ISO/NP 15118-22

Road vehicles — Vehicle to grid communication interface — Part 22: 2nd generation protocol security requirements conformance test plan

Scope

This document specifies all security-related test cases to be applied to and correctly handled by EVs (EVCC) and EVSEs (SECC) implementing ISO 15118-20 with AC and DC energy transfer modes only. The document considers the use cases defined in ISO 15118-1:2019.
The test system will comprise:
- A simulated SECC to verify the correct behaviour of a real EVCC
- A simulated EVCC to verify the correct behaviour of a real SECC
- Simulated PKIs and security backend systems to verify the correct behaviour of a real EVCC and SECC

The document specifies test cases for some of the security requirements defined in ISO 15118-20, verifying the following aspects:
- TLS handshake
- Certificate structure and profile
- Certificate validity and revocation check
- Plug-n-Charge authorization
- XML Signature
- End-to-end security

The test cases cover positive tests (according to ISO 15118-20). In addition, error scenarios (e.g., incorrectly formatted certificate, invalid TLS handshake, etc.).
The test cases will focus on black-box testing of EVCC and SECC while relevant secondary actors are under test system's control for reproduceable test results. The test cases will also test EVCC and SECC's behaviour or information (e.g., certificates) provided by them even if the origin of the information is from a secondary actor.
The test cases will be structured according to OSI-layers 2, 4, and 7, depending on their testability from a (non-) functional perspective (e.g., TLS, XMLSig.)
The test cases will include standard test case attributes like pre-conditions, test behaviours, expected results to evaluate pass or fail and post-conditions to be applied returning the system under test to a safe state.
This document specifies all security-related test cases to be applied to and correctly handled by EVs (EVCC) and EVSEs (SECC) implementing ISO 15118-20 with AC and DC energy transfer modes only. The document considers the use cases defined in ISO 15118-1:2019.
The test system will comprise:
- A simulated SECC to verify the correct behaviour of a real EVCC
- A simulated EVCC to verify the correct behaviour of a real SECC
- Simulated PKIs and security backend systems to verify the correct behaviour of a real EVCC and SECC

The document specifies test cases for some of the security requirements defined in ISO 15118-20, verifying the following aspects:
- TLS handshake
- Certificate structure and profile
- Certificate validity and revocation check
- Plug-n-Charge authorization
- XML Signature
- End-to-end security
The test cases cover positive tests (according to ISO 15118-20). In addition, error scenarios (e.g., incorrectly formatted certificate, invalid TLS handshake, etc.).
The test cases will focus on black-box testing of EVCC and SECC while relevant secondary actors are under test system's control for reproduceable test results. The test cases will also test EVCC and SECC's behaviour or information (e.g., certificates) provided by them even if the origin of the information is from a secondary actor.
The test cases will be structured according to OSI-layers 2, 4, and 7, depending on their testability from a (non-) functional perspective (e.g., TLS, XMLSig.)
The test cases will include standard test case attributes like pre-conditions, test behaviours, expected results to evaluate pass or fail and post-conditions to be applied returning the system under test to a safe state.