idnits 2.17.1 draft-ietf-ecrit-car-crash-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([I-D.ietf-ecrit-ecall]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 13, 2014) is 3480 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Outdated reference: A later version (-38) exists of draft-ietf-ecrit-additional-data-15 ** Obsolete normative reference: RFC 3023 (Obsoleted by RFC 7303) ** Obsolete normative reference: RFC 4288 (Obsoleted by RFC 6838) == Outdated reference: A later version (-14) exists of draft-ietf-ecrit-trustworthy-location-07 Summary: 3 errors (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 ECRIT R. Gellens 3 Internet-Draft Qualcomm Technologies, Inc 4 Intended status: Informational B. Rosen 5 Expires: April 16, 2015 NeuStar, Inc. 6 H. Tschofenig 7 (no affiliation) 8 October 13, 2014 10 Next-Generation Vehicle-Initiated Emergency Calls 11 draft-ietf-ecrit-car-crash-01.txt 13 Abstract 15 This document describes how to use IP-based emergency services 16 mechanisms to support the next generation of emergency calls placed 17 by vehicles (automatically in the event of a crash or serious 18 incident, or manually invoked by a vehicle occupant) and conveying 19 vehicle, sensor, and location data related to the crash or incident. 20 Such calls are often referred to as "Automatic Crash Notification" 21 (ACN), or "Advanced Automatic Crash Notification" (AACN), even in the 22 case of manual trigger. The "Advanced" qualifier refers to the 23 ability to carry a richer set of data. 25 This document also registers a MIME Content Type and an Emergency 26 Call Additional Data Block for the vehicle, sensor, and location data 27 (often referred to as "crash data" even though there is not 28 necessarily a crash). An external specification for the data format, 29 contents, and structure are referenced in this document. 31 Profiling and simplifications are possible due to the nature of the 32 functionality that is provided in vehicles with the usage of Global 33 Satellite Navigation System (GNSS). 35 This document does not address pan-European eCall (a mandated and 36 standardized system for emergency calls by in-vehicle systems within 37 Europe and other regions), which is the subject of a separate 38 document, [I-D.ietf-ecrit-ecall]. 40 Status of This Memo 42 This Internet-Draft is submitted in full conformance with the 43 provisions of BCP 78 and BCP 79. 45 Internet-Drafts are working documents of the Internet Engineering 46 Task Force (IETF). Note that other groups may also distribute 47 working documents as Internet-Drafts. The list of current Internet- 48 Drafts is at http://datatracker.ietf.org/drafts/current/. 50 Internet-Drafts are draft documents valid for a maximum of six months 51 and may be updated, replaced, or obsoleted by other documents at any 52 time. It is inappropriate to use Internet-Drafts as reference 53 material or to cite them other than as "work in progress." 55 This Internet-Draft will expire on April 16, 2015. 57 Copyright Notice 59 Copyright (c) 2014 IETF Trust and the persons identified as the 60 document authors. All rights reserved. 62 This document is subject to BCP 78 and the IETF Trust's Legal 63 Provisions Relating to IETF Documents 64 (http://trustee.ietf.org/license-info) in effect on the date of 65 publication of this document. Please review these documents 66 carefully, as they describe your rights and restrictions with respect 67 to this document. Code Components extracted from this document must 68 include Simplified BSD License text as described in Section 4.e of 69 the Trust Legal Provisions and are provided without warranty as 70 described in the Simplified BSD License. 72 Table of Contents 74 1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 75 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 76 3. Overview of Current Deployment Models . . . . . . . . . . . . 7 77 4. Document Scope . . . . . . . . . . . . . . . . . . . . . . . 8 78 5. Migration to Next-Generation . . . . . . . . . . . . . . . . 9 79 6. Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 80 7. Call Setup . . . . . . . . . . . . . . . . . . . . . . . . . 11 81 8. Call Routing . . . . . . . . . . . . . . . . . . . . . . . . 14 82 9. Test Calls . . . . . . . . . . . . . . . . . . . . . . . . . 14 83 10. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 84 11. Security Considerations . . . . . . . . . . . . . . . . . . . 17 85 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 86 12.1. Service URN Registration . . . . . . . . . . . . . . . . 17 87 12.2. MIME Content-type Registration for 88 'application/EmergencyCall.VEDS+xml' . . . . . . . . . . 18 89 12.3. Registration of the 'VEDS' entry in the Emergency Call 90 Additional Data registry . . . . . . . . . . . . . . . . 19 91 13. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 19 92 14. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 19 93 15. Changes from Previous Versions . . . . . . . . . . . . . . . 19 94 15.1. Changes from draft-ietf-00 to draft-ietf-01 . . . . . . 19 95 15.2. Changes from draft-gellens-02 to draft-ietf-00 . . . . . 19 96 15.3. Changes from draft-gellens-01 to -02 . . . . . . . . . . 20 97 15.4. Changes from draft-gellens-00 to -01 . . . . . . . . . . 20 99 16. References . . . . . . . . . . . . . . . . . . . . . . . . . 20 100 16.1. Normative References . . . . . . . . . . . . . . . . . . 20 101 16.2. Informative references . . . . . . . . . . . . . . . . . 21 102 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21 104 1. Terminology 106 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 107 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 108 document are to be interpreted as described in [RFC2119]. 110 This document re-uses terminology defined in Section 3 of [RFC5012]. 112 Additionally, we use the following abbreviations: 114 3GPP: 3rd Generation Partnership Project 116 AACN: Advanced Automatic Crash Notification 118 ACN: Automatic Crash Notification 120 APCO: Association of Public-Safety Communications Officials 122 EENA: European Emergency Number Association 124 ESInet: Emergency Services IP network 126 GNSS: Global Satellite Navigation System (which includes the various 127 such systems including the Global Positioning System or GPS) 129 IVS: In-Vehicle System 131 MNO: Mobile Network Operator 133 NENA: National Emergency Number Association 135 TSP: Telematics Service Provider 137 VEDS: Vehicle Emergency Data Set 139 2. Introduction 141 Emergency calls made by in-vehicle systems (e.g., in the event of a 142 crash) assist in significantly reducing road deaths and injuries by 143 allowing emergency services to respond quickly and often with better 144 location. 146 Drivers often have a poor location awareness, especially outside of 147 major cities, at night and when away from home (especially abroad). 148 In the most crucial cases, the victim(s) may not be able to call 149 because they have been injured or trapped. 151 For more than a decade, some vehicles have been equipped with 152 telematics systems that, among other features, place an emergency 153 call automatically in the event of a crash or manually in response to 154 an emergency call button. Such systems generally have on-board 155 location determination systems that make use of satellite-based 156 positioning technology, inertial sensors, gyroscopes, etc., to 157 provide a fairly accurate position for the vehicle. Such built-in 158 systems can take advantage of the benefits of being integrated into a 159 vehicle, such as more reliable power, ability to have larger or 160 specialized antenna, ability to be engineered to avoid or minimise 161 degradation by vehicle glass coatings, interference from other 162 vehicle systems, etc. Thus, the PSAP can be provided with a good 163 estimate of where the vehicle is during an emergency. Vehicle 164 manufacturers are increasingly adopting such systems, both for the 165 safety benefits and for the additional features and services they 166 enable (e.g., remote engine diagnostics, remote door unlock, stolen 167 vehicle tracking and disabling, etc.). 169 The general term for such systems is Automatic Crash Notification 170 (ACN) or "Advanced Automatic Crash Notification" (AACN). "ACN" is 171 used in this document as a general term. ACN systems transmit some 172 amount of data specific to the incident, referred to generally as 173 "crash data" (the term is commonly used even though there might not 174 have been a crash). While different systems transmit different 175 amounts of crash data, standardized formats, structures, and 176 mechanisms are needed to provide interoperability among systems and 177 PSAPs. 179 Currently deployed in-vehicle telematics systems are circuit-switched 180 and lack a standards-based ability to convey crash data directly to 181 the PSAP (generally relying on either a human call taker or an 182 automated system to provide the PSAP call taker with some crash data 183 orally, or possibly a proprietary mechanism). The PSAP call taker 184 needs to first realize that the call is related to a vehicle 185 incident, and in most cases must then listen to the data and 186 transcribe it. 188 The transition to next-generation calling in general, and emergency 189 calling in particular, provides an opportunity to vastly improve the 190 scope, breadth, reliability and usefulness of crash data during an 191 emergency by allowing it to be presented alongside the call, and to 192 be automatically processed by the PSAP and made available to the call 193 taker in an integrated, automated way. In addition, vehicle 194 manufacturers are provided an opportunity to take advantage of the 195 same standardized mechanisms for data transmission for internal use 196 if they wish (such as telemetry between the vehicle and a service 197 center for both emergency and non-emergency uses, including location- 198 based services, multi-media entertainment systems, and road-side 199 assistance applications). 201 Next-generation ACN provides an opportunity for such calls to be 202 recognized and processed as such during call set-up, and routed to a 203 specialized PSAP where the vehicle data is available to assist the 204 call taker in assessing and responding to the situation. 206 An ACN call may be either occupant-initiated or automatically 207 triggered. (The "A" in "ACN" does stand for "Automatic," but the 208 term is often used to refer to the class of calls that are placed by 209 an in-vehicle system (IVS) and that carry incident-related data as 210 well as voice.) Automatically triggered calls indicate a car crash 211 or some other serious incident (e.g., a fire) and carry a greater 212 presumption of risk of injury. Manually triggered calls are often 213 reports of serious hazards (such as drunk drivers) and may require 214 different responses depending on the situation. Manually triggered 215 calls are also more likely to be false (e.g., accidental) calls and 216 may thus be subject to different handling by the PSAP. 218 This document describes how the IETF mechanisms for IP-based 219 emergency calls, including [RFC6443] and 220 [I-D.ietf-ecrit-additional-data], are used to provide the realization 221 of next-generation ACN. 223 The Association of Public-Safety Communications Officials (APCO) and 224 the National Emergency Number Association (NENA) have jointly 225 developed a standardized set of incident-related vehicle data for ACN 226 use, called the Vehicle Emergency Data Set (VEDS) [VEDS]. Such data 227 is often referred to as crash data although it is applicable in 228 incidents other than crashes. 230 VEDS provides a standard data set for the transmission, exchange, and 231 interpretation of vehicle-related data. A standard data format 232 allows the data to be generated by an IVS, and interpreted by PSAPs, 233 emergency responders, and medical facilities (including those capable 234 of providing trauma level patient care). It includes incident- 235 related information such as airbag deployment, location of the 236 vehicle, if the vehicle was involved in a rollover, various sensor 237 data that can indicate the potential severity of the crash and the 238 likelihood of severe injuries to the vehicle occupants, etc. This 239 data better informs the PSAP and emergency responders as to the type 240 of response that may be needed. This information was recently 241 included in the federal guidelines for field triage of injured 242 patients. These guidelines are designed to help responders at the 243 accident scene identify the potential existence of severe internal 244 injuries and to make critical decisions about how and where a patient 245 needs to be transported. 247 This document registers the 'application/EmergencyCallData.VEDS+xml' 248 MIME content-type, and registers the 'VEDS' entry in the Emergency 249 Call Additional Data registry. 251 VEDS is an XML structure (see [VEDS]). The 'application/ 252 EmergencyCallData.VEDS+xml' MIME content-type is used to identify it. 253 The 'VEDS' entry in the Emergency Call Additional Data registry is 254 used to construct a 'purpose' parameter value for conveying VEDS data 255 in a Call-Info header (as described in 256 [I-D.ietf-ecrit-additional-data]). 258 VEDS is a versatile structure that can accomodate varied needs. 259 However, if additional sets of data are determined to be needed, the 260 steps to enable each data block are very briefly summarized below: 262 o A standardized format and encoding (such as XML) is defined and 263 published by a Standards Development Organization (SDO). 264 o A MIME Content-Type is registered for it (typically under the 265 'Application' media type and with a sub-type starting with 266 'EmergencyCallData.'). 267 o An entry for the block is added to the Emergency Call Additional 268 Data Blocks sub-registry (established by 269 [I-D.ietf-ecrit-additional-data]); the registry entry is the root 270 of the MIME sub-type (not including the 'EmergencyCallData' prefix 271 and any suffix such as '+xml'). 273 A next-generation In-Vehicle System (IVS) transmits crash data by 274 encoding it in a standardized and registered format (such as VEDS) 275 and attaching it to an INVITE as a MIME body part. The body part is 276 identified by its MIME content-type (such as 'application/ 277 EmergencyCallData.VEDS+xml') in the Content-Type header field of the 278 body part. The body part is assigned a unique identifier which is 279 listed in a Content-ID header field in the body part. The INVITE is 280 marked as containing the crash data by adding (or appending to) a 281 Call-Info header field at the top level of the INVITE. The Call-Info 282 header field contains a CID URL referencing the body part's unique 283 identifier, and a 'purpose' parameter identifying the data as the 284 crash data per the registry entry; the 'purpose' parameter's value is 285 'EmergencyCallData.' and the root of the MIME type (not including the 286 'EmergencyCallData' prefix and any suffix such as '+xml' (e.g., 287 'purpose=EmergencyCallData.VEDS'). 289 The mechanisms described here can be used place emergency calls that 290 are identifiable as ACN calls and that carry one or more standardized 291 crash data objects in an interoperable way. 293 3. Overview of Current Deployment Models 295 Current (circuit-switched or legacy) systems for placing emergency 296 calls by in-vehicle systems, including automatic crash notification 297 systems, generally have a limited ability to convey at least location 298 and in some cases telematics data to the PSAP. Most such systems use 299 one of three architectural models, which are described here as: 300 "Telematics Service Provider" (TSP), "direct", and "paired handset". 301 These three models are illustrated below. 303 In the TSP model, both emergency and non-emergency calls are placed 304 to a Telematics Service Provider (TSP); a proprietary technique is 305 used for data transfer (such as proprietary in-band modems) to the 306 TSP. 308 In an emergency, the TSP call taker bridges in the PSAP and 309 communicates location, crash data (such as impact severity and trauma 310 prediction), and other data (such as the vehicle description) to the 311 PSAP call taker verbally. Typically, a three-way voice call is 312 established between the vehicle, the TSP, and the PSAP, allowing 313 communication between the PSAP call taker, the TSP call taker, and 314 the vehicle occupants (who might be unconscious). 316 ///----\\\ proprietary +------+ 911 trunk +------+ 317 ||| IVS |||-------------->+ TSP +------------------>+ PSAP | 318 \\\----/// crash data +------+ +------+ 320 Figure 1: Legacy TSP Model. 322 In the paired model, the IVS uses a Bluetooth link with a previously- 323 paired handset to establish an emergency call with the PSAP (by 324 dialing a standard emergency number such as 9-1-1), and then 325 communicates location data to the PSAP via text-to-speech; crash data 326 is not conveyed. Some such systems use an automated voice prompt 327 menu (e.g., "this is an automatic emergency call from a vehicle; 328 press 1 to open a voice path to the vehicle; press 2 to hear the 329 location read out") to allow the call taker to request location data 330 via text-to-speech. 332 +---+ 333 ///----\\\ | H | 911/etc voice call via handset +------+ 334 ||| IVS |||-->| S +----------------------------------->+ PSAP | 335 \\\----/// +---+ location via text-to-speech +------+ 337 Figure 2: Legacy Paired Model 339 In the direct model, the IVS directly places an emergency call with 340 the PSAP by dialing a standard emergency number such as 9-1-1. Such 341 systems might communicate location data to the PSAP via text-to- 342 speech; crash data might not be conveyed. 344 ///----\\\ 911/etc voice call via IVS +------+ 345 ||| IVS |||---------------------------------------->+ PSAP | 346 \\\----/// location via text-to-speech +------+ 348 Figure 3: Legacy Direct Model 350 4. Document Scope 352 This document is focused on the interface to the PSAP, that is, how 353 an ACN emergency call is setup and incident-related data (including 354 vehicle, sensor, and location data) is transmitted to the PSAP using 355 IETF specifications. (The goal is to re-use specifications rather 356 than to invent new.) For the direct model, this is the end-to-end 357 description (between the vehicle and the PSAP). For the TSP model, 358 this describes the right-hand side (between the TSP and the PSAP), 359 leaving the left-hand side (between the vehicle and the TSP) up to 360 the entities involved (i.e., IVS and TSP vendors) who are then free 361 to use the same mechanism as for the right-hand side (or not). 363 Note that while ACN systems in the U.S. and other regions are not 364 currently mandated, Europe has a mandated and standardized system for 365 emergency calls by in-vehicle systems. This pan-European system is 366 known as "eCall" and is not further discussed in this document but is 367 the subject of a separate document, [I-D.ietf-ecrit-ecall]. Vehicles 368 designed to operate in multiple regions may need to support eCall as 369 well as the ACN described here. If other regions devise their own 370 specifications or data formats, a multi-region vehicle may need to 371 support those as well. Both eCall and the ACN mechanism described 372 here are compatible in most respects, differing primarily in the 373 Request-URI and the specific data block that is sent. 375 5. Migration to Next-Generation 377 Migration of emergency calls placed by in-vehicle systems to next- 378 generation (all-IP) technology provides a standardized mechanism to 379 identify such calls and to present crash data with the call. This 380 allows ACN calls and crash data to be automatically processed by the 381 PSAP and made available to the call taker in an integrated, automated 382 way. 384 Vehicle manufacturers using the TSP model may choose to take 385 advantage of the same mechanism to carry telematics data between the 386 vehicle and the TSP for both emergency and non-emergency calls. 388 A next-generation IVS establishes an emergency call using the 3GPP 389 IMS solution with a Request-URI indicating an ACN type of emergency 390 call with vehicle data attached; the MNO only needs to recognize the 391 call as an emergency call and route it to an ESInet; the ESInet may 392 recognize the call as an ACN with vehicle data and may route the call 393 to an NG-ACN capable PSAP; such a PSAP would interpet the vehicle 394 data sent with the call and make it available to the call taker. 396 Because of the need to identify and specially process Next-Generation 397 ACN calls (as discussed above), this document registers new service 398 URN children within the "sos" subservice. These URNs provide the 399 mechanism by which an NG-ACN call is identified, and differentiate 400 between manually and automatically triggered NG-ACN calls (which may 401 be subject to different treatment, depending on policy). The two 402 service URNs are: 'urn:service:sos.vehicle.automatic' and 403 'urn:service:sos.vehicle.manual'. 405 Note that in North America, routing queries performed by clients 406 outside of an ESInet are likely to treat all sub-services of "sos" 407 identically to "sos" with no sub-service. However, the Request-URI 408 header field retains the full sub-service; route and handling 409 decisions within an ESInet or PSAP may take the sub-service into 410 account. For example, in a region with multiple cooperating PSAPs, 411 an NG-ACN call might be routed to a PSAP that is NG-ACN capable, or 412 one that specializes in vehicle-related incidents. 414 Migration of the three architectural models to next-generation (all- 415 IP) is described below. 417 In the TSP model, the IVS transmits crash and location data to the 418 TSP using either a protocol that is based on a proprietary design or 419 one that re-uses IETF specifications. In an emergency, the TSP call 420 taker bridges in the PSAP and the TSP transmits crash and other data 421 to the PSAP using IETF specifications. There is a three-way call 422 between the vehicle, the TSP, and the PSAP, allowing communication 423 between the PSAP call taker, the TSP call taker, and the vehicle 424 occupants (who might be unconscious). 426 proprietary 427 ///----\\\ or standard +------+ standard +------+ 428 ||| IVS ||| ------------------->+ TSP +------------------->+ PSAP | 429 \\\----/// crash + other data +------+ crash + other data +------+ 431 Figure 4: Next-Generation TSP Model 433 The vehicle manufacturer and the TSP may choose to use the same IETF 434 specifications to transmit crash and location data from the vehicle 435 to the TSP as is described here to transmit such data from the TSP to 436 the PSAP. 438 In the paired model, the IVS uses a Bluetooth link to a previously- 439 paired handset to establish an emergency call with the PSAP; it is 440 not clear what facilities are or will be available for transmitting 441 crash data through the Bluetooth link. 443 +---+ 444 ///----\\\ (unclear) | H | (unclear) +------+ 445 ||| IVS |||------------------>| S +------------------->+ PSAP | 446 \\\----/// (unclear) +---+ (unclear) +------+ 448 Figure 5: Next-Generation Paired Model 450 In the direct model, the IVS communicates crash data to the PSAP 451 directly using IETF specifications. 453 ///----\\\ NG1-1-2/NG9-1-1 call +------+ 454 ||| IVS |||----------------------------------------->+ PSAP | 455 \\\----/// crash data +------+ 457 Figure 6: Next-Generation Model 459 6. Profile 461 In the context of emergncy calls placed by an in-vehicle system it is 462 assumed that the car is equipped with a built-in GNSS receiver. For 463 this reason only geodetic location information will be sent within an 464 emergency call. The following location shapes MUST be implemented: 465 2d and 3d Point (see Section 5.2.1 of [RFC5491]), Circle (see 466 Section 5.2.3 of [RFC5491]), and Ellipsoid (see Section 5.2.7 of 467 [RFC5491]). The coordinate reference systems (CRS) specified in 468 [RFC5491] are also mandatory for this document. The 469 element, as defined in [RFC5962] which indicates the direction of 470 travel of the vehicle, is important for dispatch and hence it MUST be 471 included in the PIDF-LO [RFC4119]. The element specified 472 in [RFC5962] MUST be implemented and MAY be included. 474 Calls by in-vehicle systems are placed via cellular networks, which 475 may ignore location sent by an originating device in an emergency 476 call INVITE, instead attaching their own location (often determined 477 in cooperation with the originating device). The IVS MAY attach 478 location data to the call INVITE. Standardized crash data structures 479 often include location as determined by the IVS. A benefit of this 480 is that it allows the PSAP to see both the location as determined by 481 the cellular network (often in cooperation with the originating 482 device) and the location as determined by the IVS. 484 This specification inherits the ability to utilize test call 485 functionality from Section 15 of [RFC6881]. 487 7. Call Setup 489 It is important that ACN calls be easily identifiable as such at all 490 stages of call handling, and that automatic versis manual triggering 491 be known. ACN calls differ from general emergency calls in several 492 aspects, including the presence of standardized crash data, the fact 493 that the call is known to be placed by an in-vehicle system (which 494 has implications for PSAP operational processes), and, especially for 495 automatic calls, information that may indicate a likelihood of severe 496 injury and hence need for trauma services. Knowledge that a call is 497 an ACN and further that it was automatically or manually invoked 498 carries a range of implications about the call, the circumstances, 499 and the vehicle occupants. Calls by in-vehicle systems may be 500 considered a specific sub-class of general emergency calls and need 501 to be handled by a PSAP with the technical and operational 502 capabilities to serve such calls. (This is especially so in 503 environments such as the U.S. where there are many PSAPs and where 504 individual PSAPs have a range of capabilities.) Technical 505 capabilities include the ability to recognize and process 506 standardized crash data. Operational capabilities include training 507 and processes for assessing severe injury likelihood and responding 508 appropriately (e.g., dispatching trauma-capable medical responders, 509 transporting victims to a trauma center, alerting the receiving 510 facility, etc.). 512 Because ACN calls differ in significant ways from general emergency 513 calls, and because such calls need to be handled by specialized PSAPs 514 (equipped technically to interpet and make use of crash data, and 515 operationally to handle emergency calls placed by in-vehicle 516 systems), this document proposes an SOS sub-service for ACN/car 517 crash, specifically, "SOS.vehicle". Using a sub-service makes it 518 readily obvious that the call is an ACN; a further child elements is 519 proposed to distinguish calls automatically placed due to a crash or 520 other serious incident (such as a fire) from those manually invoked 521 by a vehicle occupant (specifically, "SOS.vehicle.automatic" and 522 "SOS.vehicle.manual"). The distinction between automatic and manual 523 invocation is also significant; automatically triggered calls 524 indicate a car crash or some other serious incident (e.g., a fire) 525 and carry a greater presumption of risk of injury and hence need for 526 specific responders (such as trauma or fire). Manually triggered 527 calls are often reports of serious hazards (such as drunk drivers) 528 and may require different responses depending on the situation. 529 Manually triggered calls are also more likely to be false (e.g., 530 accidental) calls and may thus be subject to different handling by 531 the PSAP. 533 A next-generation In-Vehicle System (IVS) transmits crash data by 534 encoding it in a standardized and registered format and attaching it 535 to an INVITE as an additional data block as specified in Section 4.1 536 of [I-D.ietf-ecrit-additional-data]. As described in that document, 537 the block is identified by its MIME content-type, and pointed to by a 538 CID URL in a Call-Info header with a 'purpose' parameter value 539 corresponding to the block. 541 Specifically, the steps required during standardization are: 543 o A set of crash data is standardized by an SDO or appropriate 544 organization 546 o A MIME Content-Type for the crash data set is registered with IANA 548 * If the data is specifically for use in emergency calling, the 549 MIME type is normally under the 'application' type with a 550 subtype starting with 'EmergencyCallData.' 552 * If the data format is XML, then by convention the name has a 553 suffix of '+xml' 555 o The item is registered in the Emergency Call Additional Data 556 registry, as defined in Section 9.1.7 of 557 [I-D.ietf-ecrit-additional-data] 559 * For emergency-call-specific formats, the registered name is the 560 root of the MIME Content-Type (not including the 561 'EmergencyCallData' prefix and any suffix such as '+xml') as 562 described in Section 4.1 of [I-D.ietf-ecrit-additional-data] 564 When placing an emergency call: 566 o The crash data set is created and encoded per its specification 567 o The crash data set is attached to the emergency call INVITE as 568 specified in Section 4.1 of [I-D.ietf-ecrit-additional-data], that 569 is, as a MIME body part identified by its MIME Content-Type in the 570 body part's Content-Type header field 572 o The body part is assigned a unique identifier label in a Content- 573 ID header field of the body part 575 o A Call-Info header field at the top level of the INVITE references 576 the crash data and identifies it by its MIME root (as registered 577 in the Emergency Call Additional Data registry) 579 * The crash data is referenced in the Call-Info header field by a 580 CID URL that contains the unique Content ID assigned to the 581 crash data body part 583 * The crash data is identified in the Call-Info header field by a 584 'purpose' parameter whose value is 'EmergencyCallData.' 585 concatenated with the specific crash data entry in the 586 Emergency Call Additional Data registry 588 * The Call-Info header field MAY be either solely to reference 589 the crash data (and hence have only the one URL) or may also 590 contain other URLs referencing other data 592 o Additional crash data sets MAY be included by following the same 593 steps 595 The Vehicle Emergency Data Set (VEDS) is an XML structure defined by 596 the Association of Public-Safety Communications Officials (APCO) and 597 the National Emergency Number Association (NENA) [VEDS]. The 598 'application/EmergencyCallData.VEDS+xml' MIME content-type is used to 599 identify it. The 'VEDS' entry in the Emergency Call Additional Data 600 registry is used to construct a 'purpose' parameter value for 601 conveying VEDS data in a Call-Info header. 603 The VEDS data is attached as a body part with MIME content type 604 'application/EmergencyCallData.VEDS+xml' which is pointed at by a 605 Call-Info URL of type CID with a 'purpose' parameter of 606 'EmergencyCallData.VEDS'. 608 Entities along the path between the vehicle and the PSAP are able to 609 identify the call as an ACN call and handle it appropriately. The 610 PSAP is able to identify the crash data as well as any other 611 additional data attached to the INVITE by examining the Call-Info 612 header fields for 'purpose' parameters whose values start with 613 'EmergencyCallData.' The PSAP is able to access and the data it is 614 capable of handling and is interested in by checking the 'purpose' 615 parameter values. 617 8. Call Routing 619 An Emergency Services IP Network (ESInet) is a network operated by 620 emergency services authorities. It handles emergency call routing 621 and processing before delivery to a PSAP. In the NG9-1-1 622 architecture adopted by NENA as well as the NG1-1-2 architecture 623 adopted by EENA, each PSAP is connected to one or more ESInets. Each 624 originating network is also connected to one or more ESInets. The 625 ESInets maintain policy-based routing rules which control the routing 626 and processing of emergency calls. The centralization of such rules 627 within ESInets provides for a cleaner separation between the 628 responsibilities of the originating network and that of the emergency 629 services network, and provides greater flexibility and control over 630 processing of emergency calls by the emergency services authorities. 631 This makes it easier to react quickly to unusual situations that 632 require changes in how emergency calls are routed or handled (e.g., a 633 natural disaster closes a PSAP), as well as ease in making long-term 634 changes that affect such routing (e.g., cooperative agreements to 635 specially handle calls requiring translation or relay services). 637 In an environment that uses ESInets, the originating network need 638 only detect that the service URN of an emergency call is or starts 639 with "sos", passing all types of emergency calls to an ESInet. The 640 ESInet is then responsible for routing such calls to an appropriate 641 PSAP. In an environment without an ESInet, the emergency services 642 authorities and the originating carriers would need to determine how 643 such calls are routed. 645 9. Test Calls 647 This specification inherits the ability to utilize test call 648 functionality from Section 15 of [RFC6881]. 650 A service URN starting with "test." indicates a request for an 651 automated test. For example, 652 "urn:service:test.sos.vehicle.automatic" indicates such a test 653 feature. This functionality is defined in [RFC6881]. 655 Note that since test calls are placed using "test" as the parent 656 service URN and "sos" as a child, such calls are not treated as an 657 emergency call and so some functionality will not apply (such as pre- 658 emption or service availability for devices lacking service ("non- 659 service-initialized" or "NSI") if those are available for emergency 660 calls); this is by design. MNOs may recognize test calls and treat 661 them in a way that tests as much functionality as desired, but this 662 is outside the scope of this document. 664 10. Example 666 Figure 7 shows an emergency call placed by a vehicle whereby location 667 information and VEDS crash data are both attached to the SIP INVITE 668 message. The INVITE has a request URI containing the 669 'urn:service:sos.vehicle.automatic' service URN and is thus 670 recognized as an ACN type of emergency call, and is also recognized 671 as a type of emergency call because the request URI starts with 672 'urn:service:sos'. The mobile network operator (MNO) routes the call 673 to an Emergency services IP Network (ESInet), as for any emergency 674 call. The ESInet processes the call as an ACN and routes the call to 675 an appropriate ACN-capable PSAP (using location information and the 676 fact that that it is an ACN). (In deployments where there is no 677 ESInet, the MNO itself needs to route directly to an appropriate ACN- 678 capable PSAP.) The call is processed by the Emergency Services 679 Routing Proxy (ESRP), as the entry point to the ESInet. The ESRP 680 routes the call to an appropriate ACN-capable PSAP, where the call is 681 received by a call taker. 683 +---------------------------------------+ 684 | | 685 +------------+ | +-------+ | 686 | | | | PSAP2 | | 687 | | | +-------+ | 688 | Originating| | | 689 | Mobile | | +------+ +-------+ | 690 Vehicle-->| Network |--+->| ESRP |---->| PSAP1 |--> Call-Taker | 691 | | | +------+ +-------+ | 692 | | | | 693 +------------+ | +-------+ | 694 | | PSAP3 | | 695 | +-------+ | 696 | | 697 | | 698 | | 699 | ESInet | 700 +---------------------------------------+ 702 Figure 7: Example of Vehicle-Placed Emergency Call Message Flow 704 The example, shown in Figure 8, illustrates a SIP emergency call 705 INVITE that is being conveyed with location information (a PIDF-LO) 706 and crash data (as VEDS data). 708 INVITE urn:service:sos.vehicle.automatic SIP/2.0 709 To: urn:service:sos.vehicle.automatic 710 From: ;tag=9fxced76sl 711 Call-ID: 3848276298220188511@atlanta.example.com 712 Geolocation: 713 Geolocation-Routing: no 714 Call-Info: cid:1234567890@atlanta.example.com; 715 purpose=EmergencyCallData.VEDS 716 Accept: application/sdp, application/pidf+xml 717 CSeq: 31862 INVITE 718 Content-Type: multipart/mixed; boundary=boundary1 719 Content-Length: ... 721 --boundary1 723 Content-Type: application/sdp 725 ...Session Description Protocol (SDP) goes here 727 --boundary1 729 Content-Type: application/pidf+xml 730 Content-ID: 731 732 740 741 742 743 744 -34.407 150.883 745 746 747 278 748 749 750 751 752 gps 753 754 2012-04-5T10:18:29Z 755 1M8GDM9A_KP042788 756 758 760 --boundary1 762 Content-Type: application/EmergencyCallData.VEDS+xml 763 Content-ID: 1234567890@atlanta.example.com 765 ...VEDS data object goes here 767 --boundary1-- 769 Figure 8: SIP INVITE indicating a Vehicule-Initated Emergency Call 771 11. Security Considerations 773 This document does not raise security considerations beyond those 774 described in [RFC5069]. As with emergency service systems with end 775 host provided location information there is the possibility that that 776 location is incorrect, either intentially (in case of an a denial of 777 service attack against the emergency services infrastructure) or due 778 to a malfunctioning devices. The reader is referred to 779 [I-D.ietf-ecrit-trustworthy-location] for a discussion of some of 780 these vulnerabilities. 782 12. IANA Considerations 784 12.1. Service URN Registration 786 IANA is requested to register the URN 'urn:service:sos.vehicle' under 787 the sub-services 'sos' registry defined in Section 4.2 of [RFC5031]. 789 This service identifier reaches a public safety answering point 790 (PSAP), which in turn dispatches aid appropriate to the emergency 791 related to accidents of vehicles. The following two sub-services are 792 registered as well: 794 urn:service:sos.vehicle.manual 796 This service URN indicates that an emergency call carrying vehicle 797 sensor ("crash") data has been placed by an in-vehicle system 798 (IVS) based on the manual interaction of the driver or a 799 passenger. 801 urn:service:sos.vehicle.automatic 803 This service URN indicates that an emergency call carrying vehicle 804 sensor ("crash") data has been placed by an in-vehicle system 805 (IVS) triggered automatically, for example, due to a crash. 807 12.2. MIME Content-type Registration for 'application/ 808 EmergencyCall.VEDS+xml' 810 This specification requests the registration of a new MIME type 811 according to the procedures of RFC 4288 [RFC4288] and guidelines in 812 RFC 3023 [RFC3023]. 814 MIME media type name: application 816 MIME subtype name: EmergencyCallData.VEDS+xml 818 Mandatory parameters: none 820 Optional parameters: charset 822 Indicates the character encoding of enclosed XML. 824 Encoding considerations: Uses XML, which can employ 8-bit 825 characters, depending on the character encoding used. See 826 Section 3.2 of RFC 3023 [RFC3023]. 828 Security considerations: This content type is designed to carry 829 vehicle crash data during an emergency call. This data may 830 contains personal information including vehicle VIN, location, 831 direction, etc. appropriate precautions need to be taken to limit 832 unauthorized access, inappropriate disclosure to third parties, 833 and eavesdropping of this information. Please refer to Section 7 834 and Section 8 of [I-D.ietf-ecrit-additional-data] for more 835 information. 837 Interoperability considerations: None 839 Published specification: [VEDS] 841 Applications which use this media type: Emergency Services 843 Additional information: None 845 Magic Number: None 847 File Extension: .xml 849 Macintosh file type code: 'TEXT' 851 Person and email address for further information: Hannes 852 Tschofenig, Hannes.Tschofenig@gmx.net 854 Intended usage: LIMITED USE 855 Author: This specification is a work item of the IETF ECRIT 856 working group, with mailing list address . 858 Change controller: The IESG 860 12.3. Registration of the 'VEDS' entry in the Emergency Call Additional 861 Data registry 863 This specification requests IANA to add the 'VEDS' entry to the 864 Emergency Call Additional Data registry, with a reference to this 865 document. The Emergency Call Additional Data registry has been 866 established by [I-D.ietf-ecrit-additional-data]. 868 13. Contributors 870 We would like to thank Ulrich Dietz for his help with earlier 871 versions of the original version of this document. 873 14. Acknowledgements 875 We would like to thank Michael Montag, Arnoud van Wijk, Ban Al-Bakri, 876 and Gunnar Hellstrom for their feedback. 878 15. Changes from Previous Versions 880 15.1. Changes from draft-ietf-00 to draft-ietf-01 882 o Added further discussion of test calls 884 o Added further clarification to the document scope 886 o Mentioned that multi-region vehicles may need to support other 887 crash notification specifications such as eCall 889 o Minor wording improvements and clarifications 891 15.2. Changes from draft-gellens-02 to draft-ietf-00 893 o Renamed from draft-gellens- to draft-ietf- 895 o Added text to Introduction to clarify that during a CS ACN, the 896 PSAP call taker usually needs to listen to the data and transcribe 897 it 899 15.3. Changes from draft-gellens-01 to -02 901 o Fixed case of 'EmergencyCallData', in accordance with changes to 902 [I-D.ietf-ecrit-additional-data] 904 15.4. Changes from draft-gellens-00 to -01 906 o Now using 'EmergencyCallData' for purpose parameter values and 907 MIME subtypes, in accordance with changes to 908 [I-D.ietf-ecrit-additional-data] 910 o Added reference to RFC 6443 912 o Fixed bug that caused Figure captions to not appear 914 16. References 916 16.1. Normative References 918 [I-D.ietf-ecrit-additional-data] 919 Rosen, B., Tschofenig, H., Marshall, R., Randy, R., and J. 920 Winterbottom, "Additional Data related to an Emergency 921 Call", draft-ietf-ecrit-additional-data-15 (work in 922 progress), November 2013. 924 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 925 Requirement Levels", BCP 14, RFC 2119, March 1997. 927 [RFC3023] Murata, M., St. Laurent, S., and D. Kohn, "XML Media 928 Types", RFC 3023, January 2001. 930 [RFC4119] Peterson, J., "A Presence-based GEOPRIV Location Object 931 Format", RFC 4119, December 2005. 933 [RFC4288] Freed, N. and J. Klensin, "Media Type Specifications and 934 Registration Procedures", RFC 4288, December 2005. 936 [RFC5031] Schulzrinne, H., "A Uniform Resource Name (URN) for 937 Emergency and Other Well-Known Services", RFC 5031, 938 January 2008. 940 [RFC5491] Winterbottom, J., Thomson, M., and H. Tschofenig, "GEOPRIV 941 Presence Information Data Format Location Object (PIDF-LO) 942 Usage Clarification, Considerations, and Recommendations", 943 RFC 5491, March 2009. 945 [RFC5962] Schulzrinne, H., Singh, V., Tschofenig, H., and M. 946 Thomson, "Dynamic Extensions to the Presence Information 947 Data Format Location Object (PIDF-LO)", RFC 5962, 948 September 2010. 950 [RFC6443] Rosen, B., Schulzrinne, H., Polk, J., and A. Newton, 951 "Framework for Emergency Calling Using Internet 952 Multimedia", RFC 6443, December 2011. 954 [RFC6881] Rosen, B. and J. Polk, "Best Current Practice for 955 Communications Services in Support of Emergency Calling", 956 BCP 181, RFC 6881, March 2013. 958 [VEDS] "Vehicular Emergency Data Set (VEDS) version 3", July 959 2012, . 962 16.2. Informative references 964 [I-D.ietf-ecrit-ecall] 965 Gellens, R. and H. Tschofenig, "Next-Generation Pan- 966 European eCall", draft-ietf-ecrit-ecall (work in 967 progress), October 2014. 969 [I-D.ietf-ecrit-trustworthy-location] 970 Tschofenig, H., Schulzrinne, H., and B. Aboba, 971 "Trustworthy Location", draft-ietf-ecrit-trustworthy- 972 location-07 (work in progress), July 2013. 974 [RFC5012] Schulzrinne, H. and R. Marshall, "Requirements for 975 Emergency Context Resolution with Internet Technologies", 976 RFC 5012, January 2008. 978 [RFC5069] Taylor, T., Tschofenig, H., Schulzrinne, H., and M. 979 Shanmugam, "Security Threats and Requirements for 980 Emergency Call Marking and Mapping", RFC 5069, January 981 2008. 983 Authors' Addresses 985 Randall Gellens 986 Qualcomm Technologies, Inc 987 5775 Morehouse Drive 988 San Diego 92651 989 US 991 Email: rg+ietf@qti.qualcomm.com 992 Brian Rosen 993 NeuStar, Inc. 994 470 Conrad Dr 995 Mars, PA 16046 996 US 998 Email: br@brianrosen.net 1000 Hannes Tschofenig 1001 (no affiliation) 1003 Email: Hannes.Tschofenig@gmx.net 1004 URI: http://www.tschofenig.priv.at