Title: CPDLC - Exception Handling Correction

PDR Reference:				97100026
Originator Reference: 			excep
SARPs Document Reference:		CPDLC SARPs, Sections 2.3.4, 2.3.5.4. and 2.3.5.6
Status:					ADOPTED
PDR Revision Date:			10/06/98 (small error in the text. See PDR 98050019)
					29/10/97
PDR Submission Date:			29/10/97
Submitting State/Organization: 		ATNP WG3/SG2
Submitting Author Name: 		Hamelink,J
Submitting Author E-mail Address: 	jhamelin@adsystech.com
Submitting Author Supplemental 
Contact Information:
						ph 1 301 589 3434 x114,
						fx 1 310 589 9254
SARPs Date:					IV1.1, March 97
SARPs Language:				English

Summary of Defect:

There are some exception handling cases which are not covered by the current CPDLC SARPs 2.3.5.4. and 2.3.5.6.  These cases include:
1:  receipt of a D-END Indication with a valid but not permitted PDU (sections 2.3.5.4.4.1 and 2.3.5.6.4.1),
2:  receipt of a D-END Confirmation with a valid but not permitted PDU (sections 2.3.5.4.4.2 and 2.3.5.6.4.2)
3: receipt of a D-DATA indication without a PDU is the User Data (need new section)

In addition the QOS error checking is handled inefficiently, setting up a test that always fails.

The impacts of not correcting the SARPs may result in safety and interoperability problems, where an error can cause the system to go to an indeterminate state.  Therefore this situation must be addressed.  It can, however, be addressed with minimal ASN.1 changes (making use of the extensibility).

Assigned SME:

Proposed SARPs amendment:

1.  Change CPDLCProviderAbortReason in 2.3.4 as from:

CPDLCProviderAbortReason ::= ENUMERATED
	{
	timer-expired					(0),
	undefined-error					(1),
	invalid-PDU						(2),
	not-permitted-PDU					(3),
	communication-service-error			(4),
	communication-service-failure			(5),
	invalid-QOS-parameter				(6),
	...
	}

To:

CPDLCProviderAbortReason ::= ENUMERATED
	{
	timer-expired					(0),
	undefined-error					(1),
	invalid-PDU						(2),
	not-permitted-PDU					(3),
	communication-service-error			(4),
	communication-service-failure			(5),
	invalid-QOS-parameter				(6),
	expected-PDU-missing				(7),
	...
	}

2. Modify section 2.3.5.4.4.1 from:

2.3.5.4.4.1	If the User Data parameter of a D-START indication or D-DATA indication is a valid PDU, but is not a PDU for which action is described within a given time in 2.3.5.3, the CPDLC-air-ASE shall:

To:

2.3.5.4.4.1	If the User Data parameter of a D-START indication, D-DATA indication, or D-END indication is a valid PDU, but is not a PDU for which action is described within a given state in 2.3.5.3, the CPDLC-air-ASE shall:

3. Modify section 2.3.5.6.4.1 from:

2.3.5.6.4.1	If the User Data parameter of a D-START indication or D-DATA indication is a valid PDU, but is not a PDU for which action is described within a given state in 2.3.5.5, the CPDLC-ground-ASE shall:

To:

2.3.5.6.4.1	If the User Data parameter of a D-START indication, D-DATA indication, or D-END indication is a valid PDU, but is not a PDU for which action is described within a given state in 2.3.5.5, the CPDLC-ground-ASE shall:

4. Modify 2.3.5.4.4.2 from 

2.3.5.4.4.2	If the User Data parameter of a D-START confirmation is a valid PDU, but is not a permitted PDU as defined in 2.3.5.3, the CPDLC-air-ASE shall:
a) If the D-START Result parameter is set to the abstract value "accepted", then

To:

2.3.5.4.4.2	If the User Data parameter of a D-START confirmation is not a permitted PDU, or is a valid PDU, but is not a permitted PDU, or of the User Data parameter of a D-END confirmation is a valid PDU, but is not a permitted PDU as defined in 2.3.5.3, the CPDLC-air-ASE shall:
a) If the D-START Result parameter is set to the abstract value "accepted" or if the D-END Result parameter is set to the abstract value "rejected", then

Add the following note at end of section 2.3.5.4.4.2:
Note:  For CPDLC a PDU is never permitted in a D-START User Data parameter when the Result parameter has the value "accepted".

4. Modify 2.3.5.6.4.2 from 

2.3.5.6.4.2	If the User Data parameter of a D-START confirmation is a valid PDU, but is not a permitted PDU as defined in 2.3.5.5, the CPDLC-ground-ASE shall:
a) Stop any timer,
b) If the D-START Result parameter is set to the abstract value "accepted", then

To:

2.3.5.6.4.2	If the User Data parameter of a D-START confirmation is not a permitted PDU, or is a valid PDU, but is not a permitted PDU, or of the User Data parameter of a D-END confirmation is a valid PDU, but is not a permitted PDU as defined in 2.3.5.5, the CPDLC-air-ASE shall:
a)Stop any timer,
b) If the D-START Result parameter is set to the abstract value "accepted" or if the D-END Result parameter is set to the abstract value "rejected", then
Add the following note at end of section 2.3.5.4.4.2:
Note:  For CPDLC a PDU is never permitted in a D-START User Data parameter when the Result parameter has the value "accepted".

5. Add new section 2.3.5.4.7 as follows:

2.3.5.4.7	Expected PDU Missing

2.3.5.4.7.1	If the User Data parameter of a D-DATA indication does not contain a PDU, the CPDLC-air-ASE shall:
	a)	Stop any timer,
b)	Create an AircraftPDUs APDU with a CPDLCProviderAbortReason [expected-PDU-missing] APDU message element,
	c)	Invoke D-ABORT request with:
1)	the abstract value "provider" as the D-ABORT Originator parameter value, and
			2)	the APDU as the D-ABORT User Data parameter value, and
d)	If the CPDLC-air-user is an active user, invoke CPDLC-provider-abort service indication with the abstract value "expected-PDU-missing" as the CPDLC-provider abort service Reason parameter value,
e)	If DSC has the abstract value "true", set DSC to the abstract value "false", and
	f)	Enter the IDLE state.
	
6. Add new section 2.3.5.6.7 as follows:

2.3.5.6.7	Expected PDU Missing

2.3.5.6.7.1	If the User Data parameter of a D-DATA indication does not contain a PDU, the CPDLC-ground-ASE shall:
	a)	Stop any timer,
b)	Create an GroundPDUs APDU with a CPDLCProviderAbortReason [expected-PDU-missing] APDU message element,
	c)	Invoke D-ABORT request with:
1)	the abstract value "provider" as the D-ABORT Originator parameter value, and
			2)	the APDU as the D-ABORT User Data parameter value, and
d)	If the CPDLC-ground-user is an active user, invoke CPDLC-provider-abort service indication with the abstract value "expected-PDU-missing" as the CPDLC-provider abort service Reason parameter value,
e)	If DSC has the abstract value "true", set DSC to the abstract value "false", and
	f)	Enter the IDLE state.

7. Modify section 2.3.5.4.6.1 from:

2.3.5.4.6.1	If a D-START indication QOS Priority parameter does not have the abstract value of "high priority flight safety message" or if the QOS Residual Error Rate parameter does not have the abstract value of "low", the CPDLC-air-ASE shall:

		a)	Stop any timer,

b)	If the CPDLC-air-user is an active user, invoke CPDLC-provider-abort service indication with the CPDLC-provider-abort service Reason parameter set to the abstract value "invalid-QOS-parameter",

c)	If DSC has the abstract value "true", set DSC to the abstract value "false", and

		d)	Enter the IDLE state.

To:

2.3.5.4.6.1	If a D-START indication QOS Priority parameter does not have the abstract value of "high priority flight safety messages" or if the QOS Residual Error Rate parameter does not have the abstract value of "low", the CPDLC-air-ASE shall:

		a)	Stop any timer,

b)	Create an AircraftPDUs APDU with a CPDLCProviderAbortReason [invalid-QOS-parameter] APDU message element,

		c)	Invoke D-ABORT request with:

			1) the abstract value "provider" as the D-ABORT Originator 			parameter value, and

			2) the APDU as the D-ABORT User Data parameter value,

		d)	If DSC has the abstract value "true", set DSC to the abstract 			value "false", and

		e)	Enter the IDLE state.

8. Modify section 2.3.5.6.6.1 from:

2.3.5.6.6.1	If a D-START indication QOS Priority parameter does not have the abstract value of "high priority flight safety message" or if the QOS Residual Error Rate parameter does not have the abstract value of "low", the CPDLC-ground-ASE shall:

		a)	Stop any timer,

b)	If the CPDLC-air-user is an active user, invoke CPDLC-provider-abort service indication with the CPDLC-provider-abort service Reason parameter set to the abstract value "invalid-QOS-parameter",

c)	If DSC has the abstract value "true", set DSC to the abstract value "false", and

		d)	Enter the IDLE state.

To:

2.3.5.6.6.1	If a D-START indication QOS Priority parameter does not have the abstract value of "high priority flight safety messages" or if the QOS Residual Error Rate parameter does not have the abstract value of "low", the CPDLC-ground-ASE shall:

		a)	Stop any timer,

b)	Create a GroundPDUs APDU with a CPDLCProviderAbortReason [invalid-QOS-parameter] APDU message element,

		c)	Invoke D-ABORT request with:

			1) the abstract value "provider" as the D-ABORT Originator 			parameter value, and

			2) the APDU as the D-ABORT User Data parameter value,

		d)	If DSC has the abstract value "true", set DSC to the abstract 			value "false", and

		e)	Enter the IDLE state.

SME Recommendation to CCB: 			-

CCB Decision:					CCB-3: RESOLVED