19.2.6 One-to-many ProSe direct communication/Pre-configured authorisation/Off-network / ProSe Direct Discovery for public safety use / Announcing UE procedure for group member discovery

36.523-13GPPEvolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Packet Core (EPC)Part 1: Protocol conformance specificationRelease 17TSUser Equipment (UE) conformance specification

19.2.6.1 Test Purpose (TP)

(1)

with { ProSe-enabled public safety UE being authorized for performing ProSe Direct Communication being provisioned with Radio parameters for when the UE is "not served by E-UTRAN" associated with a geographical area, and, UE out of coverage on the frequency used for sidelink communication and within the pre-set geographical area }

ensure that {

when { When the UE is triggered by an upper layer application to announce availability in a discovery group }

then { UE continuously announces its availability in the discovery group to other ProSe-enabled public safety UEs applying full protection on the discovery messages over PC5 utilising DUSK), DUCK and DUIK }

}

19.2.6.2 Conformance requirements

References: The conformance requirements covered in the present TC are specified in: TS 24.334, clauses 5.1.1, 10A.2.1, 10A.2.1A, 10A.2.6.1, 10A.2.6.2, TS 33.303, clauses 6.6.3.1, 6.6.3.2, 6.6.7. Unless otherwise stated these are Rel-13 requirements.

[TS 24.334, clause 5.1.1]

The service authorisation for ProSe direct discovery and ProSe direct communication determines whether the UE is authorised to use ProSe direct discovery and ProSe direct communication, in a particular PLMN or when not served by E-UTRAN. In this release of the specification, ProSe direct communication is supported only for Public Safety ProSe-enabled UE. The service authorisation is either:

1) pre-configured in the UE. The pre-configured service authorisation may be stored in the ME, or in the USIM as specified in 3GPP TS 31.102 [17], or in both the ME and the USIM. If both the ME and the USIM contain the same parameters, the values stored in the USIM shall take precedence. The UE shall not use the pre-configured service authorisation if the contents of the USIM indicate that the UE is not authorised to use them (see 3GPP TS 31.102 [17]); or

[TS 24.334, clause 10A.2.1]

The following procedures are defined for the ProSe direct discovery for public safety use:

– announcing UE procedure for group member discovery;

– monitoring UE procedure for group member discovery;

Each ProSe-enabled Public Safety UE needs to obtain the security parameters from the ProSe Key Management Function before participating in ProSe direct discovery for public safety use, as specified in 3GPP TS 33.303 [6]. For each given Relay Service Code in UE-to-network relay discovery or Discovery Group ID in group member discovery, the ProSe Key Management Function (PKMF) will provide the following in the security parameters:

– PSDK (Public Safety Discovery Key) and the associated Expiry Time for this PSDK;

– configurations to signal which combination of keys to be used for the discovery process; and

– optionally, if DUCK is to be used, an indication of which PC5_DISCOVERY message fields shall be protected by the DUCK.

After receiving the PSDK from the PKMF for the relay service or discovery group, the UE shall use it to derive specific DUIK, DUCK and DUSK needed to protect the ProSe direct discovery messages for the corresponding public safety use, as specified in 3GPP TS 33.303 [6].

[TS 24.334, clause 10A.2.1A]

The UE shall select the radio resource parameters to be used for ProSe direct discovery as follows:

– when the UE is not served by E-UTRAN or when the UE is served by E-UTRAN and intends to use the provisioned ProSe radio resources (i.e. carrier frequency):

1) if the UE can determine itself located in a geographical area, and the UE is provisioned with radio parameters for the geographical area, then the UE shall search for a cell with any PLMN operating the selected provisioned radio resources (i.e. carrier frequency) associated with that geographical area, and:

iii) if the UE does not find any such cell in any PLMN, then the UE shall use the provisioned radio resource parameters; or

2) else the UE shall not initiate ProSe direct discovery.

[TS 24.334, clause 10A.2.6.1]

The purpose of the announcing UE procedure for group member discovery is to enable a ProSe-enabled public safety UE to announce availability in a discovery group to other ProSe-enabled public safety UEs, upon a request from upper layers as defined in 3GPP TS 23.303 [2].

[TS 24.334, clause 10A.2.6.2]

The UE is authorised to perform the announcing UE procedure for group member discovery if:

a) the following is true:

1) the UE is not served by E-UTRAN, is authorised to perform ProSe direct discovery for public safety use announcing when the UE is not served by E-UTRAN as specified in clause 5, and is configured with the radio parameters to be used for ProSe direct discovery for public safety use when not served by E-UTRAN;

Figure 10A.2.6.2.1 illustrates the interaction of the UEs in the announcing UE procedure for group member discovery.

Figure 10A.2.6.2.1: Announcing UE procedure for group member discovery

When the UE is triggered by an upper layer application to announce availability in a discovery group, if the UE is authorised to perform the announcing UE procedure for group member discovery, then the UE:

b) shall obtain a valid UTC time for the discovery transmission from the lower layers and generate the UTC-based counter corresponding to this UTC time as specified in subclause 12.2.2.18;

c) shall generate a PC5_DISCOVERY message for Group Member Discovery Announcement according to subclause 11.2.5.1. In the PC5_DISCOVERY message for Group Member Discovery Announcement, the UE:

1) shall set the ProSe UE ID to the Layer 2 ID used for unicast communication configured in clause 5;

2) shall set the Announcer Info parameter to the User Info ID for the group member discovery parameter, configured in clause 5;

3) shall set the Discovery Group ID parameter to the Discovery Group ID parameter identifying the discovery group to be announced, configured in clause 5; and

4) shall set the UTC-based counter LSB parameter to include the eight least significant bits of the UTC-based counter;

d) shall apply the DUIK, DUSK, or DUCK with the associated Encrypted Bitmask, along with the UTC-based counter to the PC5_DISCOVERY message for whichever security mechanism(s) configured to be applied, e.g., integrity protection, message scrambling or confidentiality protection of one or more above parameters, as specified in 3GPP TS 33.303 [6]; and

e) shall pass the resulting PC5_DISCOVERY message for Group Member Discovery Announcement to the lower layers for transmission over the PC5 interface with an indication that the message is for public safety use.

The UE shall ensure that it keeps on passing the same PC5_DISCOVERY message and the indication that the message is for public safety use to the lower layers for transmission until the UE is triggered by an upper layer application to stop announcing availability in a discovery group, or until the UE stops being authorised to perform the announcing UE procedure for group member discovery. How this is achieved is left up to UE implementation.

[TS 33.303, clause 6.6.3.1]

There are two types of ProSe Public Safety Discovery described in TS 23.303 [2]: Relay Discovery (including the additional Discovery messages) and Group Member Discovery. The security measures for both of these are identical and are reusing the following aspects:

– the key provisioning mechanism that ProSe one-to-many communication uses, whereby a root key is fetched (the PGK – see subclause 6.2.3.1 of the present specification) along with associated security information; and

– the mechanisms defined for restricted discovery in terms of protecting the discovery messages over the air (see subclause 6.1.3.4.3 of the present specification with the needed DUIK, DUCK and DUSKs derived from the root key). It is optional to support scrambling for Public Safety Discovery.

Like open and restricted discovery, ProSe Public Safety Discovery also uses a UTC-based counter (see step 9 in clause 6.1.3.3) to provide freshness for the protection of the restricted discovery message on the PC5 interface. The parameters CURRENT_TIME and MAX_OFFSET are also provided to the UE from the PKMF to ensure that the obtained UTC-based counter is sufficiently close to real time to protect against replays.

[TS 33.303, clause 6.6.3.2]

The Public Safety Discovery Key (PSDK) is the root key that is used for the protection of the Pubic Safety Discovery messages. It is identified by an 8-bit PSDK ID and each PSDK is associated with one or more Relay Service Codes and/or Discovery Group IDs. This association is achieved by allocating a 24-bit Key Type ID to the Relay Service Codes (RSCs) and Discovery Group IDs during the Key Request/Key Response procedure. The Key Type ID is also included in the MIKEY message, so a delivered PSDK can be associated with the correct RSCs and/or Discovery Group IDs.

NOTE: The allocation of RSC and/or Discovery Group ID to a particular Key Type ID is specific to a UE and does not need to be common across all UEs.

When the PSDKs are provided to the UE, they shall be provided with an Expiry Time. The Expiry Time of the PSDK needs to be set such that the keys for later periods have a longer expiration period. Each PSDKs for each Key Type ID shall be associated with a different Expiry Time value.

All expired PSDK, except the most recently expired of the PSDK(s), should be deleted.

Public Safety discovery also uses the PMK and PMK ID for the MIKEY messages as described in subclauses 6.2.3.1 and 6.2.3.2 of the present specification.

[TS 33.303, clause 6.6.7]

The protection of ProSe Public Safety Discovery Message over PC5 is very similar to that of Restricted Discovery. When sending and receiving a discovery message, the UE uses the PSDK that has not expired (using the time in the UTC based counter associated with the discovery slot to check expiry) and has the earliest expiration time to derive the needed subkeys for the security of that message.

In order to protect the discovery messages over PC5, the UE first calculates the necessary (as indicated in the security meta-data) DUSK, DUCK and DUIK for the particular discovery using the appropriate PSDK. To this end, a KDF is used to derive each of the keys indicated in the security meta-data, as follows:

– If the security meta-data indicates a DUSK should be used, then the UE derives the DUSK from the PSDK using a KDF as in Annex A.8.

– If the security meta-data indicates a DUCK should be used, and an Encrypted_bits_mask is included, then the UE derives the DUCK from the PSDK using a KDF as in Annex A.8

If the security meta-data indicates a DUIK should be used, then the UE derives the DUIK from the PSDK using a KDF as in Annex A.8.

A sending UE then follows subclause 6.1.3.4.3.2, while a receiving UE follows subclause 6.1.3.4.3.3 except that it never sends the discovery message to the ProSe Function for MIC checking.

19.2.6.3 Test description

19.2.6.3.1 Pre-test conditions

System Simulator:

SS-UE

– SS-UE1.

– As defined in TS 36.508 [18], configured for and operating as ProSe Direct Communication transmitting and receiving device.

GNSS simulator (optional).

NOTE: For operation in off-network environment, it shall be ensured that after the UE is powered up it considers the geographical area as being one of the geographical areas set in the USIM for operation when UE is "not served by E-UTRAN". This can be done by usage of a GNSS simulator, or some suitable MMI action.

UE:

– ProSe related configuration

– The UE is authorised to perform ProSe Direct Communication; The UE is equipped with a USIM containing values shown in Table 19.2.6.3.1-1, and, relevant to each of the supported services values as specified in TS 36.508 [18], section 4.9.3.1 (e.g. Direct Communication Radio Parameters and geographical area when UE is "not served by E-UTRAN", ProSe Layer-2 Group ID, etc.).

Table 19.2.6.3.1-1: USIM Configuration

USIM field

Value

EFUST

Service n°101 (ProSe) supported.

EFPST

Service n°3 (ProSe Direct Communication radio parameters) supported.

Service n°6 (ProSe policy parameters) supported.

Service n°7 (ProSe group counter) supported.

EFAD

b3=1: the ME is authorized to use the parameters stored in the USIM or in the ME for ProSe services for Public Safety usage.

EFPROSE_RADIO_ANN

FFS:

b1=1 indicates that the UE is authorised to perform ProSe direct discovery model A announcing when not served by E-UTRAN.

b2=0 indicates that the UE is not authorised to perform ProSe direct discovery model B discoverer operation when not served by E-UTRAN

b2=1 indicates that the UE is authorised to perform ProSe direct discovery model B discoverer operation when not served by E-UTRAN.

EFPROSE_RADIO_MON

FFS:

b1=1 indicates that the UE is authorised to perform ProSe direct discovery model A monitoring when not served by E-UTRAN.

b2=0 indicates that the UE is not authorised to perform ProSe direct discovery model B discoveree operation when not served by E-UTRAN

b2=1 indicates that the UE is authorised to perform ProSe direct discovery model B discoveree operation when not served by E-UTRAN.

EFPROSE_POLICY

FFS

EFPROSE_GC

FFS:

ProSe Layer-2 Group ID

PTK ID

Counter

EFPROSE_RELAY_DISCOVERY

FFS:

The UE is preconfigured with PSDK, Bitmask of keys:

b1=1 indicates that DUSK is to be used

b2=1 indicates that DUCK is to be used

b3=1 indicates that DUIK is to be used

and DUCK encryption bitmask

EFPROSE_GM_DISCOVERY

FFS

– The UE has a Public Safety Discovery Key (PSDK) with not expired validity timer allowing for the calculation of the various keys needed for applying protection on the discovery messages over PC5 (Discovery User Scrambling Key (DUSK), Discovery User Confidentiality Key (DUCK) and Discovery User Integrity Key (DUIK)).

– For operation in off-network environment, it shall be ensured that after the UE is powered up it considers the geographical area as being one of the geographical areas set in the USIM for operation when UE is "not served by E-UTRAN". If this is not done by using n GNSS simulator then the UE needs to be preconfigured via a suitable MMI action.

Preamble:

– The UE is in state Switched OFF (state 1) according to TS 36.508 [18].

19.2.6.3.2 Test procedure sequence

Table 19.2.6.3.2-1: Main behaviour

St

Procedure

Message Sequence

TP

Verdict

U – S

Message

1

Power up the UE.

2

Force the UE upper layer application corresponding to ProSe Application ID px_ProSeAnnApplicationIdentity2 to initiate continuous announcing availability in a discovery group.

NOTE: Although the UE is expected to transmit continuously, only the PC5_DISCOVERY messages which need to be checked are shown explicitly in the step sequence.

EXCEPTION: Step 3 is repeated 10 times.

3

Check: Does the UE transmit in the next transmission period a PC5_DISCOVERY message for Group Member Discovery Announcement applying DUIK, DUSK, and DUCK with the associated Encrypted Bitmask, along with the UTC-based counter to the PC5_DISCOVERY message?

–>

PC5_DISCOVERY

1

P

19.2.6.3.3 Specific message contents

Table 19.2.6.3.3-1: PC5_DISCOVERY (step 3 Table 19.2.6.3.2-1)

Derivation path: 36.508 [18], Table 4.7F.1-5A.