🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BS EN IEC 62056-5-3:2023

BS EN IEC 62056-5-3:2023

$215.11

Electricity metering data exchange. The DLMS®/COSEM suite – DLMS®/COSEM application layer

Published By Publication Date Number of Pages
BSI 2023 382
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Category:

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This part of IEC 62056 specifies the DLMS®/COSEM application layer in terms of structure, services and protocols for DLMS®/COSEM clients and servers, and defines rules to specify the DLMS®/COSEM communication profiles. It defines services for establishing and releasing application associations, and data communication services for accessing the methods and attributes of COSEM interface objects, defined in IEC 62056-6-2:2021 using either logical name (LN) or short name (SN) referencing. Annex A (normative) defines how to use the COSEM application layer in various communication profiles. It specifies how various communication profiles can be constructed for exchanging data with metering equipment using the COSEM interface model, and what are the necessary elements to specify in each communication profile. The actual, media-specific communication profiles are specified in separate parts of the IEC 62056 series. Annex B (normative) specifies the SMS short wrapper. Annex C (normative) specifies the gateway protocol. Annex D, Annex E and Annex F (informative) include encoding examples for APDUs. Annex G (normative) provides NSA Suite B elliptic curves and domain parameters. Annex H (informative) provides an example of an End entity signature certificate using P-256 signed with P-256. Annex I (normative) specifies the use of key agreement schemes in DLMS®/COSEM. Annex J (informative) provides examples of exchanging protected xDLMS APDUs between a third party and a server. Annex K (informative) lists the main technical changes in this edition of the standard.

PDF Catalog

PDF Pages PDF Title
2 undefined
5 Annex ZA (normative)Normative references to international publicationswith their corresponding European publications
8 English
CONTENTS
18 FOREWORD
20 INTRODUCTION
21 1 Scope
2 Normative references
23 3 Terms, definitions, abbreviated terms and symbols
3.1 General DLMS®/COSEM definitions
28 3.2 Definitions related to cryptographic security
38 3.3 Definitions and abbreviated terms related to the Galois/Counter Mode
40 3.4 General abbreviated terms
44 3.5 Symbols related to the Galois/Counter Mode
3.6 Symbols related the ECDSA algorithm
45 3.7 Symbols related to the key agreement algorithms
4 Overview of DLMS®/COSEM
4.1 Information exchange in DLMS®/COSEM
4.1.1 General
46 4.1.2 Communication model
47 4.1.3 Naming and addressing
Figures
Figure 1 – Client–server model and communication protocols
48 Figure 2 – Naming and addressing in DLMS®/COSEM
49 Tables
Table 1 – Client XE “Client” and server XE “Server” SAPs
50 4.1.4 Connection oriented operation
Figure 3 – A complete communication session in the CO environment
51 4.1.5 Application associations
52 4.1.6 Messaging patterns XE “Messaging patterns”
53 4.1.7 Data exchange between third parties and DLMS®/COSEM servers
Figure 4 – DLMS®/COSEM messaging patterns
54 4.1.8 Communication profiles XE “Communication profile”
55 Figure 5 – DLMS®/COSEM generic communication profile XE “Generic communication profile”
56 4.1.9 Model of a DLMS®/COSEM metering system
4.1.10 Model of DLMS®/COSEM servers XE “DLMS/COSEM server model”
Figure 6 – Model of a DLMS®/COSEM metering system
57 Figure 7 – DLMS®/COSEM server model
58 4.1.11 Model of a DLMS®/COSEM client XE “DLMS/COSEM client model”
Figure 8 – Model of a DLMS®/COSEM client using multiple protocol stacks
59 4.1.12 Interoperability XE “Interoperability” and interconnectivity XE “Interconnectivity” in DLMS®/COSEM
4.1.13 Ensuring interconnectivity: the protocol identification service XE “Protocol identification service”
4.1.14 System integration XE “System integration” and meter installation XE “Meter installation”
60 4.2 DLMS®/COSEM application layer main features
4.2.1 General
4.2.2 DLMS®/COSEM application layer structure XE “DLMS/COSEM AL, structure”
Figure 9 – The structure of the DLMS®/COSEM application layers
61 4.2.3 The Association Control Service Element XE “Association Control Service Element” , ACSE
62 4.2.4 The xDLMS application service element XE “xDLMS ASE”
67 Figure 10 – The concept of composable xDLMS messages
69 Table 2 – Clarification of the meaning of PDU size for DLMS®/COSEM
70 4.2.5 Layer management services XE “DLMS/COSEM AL, layer management services”
4.2.6 Summary of DLMS®/COSEM application layer services
Figure 11 – Summary of DLMS®/COSEM AL services
71 4.2.7 DLMS®/COSEM application layer protocols XE “DLMS/COSEM AL, protocol specification”
5 Information security in DLMS®/COSEM
5.1 Overview
5.2 The DLMS®/COSEM security concept XE “DLMS/COSEM security concept”
5.2.1 Overview
72 5.2.2 Identification and authentication
73 Figure 12 – Authentication mechanisms
75 5.2.3 Security context XE “Security context”
5.2.4 Access rights XE “Access right”
5.2.5 Application layer message security XE “Application layer message security”
76 Figure 13 – Client – server message security concept XE “Message security, client – server”
77 Figure 14 – End-to-end message security XE “Message security, end-to-end” concept
78 5.2.6 COSEM data security XE “COSEM data security”
5.3 Cryptographic algorithms XE “Cryptographic algorithm”
5.3.1 Overview
5.3.2 Hash function XE “Hash function”
79 5.3.3 Symmetric key algorithms XE “Symmetric key algorithm”
Figure 15 – Hash function
80 Figure 16 – Encryption and decryption
81 Figure 17 – Message Authentication Codes (MACs)
83 Figure 18 – GCM functions
86 5.3.4 Public key algorithms XE “Public key algorithm”
87 Table 3 – Elliptic curves in DLMS®/COSEM security suites
89 Figure 19 – Digital signatures
91 Figure 20 – C(2e, 0s) scheme: each party contributes only an ephemeral key pair
Table 4 – Ephemeral Unified Model key agreement scheme summary
92 Figure 21 – C(1e, 1s) schemes: party U contributes an ephemeral key pair, and party V contributes a static key pair
93 Table 5 – One-pass Diffie-Hellman key agreement scheme summary
94 Figure 22 – C(0e, 2s) scheme: each party contributes only a static key pair
95 Table 6 – Static Unified Model key agreement scheme summary
96 5.3.5 Random number generation XE “Random number generation”
Table 7 – OtherInfo subfields and substrings
Table 8 – Security algorithm ID-s XE “Security algorithm ID”
97 5.3.6 Compression XE “Compression”
5.3.7 Security suite XE “Security suite”
Table 9 – DLMS®/COSEM security suites
98 5.4 Cryptographic keys – overview
5.5 Key used with symmetric key algorithms
5.5.1 Symmetric keys XE “Symmetric key” types
99 Table 10 – Symmetric keys types
100 5.5.2 Key information XE “Key information” with general-ciphering APDU and data protection
5.5.3 Key identification XE “Key identification”
Table 11 – Key information with general-ciphering APDU and data protection
101 5.5.4 Key wrapping XE “Key wrapping”
5.5.5 Key agreement XE “Key agreement”
102 5.5.6 Symmetric key cryptoperiods XE “Cryptoperiod”
5.6 Keys used with public key algorithms XE “Public key algorithm”
5.6.1 Overview
5.6.2 Key pair generation XE “Key pair generation”
Table 12 – Asymmetric keys types and their use
103 5.6.3 Public key certificates and infrastructure
105 Figure 23 – Architecture of a Public Key Infrastructure (example)
106 5.6.4 Certificate and certificate extension profile XE “Certificate and certificate extension profile”
Table 13 – X.509 v3 Certificate structure
107 Table 14 – X.509 v3 tbsCertificate fields
108 Table 15 – Naming scheme for the Root-CA instance (informative)
Table 16 – Naming scheme for the Sub-CA instance (informative)
109 Table 17 – Naming scheme for the end entity instance
111 Table 18 – X.509 v3 Certificate extensions
112 Table 19 – Key Usage extensions
Table 20 – Subject Alternative Name values
113 Table 21 – Issuer Alternative Name values
Table 22 – Basic constraints extension values
114 5.6.5 Suite B end entity certificate XE “End entity certificate” types to be supported by DLMS®/COSEM servers
5.6.6 Management of certificates
Table 23 – Certificates handled by DLMS®/COSEM end entities
115 Figure 24 – MSC for provisioning the server with CA certificates
116 Figure 25 – MSC for security personalisation of the server
117 Figure 26 – Provisioning the server with the certificate of the client
118 Figure 27 – Provisioning the client / third party with a certificate of the server
Figure 28 – Remove certificate from the server
119 5.7 Applying cryptographic protection
5.7.1 Overview
5.7.2 Protecting xDLMS APDUs
Table 24 – Security policy values (“Security setup” version 1)
120 Table 25 – Access rights values (“Association LN” ver 3 “Association SN” ver 4)
121 Table 26 – Ciphered xDLMS APDUs
122 Figure 29 – Cryptographic protection of information using AES-GCM
123 Table 27 – Security control byte
Table 28 – Plaintext and Additional Authenticated Data
124 Figure 30 – Structure of service-specific global XE “Service-specific global ciphering” / dedicated ciphering XE “Service-specific dedicated ciphering” xDLMS APDUs
125 Figure 31 – Structure of general-glo-ciphering and general-ded-ciphering xDLMS APDUs
126 Figure 32 – Structure of general-ciphering xDLMS APDUs
127 Table 29 – Use of the fields of the ciphering xDLMS APDUs
128 Table 30 – Example: glo-get-request xDLMS APDU
130 Table 31 – ACCESS service with general-ciphering, One-Pass Diffie-Hellman C(1e, 1s, ECC CDH) key agreement scheme
132 5.7.3 Multi-layer protection XE “Multi-layer protection” by multiple parties
Figure 33 – Structure of general-signing APDUs
133 5.7.4 HLS authentication XE “HLS authentication” mechanisms
134 Table 32 – DLMS®/COSEM HLS authentication mechanisms
135 Table 33 – HLS example using authentication-mechanism 5 with GMAC
136 5.7.5 Protecting COSEM data XE “COSEM data protection”
Table 34 – HLS example using authentication-mechanism 7 with ECDSA
137 6 DLMS®/COSEM application layer service specification XE ” COSEM AL, service specification”
6.1 Service primitives and parameters
Figure 34 – Service primitives
138 Figure 35 – Time sequence diagrams
139 6.2 The COSEM-OPEN service XE “COSEM-OPEN service”
Table 35 – Codes for AL service parameters
140 Table 36 – Service parameters of the COSEM-OPEN service primitives
144 6.3 The COSEM-RELEASE service XE “COSEM-RELEASE service”
Table 37 – Service parameters of the COSEM-RELEASE service primitives
147 6.4 COSEM-ABORT service XE “COSEM-ABORT service”
6.5 Protection and general block transfer XE “General block transfer” parameters
Table 38 – Service parameters of the COSEM-ABORT service primitives
148 Figure 36 – Additional service parameters to control cryptographic protection and GBT
149 Table 39 – Additional service parameters
150 Table 40 – Security parameters
151 Table 41 – APDUs used with security protection types
152 6.6 The GET service XE “GET service”
153 Table 42 – Service parameters of the GET service
154 Table 43 – GET service request and response types
155 6.7 The SET service XE “SET service”
156 Table 44 – Service parameters of the SET service
157 Table 45 – SET service request and response types
159 6.8 The ACTION service XE “ACTION service”
Table 46 – Service parameters of the ACTION service
160 Table 47 – ACTION service request and response types
162 6.9 The ACCESS service
6.9.1 Overview – Main features
164 6.9.2 Service specification
165 Table 48 – Service parameters of the ACCESS service
168 6.10 The DataNotification service XE “DataNotification service”
169 Table 49 – Service parameters of the DataNotification service primitives
170 6.11 The EventNotification service XE “EventNotification service”
Table 50 – Service parameters of the EventNotification service primitives
171 6.12 The TriggerEventNotificationSending service XE “TriggerEventNotificationSending service”
Table 51 – Service parameters of the TriggerEventNotificationSending.request service primitive
172 6.13 Variable access specification XE “Variable Access Specification”
6.14 The Read service XE “Read service”
Table 52 – Variable Access Specification
173 Table 53 – Service parameters of the Read service
174 Table 54 – Use of the Variable_Access_Specification variants and the Read.response choices
176 6.15 The Write service XE “Write service”
177 Table 55 – Service parameters of the Write service
178 Table 56 – Use of the Variable_Access_Specification variants and the Write.response choices
179 6.16 The UnconfirmedWrite service XE “UnconfirmedWrite service”
180 Table 57 – Service parameters of the UnconfirmedWrite service
Table 58 – Use of the Variable_Access_Specification variants
181 6.17 The InformationReport service XE “InformationReport service”
Table 59 – Service parameters of the InformationReport service
182 6.18 Client side layer management services: the SetMapperTable.request XE “AL, management services” XE “Client side layer management services” XE “SetMapperTables.request”
6.19 Summary of services and LN/SN data transfer service mapping XE “LN/SN data transfer service mapping”
Table 60 – Service parameters of the SetMapperTable.request service primitives
Table 61 – Summary of ACSE services
183 7 DLMS®/COSEM application layer protocol specification XE “COSEM application layer, protocol specification”
7.1 The control function XE “Control function”
7.1.1 State definitions of the client side control function
Table 62 – Summary of xDLMS services XE “xDLMS services, LN referencing”
184 Figure 37 – Partial state machine for the client side control function
185 7.1.2 State definitions of the server side control function
186 Figure 38 – Partial state machine for the server side control function
187 7.2 The ACSE services and APDUs XE “ACSE services and APDUs”
7.2.1 ACSE functional units XE “ACSE functional units” , services and service parameters
188 Table 63 – Functional Unit APDUs and their fields
190 7.2.2 Registered COSEM names XE “Registered COSEM names”
192 Table 64 – COSEM application context names XE “COSEM application context name”
Table 65 – COSEM authentication mechanism names XE “COSEM authentication mechanism name”
193 7.2.3 APDU encoding rules
7.2.4 Protocol for application association establishment XE “Application association, establishment”
Table 66 – Cryptographic algorithm ID-s
195 Figure 39 – MSC for successful AA establishment preceded by a successful lower layer connection establishment
199 7.2.5 Protocol for application association release XE “Application association, release”
200 Figure 40 – Graceful AA release using the A-RELEASE service
201 Figure 41 – Graceful AA release by disconnecting the supporting layer
202 7.3 Protocol for the data transfer services XE “Data transfer services, protocol”
7.3.1 Negotiation of services and options – the conformance block XE “Conformance block”
Figure 42 – Aborting an AA following a PH-ABORT.indication
203 7.3.2 Confirmed and unconfirmed service invocations
Table 67 – xDLMS Conformance block
205 7.3.3 Protocol for the GET service XE “GET service”
Figure 43 – MSC of the GET service
Table 68 – GET service types and APDUs
206 Figure 44 – MSC of the GET service with block transfer
208 7.3.4 Protocol for the SET service XE “SET service”
Figure 45 – MSC of the GET service with block transfer, long GET aborted
Table 69 – SET service types and APDUs
209 Figure 46 – MSC of the SET service
Figure 47 – MSC of the SET service with block transfer
211 7.3.5 Protocol for the ACTION service XE “ACTION service”
Figure 48 – MSC of the ACTION service
Table 70 – ACTION service types and APDUs
213 7.3.6 Protocol for the ACCESS service XE “ACCESS service”
Figure 49 – MSC of the ACTION service with block transfer
214 7.3.7 Protocol of the DataNotification service
Figure 50 – Access Service with long response
Figure 51 – Access Service with long request and response
215 Figure 52 – MSC for the DataNotification service, case a)
216 Figure 53 – MSC for the DataNotification service, case b)
217 7.3.8 Protocol for the EventNotification service
Figure 54 – MSC for the DataNotification service, case c)
218 7.3.9 Protocol for the Read service XE “Read service”
Table 71 – Mapping between the GET and the Read services
219 Table 72 – Mapping between the ACTION and the Read services
220 Figure 55 – MSC of the Read service used for reading an attribute
Figure 56 – MSC of the Read service used for invoking a method
221 7.3.10 Protocol for the Write service XE “Write service”
Figure 57 – MSC of the Read Service used for reading an attribute, with block transfer
222 Table 73 – Mapping between the SET and the Write services
223 Table 74 – Mapping between the ACTION and the Write service
224 Figure 58 – MSC of the Write service used for writing an attribute
Figure 59 – MSC of the Write service used for invoking a method
225 7.3.11 Protocol for the UnconfirmedWrite service XE “UnconfirmedWrite service”
Figure 60 – MSC of the Write Service used for writing an attribute, with block transfer
226 7.3.12 Protocol for the InformationReport service XE “InformationReport service”
Figure 61 – MSC of the Unconfirmed Write service used for writing an attribute
Table 75 – Mapping between the SET and the UnconfirmedWrite services
Table 76 – Mapping between the ACTION and the UnconfirmedWrite services
227 7.3.13 Protocol of general block transfer mechanism
Table 77 – Mapping between the EventNotification and InformationReport services
229 Figure 62 – Partial service invocations and GBT APDUs
232 Figure 63 – The GBT procedure
234 Table 78 – GBT procedure state variables
236 Figure 64 – Send GBT APDU stream sub-procedure
238 Figure 65 – Process GBT APDU sub-procedure
240 Figure 66 – Check RQ and fill gaps sub-procedure
241 Figure 67 – GET service with GBT, switching to streaming
242 Figure 68 – GET service with partial invocations, GBT and streaming,recovery of 4th block sent in the 2nd stream
244 Figure 69 – GET service with partial invocations, GBT and streaming,recovery of 4th and 5th block
245 Figure 70 – GET service with partial invocations,GBT and streaming, recovery of last block
246 Figure 71 – SET service with GBT, with server not supporting streaming,recovery of 3rd block
247 Figure 72 – ACTION-WITH-LIST service with bi-directional GBT and block recovery
249 7.3.14 Protocol of exception mechanism
Figure 73 – DataNotification service with GBT with partial invocation
250 8 Abstract syntax XE “Abstract syntax, COSEM APDUs” of ACSE and COSEM APDUs
Table 79 – xDLMS exception mechanism
269 9 COSEM APDU XML schema XE “XML schema”
9.1 General
9.2 XML Schema
291 Annex A (normative)Using the DLMS®/COSEM application layer in various communications profiles
A.1 General
A.2 Targeted communication environments XE “Communication environment”
A.3 The structure of the profile XE “Communication profile structure”
A.4 Identification and addressing schemes XE “Identification and addressing scheme”
292 A.5 Supporting layer services and service mapping XE “Supporting layer services and service mapping”
A.6 Communication profile specific parameters of the COSEM AL services XE “Communication profile specific parameters”
A.7 Specific considerations / constraints using certain services within a given profile
A.8 The 3-layer, connection-oriented, HDLC based communication profile
A.9 The TCP-UDP/IP based communication profiles (COSEM_on_IP)
A.10 The wired and wireless M-Bus communication profiles
A.11 The S-FSK PLC profile
293 Annex B (normative)SMS short wrapper
Figure B.1 – Short wrapper
Table B.1 – Reserved Application Processes
294 Annex C (normative)Gateway protocol
C.1 General
Figure C.1 – General architecture with gateway
295 C.2 The gateway protocol XE “Gateway protocol”
Figure C.2 – The fields used for pre-fixing the COSEM APDUs
296 C.3 HES in the WAN/NN acting as Initiator (Pull operation XE “Pull operation” )
Figure C.3 – Pull message sequence chart
297 C.4 End devices in the LAN acting as Initiators (Push operation XE “Push operation” )
C.4.1 General
C.4.2 End device with WAN/NN knowledge
C.4.3 End devices without WAN/NN knowledge
C.5 Security
Figure C.4 – Push message sequence chart
298 Annex D (informative)AARQ and AARE encoding examples
D.1 General
D.2 Encoding of the xDLMS InitiateRequest / InitiateResponse APDU
299 Table D.1 – Conformance block
300 Table D.2 – A-XDR encoding of the xDLMS InitiateRequest APDU
301 D.3 Specification of the AARQ and AARE APDUs
Table D.3 – A-XDR encoding of the xDLMS InitiateResponse APDU
302 D.4 Data for the examples
303 D.5 Encoding of the AARQ APDU
304 Table D.4 – BER encoding of the AARQ APDU
306 D.6 Encoding of the AARE APDU
Table D.5 – Complete AARQ APDU
307 Table D.6 – BER encoding of the AARE APDU
311 Table D.7 – The complete AARE APDU
312 Annex E (informative)Encoding examples: AARQ and AARE APDUs using a ciphered application context
E.1 A-XDR encoding of the xDLMS InitiateRequest APDU, carrying a dedicated key
313 E.2 Authenticated encryption of the xDLMS InitiateRequest APDU
Table E.1 – A-XDR encoding of the xDLMS InitiateRequest APDU
314 E.3 The AARQ APDU
Table E.2 – Authenticated encryption of the xDLMS InitiateRequest APDU
315 Table E.3 – BER encoding of the AARQ APDU
316 E.4 A-XDR encoding of the xDLMS InitiateResponse APDU
317 E.5 Authenticated encryption of the xDLMS InitiateResponse APDU
Table E.4 – A-XDR encoding of the xDLMS InitiateResponse APDU
318 E.6 The AARE APDU
Table E.5 – Authenticated encryption of the xDLMS InitiateResponse APDU
319 Table E.6 – BER encoding of the AARE APDU
320 E.7 The RLRQ APDU (carrying a ciphered xDLMS InitiateRequest APDU)
Table E.7 – BER encoding of the RLRQ APDU
321 E.8 The RLRE APDU (carrying a ciphered xDLMS InitiateResponse APDU)
Table E.8 – BER encoding of the RLRE APDU
322 Annex F (informative)Data transfer service examples
F.1 GET / Read, SET / Write examples
Table F.1 – The objects used in the examples
323 Table F.2 – Example: Reading the value of a single attribute without block transfer
324 Table F.3 – Example: Reading the value of a list of attributes without block transfer
326 Table F.4 – Example: Reading the value of a single attribute with block transfer
328 Table F.5 – Example: Reading the value of a list of attributes with block transfer
331 Table F.6 – Example: Writing the value of a single attribute without block transfer
332 Table F.7 – Example: Writing the value of a list of attributes without block transfer
334 Table F.8 – Example: Writing the value of a single attribute with block transfer
336 Table F.9 – Example: Writing the value of a list of attributes with block transfer
339 F.2 ACCESS service XE “ACCESS service” example
Table F.10 – Example: ACCESS service without block transfer
340 F.3 Compact array encoding example
F.3.1 General
341 F.3.2 The specification of compact-array
342 F.3.3 Example 1: Compact array encoding an array of five long-unsigned values
343 F.3.4 Example 2: Compact-array encoding of five octet-string values
344 F.3.5 Example 3: Encoding of the buffer of a Profile generic object
345 F.4 Profile generic IC buffer attribute encoding examples
F.4.1 General
346 F.4.2 Get-response with Profile generic normal encoding example
Table F.11 – Profile generic buffer – get-response with normal encoding
348 F.4.3 Get-response with Profile generic null-data compressed encoding example
Table F.12 – Profile generic buffer – get-response with null-data compression
351 F.4.4 Get-response with Profile generic compact-array encoding example
Table F.13 – Profile generic buffer – get-response with compact-array encoding
353 F.4.5 Get-response with Profile generic null-data and delta-value encoding example
354 Table F.14 – Profile generic buffer – Get-response with null-dataand delta-value encoding
356 F.4.6 Comparison of various encoding methods for Get-response APDU
F.4.7 Combination of the various encoding methods and V.44 compression
Table F.15 – Comparison of various encoding methods for get-response APDU
357 Table F.16 – Combination of the various encoding methodsand V.44 compression for get-response APDU
358 Annex G (normative)NSA Suite B XE “NSA Suite B” elliptic curves and domain parameters
Table G.1 – ECC_P256_Domain_Parameters XE “ECC_P256_Domain_Parameters”
359 Table G.2 – ECC_P384_Domain_Parameters XE “ECC_P384_Domain_Parameters”
360 Annex H (informative)Example of an End entity signature certificateusing P-256 signed with P-256
H.1 Fields of public key certificates
Table H.1 – Fields of public key Certificates using P-256 signed with P-256
361 H.2 Example of a Root-CA Certificate using P-256 signed with P-256
362 H.3 Example of an end entity digital signature Certificate using P-256 signed with P-256
363 Annex I (normative)Use of key agreement schemes in DLMS®/COSEM
I.1 Ephemeral Unified Model XE “Ephemeral Unified Model” C(2e, 0s, ECC CDH) scheme
Figure I.1 – MSC for key agreement using the Ephemeral Unified Model C(2e, 0s, ECC CDH) scheme
364 Table I.1 – Test vector for key agreement using theEphemeral Unified Model C(2e, 0s, ECC CDH) scheme
366 I.2 One-Pass Diffie-Hellman XE “One-Pass Diffie-Hellman” C(1e, 1s, ECC CDH) scheme
Figure I.2 – Ciphered xDLMS APDU protected by an ephemeral key established using the One-pass Diffie-Hellman (1e, 1s, ECC CDH) scheme
367 Table I.2 – Test vector for key agreement using theOne-pass Diffie-Hellman (1e, 1s, ECC CDH) scheme
369 I.3 Static Unified Model XE “Static Unified Model” C(0e, 2s, ECC CDH) scheme
370 Figure I.3 – Ciphered xDLMS APDU protected by an ephemeral key established using the Static Unified Model C(0e, 2s, ECC CDH) scheme
371 Table I.3 – Test vector for key agreement using theStatic-Unified Model (0e, 2s, ECC CDH) scheme
373 Annex J (informative)Exchanging protected xDLMS APDUs between TP and server
J.1 General
J.2 Example 1: Protection is the same in the two directions
374 J.3 Example 2: Protection is different in the two directions
Figure J.1 – Exchanging protected xDLMS APDUs between TP and server: example 1
375 Figure J.2 – Exchanging protected xDLMS APDUs between TP and server: example 2
376 Annex K (informative)Significant technical changes with respect to IEC 62056‑5‑3:2017
379 Bibliography

Related products

BS EN IEC 62056-5-3:2023
$215.11