Title: SV2 - Missing Exception Handling Procedure PDR Reference: 98110002 Originator Reference: - SARPs Document Reference: CM, CPDLC, ADS and FIS SARPs, see below Status: RESOLVED Impact: C (Clarification) PDR Revision Date: 18/01/99 (PROPOSED -> RESOLVED) 14/12/98 (SUBMITTED -> PROPOSED): scope of the PDR extended from ADS to all air/ground applications 30/11/98 (SUBMITTED -> ACCEPTED) Submitting State/Organization: SME2 Team (on behalf of ACI) Submitting Author Name: Picard, F Submitting Author E-mail Address: PICARD_Frederic@stna.dgac.fr Submitting Author Supplemental Contact Information: SARPs Date: ICAO ATNP Version 2.3 - Doc 9705 Ed. 1 SARPs Language: English Summary of Defect: There is a generic clause indicating what an ASE shall do when it receives from the peer a PDU which should not have been sent. There is no such clause for the case the ASE receives a dialogue service primitive which should not have been invoked by the peer or a with a not expected parameter. For instance: . the CM-ground-ASE shall abort the dialogue upon receipt of a D-END indication (dialogue release is always ground-initiated). . the ADS-ground-ASE shall abort the dialogue upon receipt of a D-END indication (dialogue release is always ground initiated). . the initiating ARF-ASE shall abort the dialogue upon receipt of a D-END indication (dialogue release is always initiated by the initiating ARF-ASE). . the FIS-air-ASE shall abort the dialogue upon receipt of a D-END indication (dialogue release is always air initiated). . the CM/ADS/FIS ground-ASEs shall abort the dialogue upon receipt of a D-START indication containing as parameter a 4 to 8 character ICAO ground facility designation. . the CM/CPDLC/ADS/FIS air-ASEs shall abort the dialogue upon receipt of a D-START indication containing as parameter a 24 bit aircraft id. A new clause in the Exception Handling section must be added to cover all the cases where the ASEs receive an unexpected dialogue service primitive or an unexpected parameter. Assigned SME: Sub-Volume II SME Proposed SARPs amendment: I - CM ====== Rationale: to not change the bit-on-the-wire, rename the abort reason "not-permitted-PDU" to "protocol-error" and use this reason to cover the reception of a invalid PDU and the reception of an invalid dialogue service primitive. 1/ In section 2.1.4.2.1, change in the ASN.1 type definition CMAbortReason from not-permitted-PDU (3), to: protocol-error (3), 2/ Change Section 2.1.5.3.1.2 from: 2.1.5.3.1.2 Upon receipt of a PDU, if no actions are described for the arrival of that PDU when a CM-ASE is in a specific state, then that PDU is considered not permitted and exception handling procedures as described in 2.1.5.4.4 shall apply. to: 2.1.5.3.1.2 Upon receipt of a PDU or dialogue service primitive, if no actions are described for their arrival when a CM-ASE is in a specific state, then they are considered not permitted and exception handling procedures as described in 2.1.5.4.4 shall apply. 3/ change title of section 2.1.5.4.4 from: Not Permitted PDU to: Not Permitted PDU or Dialogue Service Primitive 4/ Change in section 2.1.5.4.4.1 b) and c) from [not-permitted-PDU] to [protocol-error] 5/ Change in section 2.1.5.4.4.1 e) from "not-permitted-PDU" to "protocol-error" 6/ Change in section 2.1.5.4.4.2 b) 1) and b) 2) from [not-permitted-PDU] to [protocol-error] 7/ Change in section 2.1.5.4.4.2 c) from "not-permitted-PDU" to "protocol-error" 8/ Add a new section 2.1.5.4.4.3 as follows (): 2.1.5.4.4.3 Upon receipt of a Dialogue service primitive for which there are no instruction in 2.1.5.3 (i.e. the primitive was not expected or was expected under other conditions or with other parameter values), the CM-ASE shall: a) stop all timers, b) if the CM-ASE is a CM-air-ASE, create a CMAircraftMessage APDU with a cmAbortReason [protocol-error] APDU message element, c) if the CM-ASE is a CM-ground-ASE, create a CMGroundMessage APDU with a cmAbortReason [protocol-error] APDU message element, d) if a dialogue exists, invoke D-ABORT request with: 1) the abstract value "provider" as the D-ABORT parameter value, and 2) the APDU as the D-ABORT parameter value, e) if the CM-user is an active user, invoke CM-provider-abort service indication with the abstract value "protocol-error" as the CM-provider-abort parameter value, and f) enter the state. II - ADS ======== Rationale: use the abort reason "sequence error" to cover the reception of an invalid dialogue service primitive. 3/ change title of section 2.2.1.5.3.3 from: Possible errors arising upon Receipt of an APDU to: Possible errors arising upon Receipt of an APDU or a Dialogue Service Primitive 4/ Change Section 2.2.1.5.3.3.2 from: 2.2.1.5.3.3.2 Upon receipt of an APDU, if no actions are described for the arrival of that APDU when in a particular state, then exception handling procedures as described in 2.2.1.5.4.4 shall apply. to: 2.2.1.5.3.3.2 Upon receipt of an APDU or dialogue service primitive, if no actions are described for their arrival when in a specific state, then exception handling procedures as described in 2.2.1.5.4.4 shall apply. 5/ Add section 2.2.1.5.4.4.2 (: 2.2.1.5.4.4.2 Upon receipt of a Dialogue service primitive for which there are no instruction in 2.2.1.5.3 (i.e. the primitive was not expected or was expected under other conditions or with other parameter values), the air or ground AB module shall be requested to abort with reason . III - ARF ========= Rationale: use the abort reason "sequence error" to cover the reception of an invalid dialogue service primitive. 6/ Change Section 2.2.2.5.3.2 from: 2.2.2.5.3.2 Upon receipt of an APDU, if no actions are described for the arrival of that APDU when in a particular state, then exception handling procedures as described in 2.2.2.5.4.4 shall apply. to: 2.2.2.5.3.2 Upon receipt of an APDU or dialogue service primitive, if no actions are described for their arrival when in a specific state, then exception handling procedures as described in 2.2.2.5.4.4 shall apply. 7/ Add section 2.2.2.5.4.4.2 (: 2.2.2.5.4.4.2 When a Dialogue service primitive is received by the ADS-RF-ASE for which there are no instruction in 2.2.2.5.3 (i.e. the primitive was not expected or was expected under other conditions or with other parameter values), it shall: a) invoke D-ABORT request with parameter value and parameter value aDS-provider-abort-PDU with value , b) if not in the ADS-R-IDLE state or ADS-I-IDLE state, invoke ADS-provider-abort indication with reason , and c) if the initiator, enter the RF-I-IDLE state; if the responder, enter the RF-R-IDLE state. 7a/ Change in section 2.2.2.5.4.4.1 a) from: and parameter value , to: and parameter value aDS-provider-PDU with value , IV - CPDLC ========== Rationale: to not change the bit-on-the-wire, rename the abort reason "not-permitted-PDU" to "protocol-error" and use this reason to cover the reception of a invalid PDU and the reception of an invalid dialogue service primitive. 8/ In section 2.3.4.2.1, change in the ASN.1 type definition CPDLCProviderAbortReason from not-permitted-PDU (3), to: protocol-error (3), 9/ change title of sections 2.3.5.4.4 and 2.3.5.6.4 from: Not Permitted PDU to: Protocol Error 10/ Change in section 2.3.5.4.4.1 b) from [not-permitted-PDU] to [protocol-error] 11/ Change in section 2.3.5.4.4.1 d) from "not-permitted-PDU" to "protocol-error" 12/ Change in section 2.3.5.4.4.2 b) from [not-permitted-PDU] to [protocol-error] 13/ Change in section 2.3.5.4.4.2 d) from "not-permitted-PDU" to "protocol-error" 14/ Change in section 2.3.5.4.4.3 a) 2) from [not-permitted-PDU] to [protocol-error] 15/ Change in section 2.3.5.4.4.3 b) from "not-permitted-PDU" to "protocol-error" 16/ Add a new section 2.1.5.4.4.4 as follows (): 2.3.5.4.4.4 Upon receipt of a Dialogue service primitive for which there are no instruction in 2.3.5.3 (i.e. the primitive was not expected or was expected under other conditions or with other parameter values), the CPDLC-air-ASE shall: a) Stop any timer, b) Create an AircraftPDUs APDU with a CPDLCProviderAbortReason [protocol-error] APDU message element, c) If a dialogue exists, invoke D-ABORT request with: 1) the abstract value "provider" as the D-ABORT parameter value, and 2) the APDU as the D-ABORT parameter value, d) If the CPDLC-air-user is an active user, invoke CPDLC-provider-abort service indication with the abstract value "protocol-error" as the CPDLC-provider-abort service parameter value, e) If DSC has the abstract value "true", set DSC to the abstract value "false", and f) Enter the state. 17/ Change in section 2.3.5.6.4.1 b) from [not-permitted-PDU] to [protocol-error] 18/ Change in section 2.3.5.6.4.1 d) from "not-permitted-PDU" to "protocol-error" 19/ Change in section 2.3.5.6.4.2 b) from [not-permitted-PDU] to [protocol-error] 20/ Change in section 2.3.5.6.4.2 d) from "not-permitted-PDU" to "protocol-error" 21/ Change in section 2.3.5.6.4.3 b) 1) from [not-permitted-PDU] to [protocol-error] 22/ Change in section 2.3.5.6.4.3 c) from "not-permitted-PDU" to "protocol-error" 23/ Add a new section 2.1.5.6.4.4 as follows (): 2.3.5.6.4.4 Upon receipt of a Dialogue service primitive for which there are no instruction in 2.3.5.5 (i.e. the primitive was not expected or was expected under other conditions or with other parameter values), the CPDLC-ground-ASE shall: a) Stop any timer, b) Create an GroundPDUs APDU with a CPDLCProviderAbortReason [protocol-error] APDU message element, c) If a dialogue exists, invoke D-ABORT request with: 1) the abstract value "provider" as the D-ABORT parameter value, and 2) the APDU as the D-ABORT parameter value, d) If the CPDLC-ground-user is an active user, invoke CPDLC-provider-abort service indication with the abstract value "protocol-error" as the CPDLC-provider-abort service parameter value, e) If DSC has the abstract value "true", set DSC to the abstract value "false", and f) Enter the state. V - FIS ======= Rationale: use the abort reason "protocol error" to cover the reception of an invalid dialogue service primitive. The proposed modification consists in allowing only the FIS-air-ASE to initiate the D-END service and to control that only the FIS-ground-ASE receives a D-END indication. 24/ In note 1 of 2.4.5.3.12, replace: All statements in 2.4.5.3.12 apply to both the FIS ground LI module and the FIs air LI module. by: Except when explicitely indicated, the statements in 2.4.5.3.12 apply to both the FIS ground LI module and the FIs air LI module. 25/In section 2.4.5.3.12.11.1, replace: If in the LI-DIALOGUE state, the LI module shall: by: If in the LI-DIALOGUE state, the LI ground module shall: 26/ In sections 2.4.5.3.12.12.1, 2.4.5.3.12.13.1, 2.4.5.3.12.16.1 and 2.4.5.3.12.17.1, replace: LI module by: LI air module 26a/ (typo) in section 2.4.5.3.12.17, replace LI-1 by t-LI-1. 27/ Add a new section 2.4.5.4.2.2: 2.4.5.4.2.2 Upon receipt of a Dialogue service primitive for which there are no instruction in 2.4.5.3 (i.e. the primitive was not expected or was expected under other conditions or with other parameter values), the LI module shall: a) request the AB module to abort with the reason "protocol error", and b) remain in its current state. 28/ In Table 2.4.5-10/b, replace State "LI-END-I" by "LI-END-I (air LI)" Event "D-END ind" by "D-END ind (ground LI)" Event "D-END cnf positive" by "D-END cnf positive (air LI)" Event "D-END cnf negative" by "D-END cnf negative (air LI)" 29/ In Table 2.4.5-10/a, replace State "LI-END-I" by "LI-END-I (air LI)" Event "t-LI-1" by "t-LI-1 (air LI)" Event "t-INACTIVITY" by "t-INACTIVITY (air LI)" Impact on interoperability: None. This new clause was implicit in Doc 9705 Ed 1. The PDR makes it explicit in the SARPs. SME Recommendation to CCB: CCB Decision: atnp_ccb_chair: SUBMITTED (19/11/98) atnp_ccb_chair: ACCEPTED (30/11/98) atnp_ccb_chair : PROPOSED (14/12/98) CCB-8 (Honolulu): RESOLVED (18/01/98)