It is not clear how to implement CSQ management. Aggressive Mode Requests from the controlled station and Aggressive Mode Request from the controlling station share a different CSQ.
However, the CSQ of the next Aggressive Mode Request to be sent is influenced by the CSQ of the last Aggressive Mode Request received.
Profiles including TCP/IP, permits both Controlling Station and Controlled Station to send ASDUs simultaneously. With this mechanism, a Station could send an Aggressive Mode Request with a CSQ not in sequence (+1) with the last CSQ sent.
Proposal
Proposed clarification for CSQ management:
1) At beginning of communication CSQ == 0 (for both Stations)
2) Whenever the station has to send a Challenge ASDU or an Aggressive Mode ASDU then CSQ = CSQ +1 (before sending)
3) A station sets CSQ_R (CSQ responder) equal to CSQ_C (CSQ challenger) in the last Challenge ASDU received. Therefore, it sends the Reply ASDU with CSQ_R == CSQ_C.
4) Whenever the station receives an Aggressive Mode ASDU and it is correctly authenticated, if the CSQ received is greater than local CSQ than the Station sets the local CSQ to the CSQ received.
5) If CSQ == 4294967295 then next time a station needs to increment CSQ, the station sets CSQ == 0
Discussion
Created
Status
The original clarification proposed for Par. 7.3.3.3 is valid and describes a more concise version of the use of Challenge Sequence Number (CSQ). The following 5 points are functinally equvalent to the 8 points describes in the original document.
1) At beginning of communication CSQ == 0 (for both Stations)
2) Whenever the station has to send a Challenge ASDU or an Aggressive Mode ASDU then CSQ = CSQ + 1 (before sending)
3) A station sets CSQ_R (CSQ responder) equal to CSQ_C (CSQ challenger) received in the last Challenge ASDU received.
Therefore, it sends the Reply ASDU with CSQ_R == CSQ_C.
4) Whenever the station receives an Aggressive Mode ASDU: if the CSQ received is greater than local CSQ than the Station
sets the local CSQ to the CSQ received.
5) If CSQ == 4294967295 then next time a station needs to increment CSQ, the station sets CSQ == 0
NOTE: It is recommended to do not use the same Session Keys with the same CSQ. For the correct session key management refer to subclauses 8.2.5.5 and 8.2.5.6.
17 Jan 25
Approval (Editoral)
It is not possible to reset the CSQ because that number is shared for all users.
17 Jan 25
Discussion (red)
Conformance test cases for Challenge and Aggressive Mode Authentication messages shall be updated.
08 Jan 25
Conformance Test Preparation
The proposed change is not fully backward compatible since it avoids the rollover of the CSQ value to 0.
08 Jan 25
Analysis Of Compatibility
The change has been discussed and agreed within the Task Force.
08 Jan 25
Verify Draft Implementation
Replace the initial text in subclause 7.3.3.3 as indicated in the attached file.
08 Jan 25
Drafting Implementation
Proposed resolution accepted with the following additional directives replacing point 5) in the initial proposal:
5) The Session Key Change procedure shall be performed before the CSQ reaches its maximum value of 4294967295 (avoiding rollover).
6) Whenever the Session Key Change is successfully performed the CSQ shall be reset to 0 (zero) in both controlling and controlled stations.
These directives are also aligned with IEC 62351-5:2023 edition.