Next generation interconnected Tachograph: how to address privacy and data protection issues ? Vincent MAHIEU JRC ITS & Privacy workshop on June 12 th 2012 Click to buy NOW! P D F - X C h a n g e w w w . d o c u - t r a c k . c o m Click to buy NOW! P D F - X C h a n g e w w w . d o c u - t r a c k . c o m
16
Embed
Experience in implementation of the digital tachograph
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Next generation interconnected Tachograph:
how to address privacy and data protection issues ?
• An ideal recording equipment should be• Reliable and Available• Accurate• Safe• Easy to use both for drivers and enforcers• Cost-effective• Maintainable• Respect data protection and privacy• and provides trustworthy information that can be use in court as
evidence of infringement• This calls for special requirement on
• Data Integrity• Data Authenticity• Data Non-repudiation• Business continuity
• Driver card: personal and contains all the driver records• Control card: gives access to VU memory• Company card: allow VU memory back-up and archiving• Workshop card: Joker ! Activation, calibration, protected by PIN, contains all logs
Tachograph cards contain activity data, cryptographic keys (1024 bit RSA) andcertificates. Keys and certificates are used for mutual authentication to the Vehicle Unitand generating digital signature on the downloaded data.
Tachograph Cards
The 4 Tachograph smartcards are controllingdata access and protect the security and theprivacy of the personal data.
Absence of some information for effective controlAugment the recording equipment with a GNSS/GPS receiver to record the
positions (i.e. geographical coordinates) representing the start and endof the daily work period
• Automatic recording: saving driver’s time, more reliable than manual input• Use of free GNSS signals: position data and accurate time• Cost effective: no exploitation cost, limited cost of the GNSS receiver, limited costfor adapting the software of controllers• Clock synchronization of all recording equipments• GNSS signals can be used as independent source of motion tocorroborate motion sensor signal
Technical limitations of the recording equipment InterfacesThe current interface specifications are incomplete or obsolete and limits thedevelopment of ITS solutions/applications by third parties.
Open and standardized access to tachograph data
• Data buffered and refreshed: speed, total distance (odometer), currentposition, date and time. For specific applications: driver identification anddriver activity, driver card insertions
The proposal is• technically feasible at low costs, expected by several users• an opportunity to develop ITS applications in an open environment• an added value to the tachograph therefore less seen as only a ‘controlequipment’
• Efficiency and effectiveness by reducing the number of document issuances (applications, delays)• Reduction of costs (to be quantified, as an initial effort is necessary to merge the production and delivery of thedocuments)• Increase in the security, as it is expected that a merged document having higher and multiple values will be lesssubject to illicit exchanges, intentional loss or damage
• Multi apps smartcards have natural architectures and software implementationsguaranteeing full separation of the applications and impossibility of dataexchanges (it is possible, but needs to be specifically implemented)
• It remains that the risks, according to the final scenarios adopted, need to beassessed and quantified
• In the future, in an extended ITS environment, the driving license may becomethe identifier token to provide an e-Identity to the various systems, and acombined document may facilitate the implementation in professional vehicles.
The new technical features that are planned for the next generationaugmented tachograph call for specific provisions, still to be defined, assessed,reviewed and tested, in order to end with a fully compliant recording equipmentregarding Privacy, Personal Data Protection and Security
• Augmented Tachograph is challenging at Privacy Level
• Provisions to be developed and assessed
• Some solutions are identified, but still need to beconfronted with the reality of the end users
• The augmented tachograph will bring more intelligencein the transport and may become a key element of thefuture on-board platforms, offering a unique solutionfor the future ITS application requiring security andauthentication protocols