, e.g.:
-   charging related data (exception lists, toll declarations, billing details, payment claims);
-   administrative data (trust objects, EFC context data, contact details for enforcement, etc.);
-   confirmation data.
-   transfer mechanisms and supporting functions;
-   semantics of data elements;
-   implementation conformance statement proforma (Annex A), as a basis for assessment of conformity to this Technical Specification;
-   an Interoperability statement proforma (Annex B), as a basis for assessment of transactional intereoperability of two technical implementations;
-   a web service definition (Annex C) for the use of web services as communication technology.
The implementation of the underlying back office systems and their business processes is not covered. Therefore, outside of the scope is in particular:
-   details on how to achieve security using the authenticator data elements of the base standards;
-   how to operate compliance checking and the enforcement process;
-   commercial aspects;
-   definition of non-functional features such as performance indicators like accuracy, availability and reporting requirements.
This Technical Specification further provides an assessment of support of the EETS (Annex D) and an explanation how to read the unified modelling language (UML) diagrams (Annex E) that are used in this document.

This Technical Specification defines an application interface definition by selecting suitable options from the base standard EN ISO 12855:2015. Furthermore, it defines transfer mechanisms and supporting functions to ensure the interoperability between TCs and TSPs.
This Technical Specification covers:
-   exchange of information between the central equipment associated with the two roles service provision and toll charging, e.g.:
-   charging related data (exception lists, toll declarations, billing details, payment claims);
-   administrative data (trust objects, EFC context data, contact details for enforcement, etc.);
-   confirmation data.
-   transfer mechanisms and supporting functions;
-   semantics of data elements;
-   implementation conformance statement proforma (Annex A), as a basis for assessment of conformity to this Technical Specification;
-   an Interoperability statement proforma (Annex B), as a basis for assessment of transactional intereoperability of two technical implementations;
-   a web service definition (Annex C) for the use of web services as communication technology.
The implementation of the underlying back office systems and their business processes is not covered. Therefore, outside of the scope is in particular:
-   details on how to achieve security using the authenticator data elements of the base standards;
-   how to operate compliance checking and the enforcement process;
-   commercial aspects;
-   definition of non-functional features such as performance indicators like accuracy, availability and reporting requirements.
This Technical Specification further provides an assessment of support of the EETS (Annex D) and an explanation how to read the unified modelling language (UML) diagrams (Annex E) that are used in this document.

This document specifies the test suite structure (TSS) and test purposes (TP) to evaluate the conformity
of on-board units (OBU) and roadside equipment (RSE) to ISO 13141.
It provides a basis for conformance tests for dedicated short-range communication (DSRC) equipment
(on-board units and roadside units) to enable interoperability between different equipment supplied by
different manufacturers.

This document specifies the abstract test suite (ATS) to evaluate the conformity of on-board equipment
(OBE) and roadside equipment (RSE) to ISO 13141:2015 in accordance with the test suite structure and
test purposes defined in ISO 13140-1:2016.
It provides a basis for conformance tests for dedicated short-range communication (DSRC) equipment
(OBE and RSE) to support interoperability between different equipment supplied by different
manufacturers.
NOTE The OBE and RSE are subject to additional testing in order to ascertain that they fulfil the essential
radio requirements as set out in European Directives, a pre-requisite for CE marking and placing on the European
market. They are also likely to be subject to additional testing of physical, environmental endurance, quality
assurance and control at manufacturing, charge point integration, as part of factory, site and system acceptance
testing. The definition of these tests is outside the scope of this document.

This document specifies the abstract test suite (ATS) to evaluate the conformity of on-board equipment
(OBE) and roadside equipment (RSE) to ISO 12813 in accordance with the test suite structure and test
purposes defined in ISO 13143-1:2016.
It provides a basis for conformance tests for dedicated short-range communication (DSRC) equipment
(OBE and RSE) to enable interoperability between equipment supplied by different manufacturers.
In order to ascertain that OBE and RSE fulfil essential radio requirements, they are also likely to be
subject to additional factory, site and system acceptance testing (e.g. of physical and environmental
endurance, quality assurance and control at manufacturing, and charge point integration), which is
outside the scope of this document.
NOTE For example, within the European market, the essential radio requirements are set out in European
Directives, compliance with which is a prerequisite for CE marking and placing on the European market.

This Technical Specification defines an application interface definition by selecting suitable options from the base standard ISO 12855:2015. Furthermore, it defines transfer mechanisms and supporting functions to ensure the interoperability between TCs and TSPs.
This Technical Specification covers:
   exchange of information between the central equipment associated with the two roles service provision and toll charging, e.g.:
   charging related data (exception lists, toll declarations, billing details, payment claims);
   administrative data (trust objects, EFC context data, contact details for enforcement, etc.);
   confirmation data.
   transfer mechanisms and supporting functions;
   semantics of data elements;
   implementation conformance statement proforma (Annex A), as a basis for assessment of conformity to this Technical Specification;
   an Interoperability statement proforma (Annex B), as a basis for assessment of transactional intereoperability of two technical implementations;
   a web service definition (Annex C) for the use of web services as communication technology.
The implementation of the underlying back office systems and their business processes is not covered. Therefore, outside of the scope is in particular:
   details on how to achieve security using the authenticator data elements of the base standards;
   how to operate compliance checking and the enforcement process;
   commercial aspects;
   definition of non-functional features such as performance indicators like accuracy, availability and reporting requirements.
This Technical Specification further provides an assessment of support of the EETS (Annex D) and an explanation how to read the UML diagrams that are used (Annex E).

The objective of this document is to provide a basis for conformance tests for DSRC equipment (on board units and roadside units) to support interoperability between different equipment supplied by different manufacturers.

This European Standard specifies the abstract test suite (ATS) to evaluate the conformity of on-board equipment (OBE) and roadside equipment (RSE) to EN 15509 in accordance with the test suite structure and test purposes defined in EN 15876-1:2016.
The objective of the present document is to provide a basis for conformance tests for DSRC equipment (OBE and RSE) to support interoperability between different equipment supplied by different manufacturers.