ANNEX I B

REQUIREMENTS FOR CONSTRUCTION, TESTING, INSTALLATION AND INSPECTION

CONTENTS

I.

DEFINITIONS

8

II.

GENERAL CHARACTERISTICS AND FUNCTIONS OF THE RECORDING EQUIPMENT

12

1.

General characteristics

12

2.

Functions

12

3.

Modes of operation

13

4.

Security

14

III.

CONSTRUCTION AND FUNCTIONAL REQUIREMENTS FOR RECORDING EQUIPMENT

14

1.

Monitoring cards insertion and withdrawal

14

2.

Speed and distance measurement

14

2.1.

Measurement of distance travelled

15

2.2.

Measurement of speed

15

3.

Time measurement

15

4.

Monitoring driver activities

16

5.

Monitoring driving status

16

6.

Drivers manual entries

16

6.1.

Entry of places where daily work periods begin and/or end

16

6.2.

Manual entry of driver activities

16

6.3.

Entry of specific conditions

18

7.

Company locks management

18

8.

Monitoring control activities

18

9.

Detection of events and/or faults

18

9.1.

“Insertion of a non valid card“ event

18

9.2.

“Card conflict“ event

19

9.3.

“Time overlap“ event

19

9.4.

“Driving without an appropriate card“ event

19

9.5.

“Card insertion while driving“ event

19

9.6.

“Last card session not correctly closed“ event

19

9.7.

“Over speeding“event

19

9.8.

“Power supply interruption“ event

20

9.9.

“Motion data error“ event

20

9.10.

“Security breach attempt“ event

20

9.11.

“Card“ fault

20

9.12.

“Recording equipment“ fault

20

10.

Built-in and self tests

20

11.

Reading from data memory

21

12.

Recording and storing in the data memory

21

12.1.

Equipment identification data

21

12.1.1.

Vehicle Unit identification data

21

12.1.2.

Motion sensor identification data

22

12.2.

Security elements

22

12.3.

Driver card insertion and withdrawal data

22

12.4.

Driver activity data

23

12.5.

Places where daily work periods start and/or end

23

12.6.

Odometer data

23

12.7.

Detailed speed data

23

12.8.

Events data

23

12.9.

Faults data

25

12.10.

Calibration data

26

12.11.

Time adjustment data

26

12.12.

Control activity data

26

12.13.

Company locks data

27

12.14.

Download activity data

27

12.15.

Specific conditions data

27

13.

Reading from tachograph cards

27

14.

Recording and storing on tachograph cards

27

15.

Displaying

28

15.1

Default display

28

15.2.

Warning display

29

15.3.

Menu access

29

15.4.

Other displays

29

16.

Printing

29

17.

Warnings

30

18.

Data downloading to external media

31

19.

Output data to additional external devices

31

20.

Calibration

32

21.

Time adjustment

32

22.

Performance characteristics

32

23.

Materials

32

24.

Markings

33

IV.

CONSTRUCTIONS AND FUNCTIONAL REQUIREMTNS FOR TACHOGRAPH CARDS …

33

1.

Visible data

33

2.

Security

36

3.

Standards

36

4.

Environmental and electrical specifications

36

5.

Data storage

36

5.1.

Card identification and security data

37

5.1.1.

Application identification

37

5.1.2.

Chip identification

37

5.1.3.

IC card identification

37

5.1.4.

Security elements

37

5.2.

Driver card

37

5.2.1.

Card identification

37

5.2.2.

Card holder identification

38

5.2.3.

Driving licence information

38

5.2.4.

Vehicles used data

38

5.2.5.

Driver activity data

38

5.2.6.

Places where daily periods start and/or end

39

5.2.7.

Events data

39

5.2.8.

Faults data

40

5.2.9.

Control activity data

40

5.2.10.

Card session data

40

5.2.11.

Secific conditions data …

40

5.3.

Workshop card

41

5.3.1.

Security elements

41

5.3.2.

Card identification

41

5.3.3.

Card holder identification

41

5.3.4.

Vehicles' used data

41

5.3.5.

Driver activity data

41

5.3.6.

Daily work periods start and/or end data

41

5.3.7.

Events and faults data

41

5.3.8.

Control activity data

41

5.3.9.

Calibration and time adjustment data

42

5.3.10.

Specific conditions data

42

5.4.

Control card

42

5.4.1.

Card identification

42

5.4.2.

Card holder identification

42

5.4.3.

Control activity data

42

5.5.

Company card

43

5.5.1.

Card identification

43

5.5.2.

Card holder identification

43

5.5.3.

Company activity data

43

V.

INSTALATION OF RECORDING EQUIPMENT

43

1.

Installation

43

2.

Installation plaque

44

3.

Sealing

44

VI.

CHECKS; INSPECTIONS AND REPAIRS

45

1.

Approval of fitters or workshops

45

2.

Check of new or repaired instruments

45

3.

Installation inspection

45

4.

Periodic inspections

45

5.

Measurement of errors

46

6.

Repairs

46

VII.

CARD ISSUING

46

VIII.

TYPE APPROVAL OF RECORDING EQUIPMENT AND TACHOGRAPH CARDS

46

1.

General points

46

2.

Security certificate

47

3.

Funtctional certificate

47

4.

Interoperability certificate

47

5.

Type approval certificate

48

6.

Exceptional procedure: first interoperability tests

48

Appendix 1.

Data dictionary

Appendix 2.

Tachograph cards specification

Appendix 3.

Pictograms

Appendix 4.

Printouts

Appendix 5.

Display

Appendix 6.

External interfaces

Appendix 7.

Data downloading protocol

Appendix 8.

Calibration protocol

Appendix 9.

TYPE APPROVAL — LIST OF MINIMUM REQUIRED TESTS

Appendix 10.

GENERIC SECURITY TARGETS

Appendix 11.

COMMON SECURITY MEACHANISMS

I.   DEFINITIONS

In this Annex:

(a)    “activation“ means : phase where the recording equipment becomes fully operational and implements all functions, including security functions;

Activating a recording equipment requires the use of a workshop card and the entry of its PIN code;

(b)    “authentication“ means : a function intended to establish and verify a claimed identity;

(c)    “authenticity“ means : the property that an information is coming from a party whose identity can be verified;

(d)    “built-in-test (BIT)“ means : tests run at request, triggered by the operator or by an external equipment;

(e)    “calendar day“ means : a day ranging from 00.00 hours to 24.00 hours. All calendar days relate to UTC time (universal time coordinated);

(f)    “calibration“ means : updating or confirming vehicle parameters to be held in the data memory. Vehicle parameters include vehicle identification (VIN, VRN and registering Member State) and vehicle characteristics (w, k, l, tyre size, speed limiting device setting (if applicable), current UTC time, current odometer value);

calibrating a recording equipment requires the use of a workshop card;

(g)    “card number“ means : a 16 alpha-numerical characters number that uniquely identifies a tachograph card within a Member State. The card number includes a consecutive index (if applicable), a replacement index and a renewal index;

a card is therefore uniquely identified by the code of the issuing Member State and the card number;

(h)    “card consecutive index“ means : the 14th alpha-numerical character of a card number that is used to differentiate the different cards issued to a company or a body entitled to be issued several tachograph cards. The company or the body is uniquely identified by the 13 first characters of the card number;

(i)    “card renewal index“ means : the 16th alpha-numerical character of a card number which is incremented each time a tachograph card is renewed;

(j)    “card replacement index“ means : the 15th alpha-numerical character of a card number which is incremented each time a tachograph card is replaced;

(k)    “characteristic coefficient of the vehicle“ means : the numerical characteristic giving the value of the output signal emitted by the part of the vehicle linking it with the recording equipment (gearbox output shaft or axle) while the vehicle travels a distance of one kilometre under standard test conditions (see Chapter VI(5)). The characteristic coefficient is expressed in impulses per kilometre (w = … imp/km);

(l)    “company card“ means : a tachograph card issued by the authorities of a Member State to the owner or holder of vehicles fitted with recording equipment;

the company card identifies the company and allows for displaying, downloading and printing of the data stored in the recording equipment which has been locked by this company;

(m)    “constant of the recording equipment“ means : the numerical characteristic giving the value of the input signal required to show and record a distance travelled of one kilometre; this constant shall be expressed in impulses per kilometre (k = … imp/km);

(n)    “continuous driving time“ is computed within the recording equipment as  (1) : the continuous driving time is computed as the current accumulated driving times of a particular driver, since the end of his last AVAILABILITY or BREAK/REST or UNKNOWN (2)

(o)    “control card“ means : a tachograph card issued by the authorities of a Member State to a national competent control authority;

the control card identifies the control body and possibly the control officer and allows for getting access to the data stored in the data memory or in the driver cards for reading, printing and/or downloading;

(p)    “cumulative break time“ is computed within the recording equipment as  (1) : the cumulative break from driving time is computed as the current accumulated AVAILABILITY or BREAK/REST or UNKNOWN (2) times of 15 minutes or more of a particular driver, since the end of his last AVAILABILITY or BREAK/REST or UNKNOWN (2) period of 45 minutes or more (this period may have been split in several periods of 15 minutes or more).

The computations involved take into account, as needed, past activities stored on the driver card. Unknown periods of negative duration (start of unknown period > end of unknown period) due to time overlaps between two different recording equipments, are not taken into account for the computation.

When the driver has not inserted his card, the computations involved are based on the data memory recordings related to the current period where no card was inserted and related to the relevant slot;

(q)    “data memory“ means : an electronic data storage device built into the recording equipment;

(r)    “digital signature“ means : data appended to, or a cryptographic transformation of, a block of data that allows the recipient of the block of data to prove the authenticity and integrity of the block of data;

(s)    “downloading“ means : copying together with digital signature of a part or of a complete set of data stored in the data memory of the vehicle or in the memory of a tachograph card;

downloading may not alter or delete any stored data;

(t)    “driver card“ means : a tachograph card issued by the authorities of a Member State to a particular driver;

the driver card identifies the driver and allows for storage of driver activity data;

(u)    “effective circumference of the wheel tyres“ means : the average of the distances travelled by each of the wheels moving the vehicle (driving wheels) in the course of one complete rotation. The measurement of these distances shall be made under standard test conditions (Chapter VI(5)) and is expressed in the form “l = … mm“. Vehicle manufacturers may replace the measurement of these distances by a theoretical calculation which takes into account the distribution of the weight on the axles, vehicle unladen in normal running order (3). The methods for such theoretical calculation will be approved by a competent Member State authority;

(v)    “event“ means : abnormal operation detected by the recording equipment which may come from a fraud attempt;

(w)    “fault“ means : abnormal operation detected by the recording equipment which may come from an equipment malfunction or failure;

(x)    “installation“ means : mounting of the recording equipment in a vehicle;

(y)    “motion sensor“ means : part of the recording equipment, providing a signal representative of vehicle speed and/or distance travelled;

(z)    “non valid card“ means : a card detected as faulty, or which initial authentication failed, or which start of validity date is not yet reached, or which expiry date has passed;

(aa)    “out of scope“ means : when the use of the recording equipment is not required, according to the provisions of Council Regulation (EEC) No 3820/85;

(bb)    “over speeding“ means : exceeding the authorised speed of the vehicle, defined as any period of more than 60 seconds during which the vehicle's measured speed exceeds the limit for setting the speed limitation device laid down in Council Directive 92/6/EEC of 10 February 1992 on the installation and use of speed limitation devices for certain categories of motor vehicles in the Community (4);

(cc)    “periodic inspection“ means : set of operations performed to control that the recording equipment works properly and that its settings correspond to the vehicle parameters;

(dd)    “printer“ means : component of the recording equipment which provides printouts of stored data;

(ee)    “recording equipment“ means : the total equipment intended for installation in road vehicles to show, record and store automatically or semi-automatically details of the movement of such vehicles and of certain work periods of their drivers;

(ff)    “renewal“ means : issue of a new tachograph card when an existing card reaches its expiry date, or is malfunctioning and has been returned to the issuing authority. Renewal always implies the certainty that two valid cards do not co-exist;

(gg)    “repair“ means : any repair of a motion sensor or of a vehicle unit that requires disconnection of its power supply, or disconnection from other recording equipment components, or opening of it;

(hh)    “replacement“ means : issue of a tachograph card in replacement of an existing card, which has been declared lost, stolen or malfunctioning and has not been returned to the issuing authority. Replacement always implies a risk that two valid cards may co-exist;

(ii)    “security certification“ means : process to certify, by an ITSEC (5) certification body, that the recording equipment (or component) or the tachograph card under investigation fulfils the security requirements defined in Appendix 10 Generic security targets;

(jj)    “self test“ means : tests run cyclically and automatically by the recording equipment to detect faults;

(kk)    “tachograph card“ means : smart card intended for use with the recording equipment. Tachograph cards allow for identification by the recording equipment of the identity (or identity group) of the cardholder and allow for data transfer and storage. A tachograph card may be of the following types:

—	driver card,

—	control card,

—	workshop card,

—	company card;

(ll)    “type approval“ means : process to certify, by a Member State, that the recording equipment (or component) or the tachograph card under investigation fulfils the requirements of this regulation;

(mm)    “tyre size“ means : the designation of the dimensions of the tyres (external driving wheels) in accordance with Directive 92/23/EEC of 31 march 1992 (6);

(nn)    “vehicle identification“ means : numbers identifying the vehicle: vehicle registration number (VRN) with indication of the registering Member State and vehicle identification number (VIN) (7);

(oo)    “vehicle unit (VU)“ means : the recording equipment excluding the motion sensor and the cables connecting the motion sensor. The vehicle unit may either be a single unit or be several units distributed in the vehicle, as long as it complies with the security requirements of this regulation;

(pp)    for computing sake in the recording equipment “week“ means : the period between 00.00 hours UTC on Monday and 24.00 UTC on Sunday;

(qq)    “workshop card“ means : a tachograph card issued by the authorities of a Member State to a recording equipment manufacturer, a fitter, a vehicle manufacturer or workshop, approved by that Member State.

The workshop card identifies the cardholder and allows for testing, calibration and/or downloading of the recording equipment;

II.   GENERAL CHARACTERISTICS AND FUNCTIONS OF THE RECORDING EQUIPMENT

000
Any vehicle fitted with the recording equipment complying with the provisions of this Annex, must include a speed display and an odometer. These functions may be included within the recording equipment.

1.   General characteristics

The purpose of the recording equipment is to record, store, display, print, and output data related to driver activities.

001
The recording equipment includes cables, a motion sensor, and a vehicle unit.

002
The vehicle unit includes a processing unit, a data memory, a real time clock, two smart card interface devices (driver and co-driver), a printer, a display, a visual warning, a calibration/downloading connector, and facilities for entry of user's inputs.

The recording equipment may be connected to other devices through additional connectors.

003
Any inclusion in or connection to the recording equipment of any function, device, or devices, approved or otherwise, shall not interfere with, or be capable of interfering with, the proper and secure operation of the recording equipment and the provisions of the Regulation.

Recording equipment users identify themselves to the equipment via tachograph cards.

004
The recording equipment provides selective access rights to data and functions according to user's type and/or identity.

The recording equipment records and stores data in its data memory and in tachograph cards.

This is done in accordance with Directive 95/46/EC of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (8).

2.   Functions

005
The recording equipment shall ensure the following functions:

—	monitoring cards insertions and withdrawals,

—	speed and distance measurement,

—	time measurement,

—	monitoring driver activities,

—	monitoring driving status,

—	drivers manual entries: — entry of places where daily work periods begin and/or end, — manual entry of driver activities, — entry of specific conditions,

—	company locks management,

—	monitoring control activities,

—	detection of events and/or faults,

—	built-in and self tests,

—	reading from data memory,

—	recording and storing in data memory,

—	reading from tachograph cards,

—	recording and storing in tachograph cards,

—	displaying,

—

printing,

—

warning,

—	data downloading to external media,

—	output data to additional external devices,

—	calibration,

—	time adjustment.

3.   Modes of operation

006
The recording equipment shall possess four modes of operation:

—	operational mode,

—	control mode,

—	calibration mode,

—	company mode.

007
The recording equipment shall switch to the following mode of operation according to the valid tachograph cards inserted into the card interface devices:

Mode of operation		Driver slot
		No card	Driver card	Control card	Workshop card	Company card
Co-driver slot	No card	Operational	Operational	Control	Calibration	Company
	Driver card	Operational	Operational	Control	Calibration	Company
	Control card	Control	Control	Control (9)	Operational	Operational
	Workshop card	Calibration	Calibration	Operational	Calibration (9)	Operational
	Company card	Company	Company	Operational	Operational	Company (9)

009
The recording equipment shall ignore non-valid cards inserted, except displaying, printing or downloading data held on an expired card which shall be possible.

010
All functions listed in II.2. shall work in any mode of operation with the following exceptions:

—	the calibration function is accessible in the calibration mode only,

—	the time adjustment function is limited when not in the calibration mode,

—	the driver manual entries functions are accessible in operational or calibration modes only,

—	the company locks management function is accessible in the company mode only,

—	the monitoring of control activities function is operational in the control mode only,

—	the downloading function is not accessible in the operational mode (except as provided for in Requirement 150).

011
The recording equipment can output any data to display, printer or external interfaces with the following exceptions:

—

in the operational mode, any personal identification (surname and first name(s)) not corresponding to a tachograph card inserted shall be blanked and any card number not corresponding to a tachograph card inserted shall be partially blanked (every odd character — from left to right — shall be blanked),

—	in the company mode, driver related data (requirements 081, 084 and 087) can be output only for periods not locked by another company (as identified by the first 13 digits of the company card number),

—	when no card is inserted in the recording equipment, driver related data can be output only for the current and eight previous calendar days.

4.   Security

The system security aims at protecting the data memory in such a way as to prevent unauthorised access to and manipulation of the data and detecting any such attempts, protecting the integrity and authenticity of data exchanged between the motion sensor and the vehicle unit, protecting the integrity and authenticity of data exchanged between the recording equipment and the tachograph cards, and verifying the integrity and authenticity of data downloaded.

012
In order to achieve the system security, the recording equipment shall meet the security requirements specified in the motion sensor and vehicle unit generic security targets (Appendix 10).

III.   CONSTRUCTION AND FUNCTIONAL REQUIREMENTS FOR RECORDING EQUIPMENT

1.   Monitoring cards insertion and withdrawal

013
The recording equipment shall monitor the card interface devices to detect card insertions and withdrawals.

014
Upon card insertion the recording equipment shall detect whether the card inserted is a valid tachograph card and in such a case identify the card type.

015
The recording equipment shall be so designed that the tachograph cards are locked in position on their proper insertion into the card interface devices.

016
The release of tachograph cards may function only when the vehicle is stopped and after the relevant data have been stored on the cards. The release of the card shall require positive action by the user.

2.   Speed and distance measurement

017
This function shall continuously measure and be able to provide the odometer value corresponding to the total distance travelled by the vehicle.

018
This function shall continuously measure and be able to provide the speed of the vehicle.

019
The speed measurement function shall also provide the information whether the vehicle is moving or stopped. The vehicle shall be considered as moving as soon as the function detects more than 1 imp/sec for at least five seconds from the motion sensor, otherwise the vehicle shall be considered as stopped.

Devices displaying speed (speedometer) and total distance travelled (odometer) installed in any vehicle fitted with a recording equipment complying with the provisions of this Regulation, shall comply with the requirements relating to maximum tolerances laid down in this Annex (Chapters III(2)(1) and III(2)(2)).

2.1.   Measurement of distance travelled

020
The distance travelled may be measured either:

—	so as to cumulate both forward and reverse movements, or

—	so as to include only forward movement.

021
The recording equipment shall measure distance from 0 to 9 999 999,9 km.

022
Distance measured shall be within the following tolerances (distances of at least 1 000 m):

—	± 1 % before installation,

—	± 2 % on installation and periodic inspection,

—	± 4 % in use.

023
Distance measured shall have a resolution better than or equal to 0,1 km.

2.2.   Measurement of speed

024
The recording equipment shall measure speed from 0 to 220 km/h.

025
To ensure a maximum tolerance on speed displayed of ± 6 km/h in use, and taking into account:

—	a ± 2 km/h tolerance for input variations (tyre variations, …),

—	a ± 1 km/h tolerance in measurements made during installation or periodic inspections,

the recording equipment shall, for speeds between 20 and 180 km/h, and for characteristic coefficients of the vehicle between 4 000 and 25 000 imp/km, measure the speed with a tolerance of ± 1 km/h (at constant speed).

Note: The resolution of data storage brings an additional tolerance of ± 0,5 km/h to speed stored by the recording equipment.

025a
The speed shall be measured correctly within the normal tolerances within 2 seconds of the end of a speed change when the speed has changed at a rate up to 2 m/s2.

026
Speed measurement shall have a resolution better than or equal to 1 km/h.

3.   Time measurement

027
The time measurement function shall measure permanently and digitally provide UTC date and time.

028
UTC date and time shall be used for dating throughout the recording equipment (recordings, printouts, data exchange, display, …).

029
In order to visualise the local time, it shall be possible to change the offset of the time displayed, in half hour steps.

030
Time drift shall be within ± 2 seconds per day in type approval conditions.

031
Time measured shall have a resolution better than or equal to 1 second.

032
Time measurement shall not be affected by an external power supply cut-off of less than 12 months in type approval conditions.

4.   Monitoring driver activities

033
This function shall permanently and separately monitor the activities of one driver and one co-driver.

034
Driver activity shall be DRIVING, WORK, AVAILABILITY, or BREAK/REST.

035
It shall be possible for the driver and/or the co-driver to manually select WORK, AVAILABILITY, or BREAK/REST.

036
When the vehicle is moving, DRIVING shall be selected automatically for the driver and AVAILABILITY shall be selected automatically for the co-driver.

037
When the vehicle stops, WORK shall be selected automatically for the driver.

038
The first change of activity arising within 120 seconds of the automatic change to WORK due to the vehicle stop shall be assumed to have happened at the time of vehicle stop (therefore possibly cancelling the change to WORK).

039
This function shall output activity changes to the recording functions at a resolution of one minute.

040
Given a calendar minute, if any DRIVING activity has occurred within the minute, the whole minute shall be regarded as DRIVING.

041
Given a calendar minute, if any DRIVING activity has occurred within both the immediately preceding and the immediately succeeding minute, the whole minute shall be regarded as DRIVING.

042
Given a calendar minute that is not regarded as DRIVING according to previous requirements, the whole minute shall be regarded to be of the same type of activity as the longest continuous activity within the minute (or the latest of the equally longest).

043
This function shall also permanently monitor the continuous driving time and the cumulative break time of the driver.

5.   Monitoring driving status

044
This function shall permanently and automatically monitor the driving status.

045
The driving status CREW shall be selected when two valid driver cards are inserted in the equipment, the driving status SINGLE shall be selected in any other case.

6.   Drivers manual entries

6.1.   Entry of places where daily work periods begin and/or end

046
This function shall allow for the entry of places where the daily work periods begin and/or end for a driver and/or a co-driver.

047
Places are defined as the country and, in addition where applicable, the region.

048
At the time of a driver (or workshop) card withdrawal, the recording equipment shall prompt the (co-)driver to enter a “place where the daily work period ends“.

049
The recording equipment shall allow this request to be disregarded.

050
It shall be possible to input places where daily work periods begin and/or end without card or at times other than card insertion or withdrawal.

6.2.   Manual entry of driver activities

050a
Upon driver (or workshop) card insertion, and only at this time, the recording equipment shall:

—	remind the cardholder the date and time of his last card withdrawal, and

—	ask the cardholder to identify if the current insertion of the card represents a continuation of the current daily work period.

The recording equipment shall allow the cardholder to disregard the question without answering, or to answer positively, or to answer negatively:

—

in the case where the cardholder disregards the question, the recording equipment shall prompt the cardholder for a “place where the daily work period begins“. The recording equipment shall allow this request to be disregarded. If a location is entered, then it shall be recorded, in the data memory and in the tachograph card, and related to the card insertion time,

—

in the case of a negative or positive answer, the recording equipment shall invite the cardholder to enter activities manually, with their dates and times of beginning and end, among WORK, AVAILABILITY, or BREAK/REST only, strictly included within the period last card withdrawal — current insertion only, and without allowing such activities to overlap mutually. This shall be done in accordance with the following procedures: — in the case where the cardholder answers positively to the question, the recording equipment shall invite the cardholder to enter activities manually, in chronological order, for the period last card withdrawal — current insertion. The process shall end when the end time of a manually entered activity equals the card insertion time. — in the case where the cardholder answers negatively to the question, the recording equipment shall: — invite the card holder to enter manually activities in chronological order from the card withdrawal time up to the time of end of the related daily work period (or of the activities related to that vehicle in the case where the daily work period continues on a record sheet). The recording equipment shall therefore, before allowing the cardholder to enter manually each activity, invite the cardholder to identify if the time of end of the last recorded activity represents the end of a previous work period (see note below), Notes: in the case where the cardholder fails to declare when the previous work period ended, and manually enters an activity of which end time equals the card insertion time, the recording equipment shall: — assume that the daily work period ended at the start of the first REST (or remaining UNKNOWN) period after card withdrawal or at the time of card withdrawal if no rest period has been entered (and if no period remains UNKNOWN), — assume that the start time (see below) equals the card insertion time, — proceed through the steps below; — then, if the time of end of the related work period is different from the time of card withdrawal, or if no place of end of daily work period had been entered at that time, prompt the cardholder to “confirm or enter the place where the daily work period ended“ (the recording equipment shall allow this request to be disregarded). If a location is entered, it shall be recorded in the tachograph card only and only if different from the one entered at card withdrawal (if one was entered), and related to the time of end of the work period, — then invite the cardholder to “enter a start time“ of the current daily work period (or of the activities related to the current vehicle in the case where the card holder previously used a record sheet during this period), and prompt the cardholder for a “place where the daily work period begins“ (the recording equipment shall allow this request to be disregarded). If a location is entered, it shall be recorded in the tachograph card and related to this start time. If this start time is equal to the card insertion time, the location shall also be recorded in the data memory, — then, if this start time is different from the card insertion time, invite the cardholder to enter manually activities in chronological order from this start time up to the time of card insertion. The process shall end when the end time of a manually entered activity equals the card insertion time, — the recording equipment shall then allow the card holder to modify any activity manually entered, until validation by selection of a specific command, and thereafter forbid any such modification, — such answers to the initial question followed by no activity entries, shall be interpreted by the recording equipment as if the cardholder had disregarded the question.

During this whole process, the recording equipment shall wait for entries no longer than the following time-outs:

—	if no interaction with the equipment's human machine interface is happening during one minute (with a visual, and possibly audible, warning after 30 seconds) or,

—	if the card is withdrawn or another driver (or workshop) card is inserted or,

—	as soon as the vehicle is moving,

in this case the recording equipment shall validate any entries already made.

6.3.   Entry of specific conditions

050b
The recording equipment shall allow the driver to enter, in real time, the following two specific conditions:

—	“OUT OF SCOPE“ (begin, end)

—	“FERRY/TRAIN CROSSING“

A “FERRY/TRAIN CROSSING“ may not occur if an “OUT OF SCOPE“ condition is opened.

An opened “OUT OF SCOPE“ condition must be automatically closed, by the recording equipment, if a driver card is inserted or withdrawn.

7.   Company locks management

051
This function shall allow the management of the locks placed by a company to restrict data access in company mode to itself.

052
Company locks consist in a start date/time (lock-in) and an end date/time (lock-out) associated with the identification of the company as denoted by the company card number (at lock-in).

053
Locks may be turned “in“ or “out“ in real time only.

054
Locking-out shall only be possible for the company whose lock is “in“ (as identified by the first 13 digits of the company card number), or,

055
locking-out shall be automatic if another company locks in.

055a
In the case where a company locks in and where the previous lock was for the same company, then it will be assumed that the previous lock has not been turned “out“ and is still “in“.

8.   Monitoring control activities

056
This function shall monitor DISPLAYING, PRINTING, VU and card DOWNLOADING activities carried while in control mode.

057
This function shall also monitor OVER SPEEDING CONTROL activities while in control mode. An over speeding control is deemed to have happened when, in control mode, the “over speeding“ printout has been sent to the printer or to the display, or when “events and faults“ data have been downloaded from the VU data memory.

9.   Detection of events and/or faults

058
This function shall detect the following events and/or faults:

9.1.   Insertion of a non-valid card““ event

059
This event shall be triggered at the insertion of any non-valid card and/or when an inserted valid card expires.

060
This event shall be triggered when any of the valid cards combination noted X in the following table arise:

Card conflict		Driver slot
		No card	Driver card	Control card	Workshop card	Company card
Co-driver slot	No card
	Driver card				X
	Control card			X	X	X
	Workshop card		X	X	X	X
	Company card			X	X	X

9.3.   “Time overlap“ event

061
This event shall be triggered when the date/time of last withdrawal of a driver card, as read from the card, is later than the current date/time of the recording equipment in which the card is inserted.

9.4.   “Driving without an appropriate card“ event

062
This event shall be triggered for any tachograph cards combination noted X in the following table, when driver activity changes to DRIVING, or when there is a change of the mode of operation while driver activity is DRIVING:

Driving without an appropriate card		Driver slot
		No (or non-valid) card	Driver card	Control card	Workshop card	Company card
Co-driver slot	No (or non-valid) card	X		X		X
	Driver card	X		X	X	X
	Control card	X	X	X	X	X
	Workshop card	X	X	X		X
	Company card	X	X	X	X	X

9.5.   “Card insertion while driving“ event

063
This event shall be triggered when a tachograph card is inserted in any slot, while driver activity is DRIVING.

9.6.   “Last card session not correctly closed“ event

064
This event shall be triggered when at card insertion the recording equipment detects that, despite the provisions laid down in paragraph III(1), the previous card session has not been correctly closed (the card has been withdrawn before all relevant data have been stored on the card). This event shall be triggered by driver and workshop cards only.

9.7.   “Over speeding“ event

065
This event shall be triggered for each over speeding.

9.8.   “Power supply interruption“ event

066
This event shall be triggered, while not in calibration mode, in case of any interruption exceeding 200 milliseconds of the power supply of the motion sensor and/or of the vehicle unit. The interruption threshold shall be defined by the manufacturer. The drop in power supply due to the starting of the engine of the vehicle shall not trigger this event.

9.9.   “Motion data error“ event

067
This event shall be triggered in case of interruption of the normal data flow between the motion sensor and the vehicle unit and/or in case of data integrity or data authentication error during data exchange between the motion sensor and the vehicle unit.

9.10.   “Security breach attempt“ event

068
This event shall be triggered for any other event affecting the security of the motion sensor and/or of the vehicle unit as specified within the generic security targets of these components, while not in calibration mode.

9.11.   “Card“ fault

069
This fault shall be triggered when a tachograph card failure occurs during operation.

9.12.   “Recording equipment“ fault

070
This fault shall be triggered for any of these failures, while not in calibration mode:

—	VU internal fault,

—	printer fault,

—	display fault,

—	downloading fault,

—	sensor fault.

10.   Built-in and self tests

071
The recording equipment shall self-detect faults through self tests and built-in-tests, according to the following table:

Sub-assembly to test	Self test	Built-in-test
Software		Integrity
Data memory	Access	Access, data integrity
Card interface devices	Access	Access
Keyboard		Manual check
Printer	(up to manufacturer)	Printout
Display		Visual check
Downloading (performed only during downloading)	Proper operation
Sensor	Proper operation	Proper operation

11.   Reading from data memory

072
The recording equipment shall be able to read any data stored in its data memory.

12.   Recording and storing in the data memory

For the purpose of this paragraph,

—

“365 days“ is defined as 365 calendar days of average drivers activity in a vehicle. The average activity per day in a vehicle is defined as at least six drivers or co-drivers, six card insertion withdrawal cycles, and 256 activity changes. “365 days“ therefore include at least 2 190 (co-)drivers, 2 190 card insertion withdrawal cycles, and 93 440 activity changes,

—	times are recorded with a resolution of one minute, unless otherwise specified,

—	odometer values are recorded with a resolution of one kilometre,

—	speeds are recorded with a resolution of 1 km/h.

073
Data stored into the data memory shall not be affected by an external power supply cut-off of less than twelve months in type approval conditions.

074
The recording equipment shall be able to record and store implicitly or explicitly in its data memory the following:

12.1.   Equipment identification data

12.1.1.   Vehicle unit identification data

075
The recording equipment shall be able to store in its data memory the following vehicle unit identification data:

—	name of the manufacturer,

—	address of the manufacturer,

—	part number,

—	serial number,

—	software version number,

—	software version installation date,

—	year of equipment manufacture,

—	approval number.

076
Vehicle unit identification data are recorded and stored once and for all by the vehicle unit manufacturer, except the software-related data and the approval number which may be changed in case of software upgrade.

12.1.2.   Motion sensor identification data

077
The motion sensor shall be able to store in its memory the following identification data:

—	name of the manufacturer,

—	part number,

—	serial number,

—	approval number,

—	embedded security component identifier (e.g. internal chip/processor part number),

—	operating system identifier (e.g. software version number).

078
Motion sensor identification data are recorded and stored once and for all in the motion sensor, by the motion sensor manufacturer.

079
The vehicle unit shall be able to record and store in its data memory the following currently paired motion sensor identification data:

—	serial number,

—	approval number,

—	first pairing date.

12.2.   Security elements

080
The recording equipment shall be able to store the following security elements:

—	European public key,

—	Member State certificate,

—	equipment certificate,

—	equipment private key.

Recording equipment security elements are inserted in the equipment by the vehicle unit manufacturer.

12.3.   Driver card insertion and withdrawal data

081
For each insertion and withdrawal cycle of a driver or workshop card in the equipment, the recording equipment shall record and store in its data memory:

—	the card holder's surname and first name(s) as stored in the card,

—	the card's number, issuing Member State and expiry date as stored in the card,

—	the insertion date and time,

—	the vehicle odometer value at card insertion,

—	the slot in which the card is inserted,

—	the withdrawal date and time,

—	the vehicle odometer value at card withdrawal,

—	the following information about the previous vehicle used by the driver, as stored in the card: — VRN and registering Member State, — card withdrawal date and time,

—	a flag indicating whether, at card insertion, the card holder has manually entered activities or not.

082
The data memory shall be able to hold these data for at least 365 days.

083
When storage capacity is exhausted, new data shall replace oldest data.

12.4.   Driver activity data

084
The recording equipment shall record and store in its data memory whenever there is a change of activity for the driver and/or the co-driver, and/or whenever there is a change of driving status, and/or whenever there is an insertion or withdrawal of a driver or workshop card:

—	the driving status (CREW, SINGLE),

—	the slot (DRIVER, CO-DRIVER),

—	the card status in the relevant slot (INSERTED, NOT INSERTED) (see Note),

—	the activity (DRIVING, AVAILABILITY, WORK, BREAK/REST),

—	the date and time of the change.

Note: INSERTED means that a valid driver or workshop card is inserted in the slot. NOT INSERTED means the opposite, i.e. no valid driver or workshop card is inserted in the slot (e.g. a company card is inserted or no card is inserted).

Note: Activity data manually entered by a driver are not recorded in the data memory.

085
The data memory shall be able to hold driver activity data for at least 365 days.

086
When storage capacity is exhausted, new data shall replace oldest data.

12.5.   Places where daily work periods start and/or end

087
The recording equipment shall record and store in its data memory whenever a (co-)driver enters the place where a daily work period begins and/or ends:

—	if applicable, the (co-)driver card number and card issuing Member State,

—	the date and time of the entry (or the date/time related to the entry when the entry is made during the manual entry procedure),

—	the type of entry (begin or end, condition of entry),

—	the country and region entered,

—	the vehicle odometer value.

088
The data memory shall be able to hold daily work periods start and/or end data for at least 365 days (with the assumption that one driver enters two records per day).

089
When storage capacity is exhausted, new data shall replace oldest data.

12.6.   Odometer data

090
The recording equipment shall record in its data memory the vehicle odometer value and the corresponding date at midnight every calendar day.

091
The data memory shall be able to store midnight odometer values for at least 365 calendar days.

092
When storage capacity is exhausted, new data shall replace oldest data.

12.7.   Detailed speed data

093
The recording equipment shall record and store in its data memory the instantaneous speed of the vehicle and the corresponding date and time at every second of at least the last 24 hours that the vehicle has been moving.

12.8.   Events data

For the purpose of this subparagraph, time shall be recorded with a resolution of one second.

094
The recording equipment shall record and store in its data memory the following data for each event detected according to the following storage rules:

Event	Storage rules	Data to be recorded per event
Card conflict	— the 10 most recent events.	— date and time of beginning of event, — date and time of end of event, — cards' type, number and issuing Member State of the two cards creating the conflict.
Driving without an appropriate card	— the longest event for each of the 10 last days of occurrence, — the five longest events over the last 365 days.	— date and time of beginning of event, — date and time of end of event, — cards' type, number and issuing Member State of any card inserted at beginning and/or end of the event, — number of similar events that day.
Card insertion while driving	— the last event for each of the 10 last days of occurrence.	— date and time of the event, — card's type, number and issuing Member State, — number of similar events that day.
Last card session not correctly closed	— the 10 most recent events.	— date and time of card insertion, — card's type, number and issuing Member State, — last session data as read from the card: — date and time of card insertion, — VRN and Member State of registration.
Over speeding (10)	— the most serious event for each of the 10 last days of occurrence (i.e. the one with the highest average speed), — the five most serious events over the last 365 days. — the first event having occurred after the last calibration.	— date and time of beginning of event, — date and time of end of event, — maximum speed measured during the event, — arithmetic average speed measured during the event, — card's type, number and issuing Member State of the driver (if applicable), — number of similar events that day.
Power supply interruption (11)	— the longest event for each of the 10 last days of occurrence, — the five longest events over the last 365 days.	— date and time of beginning of event, — date and time of end of event, — cards' type, number and issuing Member State of any card inserted at beginning and/or end of the event, — number of similar events that day.
Motion data error	— the longest event for each of the 10 last days of occurrence, — the five longest events over the last 365 days.	— date and time of beginning of event, — date and time of end of event, — cards' type, number and issuing Member State of any card inserted at beginning and/or end of the event, — number of similar events that day.
Security breach attempt	— the 10 most recent events per type of event.	— date and time of beginning of event, — date and time of end of event (if relevant), — cards' type, number and issuing Member State of any card inserted at beginning and/or end of the event, — type of event.

12.9.   Faults data

For the purpose of this subparagraph, time shall be recorded with a resolution of one second.

096
The recording equipment shall attempt to record and store in its data memory the following data for each fault detected according to the following storage rules:

Fault	Storage rules	Data to be recorded per fault
Card fault	— the 10 most recent driver card faults.	— date and time of beginning of fault, — date and time of end of fault, — card's type number and issuing Member State.
Recording equipment faults	— the 10 most recent faults for each type of fault, — the first fault after the last calibration.	— date and time of beginning of fault, — date and time of end of fault, — type of fault, — cards' type, number and issuing Member State of any card inserted at beginning and/or end of the fault.

12.10.   Calibration data

097
The recording equipment shall record and store in its data memory data relevant to:

—	known calibration parameters at the moment of activation,

—	its very first calibration following its activation,

—	its first calibration in the current vehicle (as identified by its VIN),

—	the five most recent calibrations (If several calibrations happen within one calendar day, only the last one of the day shall be stored).

098
The following data shall be recorded for each of these calibrations:

—	purpose of calibration (activation, first installation, installation, periodic inspection),

—	workshop name and address,

—	workshop card number, card issuing Member State and card expiry date,

—	vehicle identification,

—	parameters updated or confirmed: w, k, l, tyre size, speed limiting device setting, odometer (old and new values), date and time (old and new values).

099
The motion sensor shall record and store in its memory the following motion sensor installation data:

—	first pairing with a VU (date, time, VU approval number, VU serial number),

—	last pairing with a VU (date, time, VU approval number, VU serial number).

12.11.   Time adjustment data

100
The recording equipment shall record and store in its data memory data relevant to:

—	the most recent time adjustment,

—	the five largest time adjustments, since last calibration,

performed in calibration mode outside the frame of a regular calibration (definition (f)).

101
The following data shall be recorded for each of these time adjustments:

—	date and time, old value,

—	date and time, new value,

—	workshop name and address,

—	workshop card number, card issuing Member State and card expiry date.

12.12.   Control activity data

102
The recording equipment shall record and store in its data memory the following data relevant to the 20 most recent control activities:

—	date and time of the control,

—	control card number and card issuing Member State,

—	type of the control (displaying and/or printing and/or VU downloading and/or card downloading).

103
In case of downloading, the dates of the oldest and of the most recent days downloaded shall also be recorded.

12.13.   Company locks data

104
The recording equipment shall record and store in its data memory the following data relevant to the 20 most recent company locks:

—	lock-in date and time,

—	lock-out date and time,

—	company card number and card issuing Member State,

—	company name and address.

12.14.   Download activity data

105
The recording equipment shall record and store in its data memory the following data relevant to the last data memory downloading to external media while in company or in calibration mode:

—	date and time of downloading,

—	company or workshop card number and card issuing Member State,

—	company or workshop name.

12.15.   Specific conditions data

105a
The recording equipment shall record in its data memory the following data relevant to specific conditions:

—	date and time of the entry,

—	type of specific condition.

105b
The data memory shall be able to hold specific conditions data for at least 365 days (with the assumption that on average, one condition is opened and closed per day). When storage capacity is exhausted, new data shall replace oldest data.

13.   Reading from tachograph cards

106
The recording equipment shall be able to read from tachograph cards, where applicable, the necessary data:

—	to identify the card type, the card holder, the previously used vehicle, the date and time of the last card withdrawal and the activity selected at that time,

—	to check that last card session was correctly closed,

—	to compute the driver's continuous driving time, cumulative break time and cumulated driving times for the previous and the current week,

—	to print requested printouts related to data recorded on a driver card,

—	to download a driver card to external media.

107
In case of a reading error, the recording equipment shall try again, three times maximum, the same read command, and then if still unsuccessful, declare the card faulty and non-valid.

14.   Recording and storing on tachograph cards

108
The recording equipment shall set the “card session data“ in the driver or workshop card right after the card insertion.

109
The recording equipment shall update data stored on valid driver, workshop and/or control cards with all necessary data relevant to the period while the card is inserted and relevant to the card holder. Data stored on these cards are specified in Chapter IV.

109a
The recording equipment shall update driver activity and location data (as specified in Chapter IV, paragraphs 5.2.5 and 5.2.6), stored on valid driver and/or workshop cards, with activity and location data manually entered by the cardholder.

110
Tachograph cards data update shall be such that, when needed and taking into account card actual storage capacity, most recent data replace oldest data.

111
In the case of a writing error, the recording equipment shall try again, three times maximum, the same write command, and then if still unsuccessful, declare the card faulty and non valid.

112
Before releasing a driver card, and after all relevant data have been stored on the card, the recording equipment shall reset the card session data.

15.   Displaying

113
The display shall include at least 20 characters.

114
The minimum character size shall be 5 mm high and 3,5 mm wide.

114a
The display shall support the Latin 1 and Greek character sets defined by ISO 8859 parts 1 and 7, as specified in Appendix 1 Chapter 4 “Character sets“. The display may use simplified glyphs (e.g. accented characters may be displayed without accent, or lower case letters may be shown as upper case letters).

115
The display shall be provided with adequate non-dazzling lighting.

116
Indications shall be visible from outside the recording equipment.

117
The recording equipment shall be able to display:

—	default data,

—	data related to warnings,

—	data related to menu access,

—	other data requested by a user.

Additional information may be displayed by the recording equipment, provided that it is clearly distinguishable from information required above.

118
The display of the recording equipment shall use the pictograms or pictogram combinations listed in Appendix 3. Additional pictograms or pictogram combinations may also be provided by the display, if clearly distinguishable from the aforementioned pictogram or pictogram combinations.

119
The display shall always be ON when the vehicle is moving.

120
The recording equipment may include a manual or automatic feature to turn the display OFF when the vehicle is not moving.

Displaying format is specified in Appendix 5.

15.1.   Default display

121
When no other information needs to be displayed, the recording equipment shall display, by default, the following:

—	the local time (as a result of UTC time + offset as set by the driver),

—	the mode of operation,

—	the current activity of the driver and the current activity of the co-driver,

—	information related to the driver: — if his current activity is DRIVING, his current continuous driving time and his current cumulative break time, — if his current activity is not DRIVING, the current duration of this activity (since it was selected) and his current cumulative break time,

—	information related to the co-driver: — the current duration of his activity (since it was selected).

122
Display of data related to each driver shall be clear, plain and unambiguous. In the case where the information related to the driver and the co-driver cannot be displayed at the same time, the recording equipment shall display by default the information related to the driver and shall allow the user to display the information related to the co-driver.

123
In the case where the display width does not allow to display by default the mode of operation, the recording equipment shall briefly display the new mode of operation when it changes.

124
The recording equipment shall briefly display the card holder name at card insertion.

124a
When an “OUT OF SCOPE“ condition is opened, then the default display must show using the relevant pictogram that the condition is opened (It is acceptable that the driver's current activity may not be shown at the same time).

15.2.   Warning display

125
The recording equipment shall display warning information using primarily the pictograms of Appendix 3, completed where needed by an additional numerically coded information. A literal description of the warning may also be added in the driver's preferred language.

15.3.   Menu access

126
The recording equipment shall provide necessary commands through an appropriate menu structure.

15.4.   Other displays

127
It shall be possible to display selectively on request:

—	the UTC date and time,

—	the mode of operation (if not provided by default),

—	the continuous driving time and cumulative break time of the driver,

—	the continuous driving time and cumulative break time of the co-driver,

—	the cumulated driving time of the driver for the previous and the current week,

—	the cumulated driving time of the co-driver for the previous and the current week,

—	the content of any of the six printouts under the same formats as the printouts themselves.

128
Printout content display shall be sequential, line by line. If the display width is less than 24 characters the user shall be provided with the complete information through an appropriate mean (several lines, scrolling, …). Printout lines devoted to hand-written information may be omitted for display.

16.   Printing

129
The recording equipment shall be able to print information from its data memory and/or from tachograph cards in accordance with the six following printouts:

—	driver activities from card daily printout,

—	driver activities from Vehicle Unit daily printout,

—	events and faults from card printout,

—	events and faults from Vehicle Unit printout,

—	technical data printout,

—	over speeding printout.

The detailed format and content of these printouts are specified in Appendix 4.

Additional data may be provided at the end of the printouts

Additional printouts may also be provided by the recording equipment, if clearly distinguishable from the six aforementioned printouts.

130
The “driver activities from card daily printout“ and “events and faults from card printout“ shall be available only when a driver card or a workshop card is inserted in the recording equipment. The recording equipment shall update data stored on the relevant card before starting printing.

131
In order to produce the “driver activities from card daily printout“ or the “events and faults from card printout“, the recording equipment shall:

—	either automatically select the driver card or the workshop card if one only of these cards is inserted,

—	or provide a command to select the source card or select the card in the driver slot if two of these cards are inserted in the recording equipment.

132
The printer shall be able to print 24 characters per line.

133
The minimum character size shall be 2,1 mm high and 1,5 mm wide.

133a
The printer shall support the Latin 1 and Greek character sets defined by ISO 8859 parts 1 and 7, as specified in Appendix 1 Chapter 4 “Character sets“.

134
Printers shall be so designed as to produce these printouts with a degree of definition likely to avoid any ambiguity when they are read.

135
Printouts shall retain their dimensions and recordings under normal conditions of humidity (10 to 90 %) and temperature.

136
The paper for use by the recording equipment shall bear the relevant type approval mark and the indication of the type(s) of recording equipment with which it may be used. Printouts shall remain clearly legible and identifiable under normal conditions of storage, in terms of light intensity, humidity and temperature, for at least one year.

137
It shall also be possible to add handwritten notes, such as the driver's signature, to these documents.

138
The recording equipment shall manage “paper out“ events while printing by, once paper has been re-loaded, restarting printing from printout beginning or by continuing printing and providing an unambiguous reference to previously printed part.

17.   Warnings

139
The recording equipment shall warn the driver when detecting any event and/or fault.

140
Warning of a power supply interruption event may be delayed until the power supply is reconnected.

141
The recording equipment shall warn the driver 15 minutes before and at the time of exceeding 4 h 30 min. continuous driving time.

142
Warnings shall be visual. Audible warnings may also be provided in addition to visual warnings.

143
Visual warnings shall be clearly recognisable by the user, shall be situated in the driver's field of vision and shall be clearly legible both by day and by night.

144
Visual warnings may be built into the recording equipment and/or remote from the recording equipment.

145
In the latter case it shall bear a “T“ symbol and shall be amber or orange.

146
Warnings shall have a duration of at least 30 seconds, unless acknowledged by the user by hitting any key of the recording equipment. This first acknowledgement shall not erase warning cause display referred to in next paragraph.

147
Warning cause shall be displayed on the recording equipment and remain visible until acknowledged by the user using a specific key or command of the recording equipment.

148
Additional warnings may be provided, as long as they do not confuse drivers in relation to previously defined ones.

18.   Data downloading to external media

149
The recording equipment shall be able to download on request data from its data memory or from a driver card to external storage media via the calibration/downloading connector. The recording equipment shall update data stored on the relevant card before starting downloading.

150
In addition and as an optional feature, the recording equipment may, in any mode of operation, download data through another connector to a company authenticated through this channel. In such a case, company mode data access rights shall apply to this download.

151
Downloading shall not alter or delete any stored data.

The calibration/downloading connector electrical interface is specified in Appendix 6.

Downloading protocols are specified in Appendix 7.

19.   Output data to additional external devices

152
When the recording equipment does not include speed and/or odometer display functions, the recording equipment shall provide output signal(s) to allow for displaying the speed of the vehicle (speedometer) and/or the total distance travelled by the vehicle (odometer).

153
The vehicle unit shall also be able to output the following data using an appropriate dedicated serial link independent from an optional CAN bus connection (ISO 11898 Road vehicles — Interchange of digital information — Controller Area Network (CAN) for high speed communication), to allow their processing by other electronic units installed in the vehicle:

—	current UTC date and time,

—	speed of the vehicle,

—	total distance travelled by the vehicle (odometer),

—	currently selected driver and co-driver activity,

—	information if any tachograph card is currently inserted in the driver slot and in the co-driver slot and (if applicable) information about the corresponding cards identification (card number and issuing Member State).

Other data may also be output in addition to this minimum list.

When the ignition of the vehicle is ON, these data shall be permanently broadcast. When the ignition of the vehicle is OFF, at least any change of driver or co-driver activity and/or any insertion or withdrawal of a tachograph card shall generate a corresponding data output. In the event that data output has been withheld whilst the ignition of the vehicle is OFF, that data shall be made available once the ignition of the vehicle is ON again.

20.   Calibration

154
The calibration function shall allow:

—	to automatically pair the motion sensor with the VU,

—

to digitally adapt the constant of the recording equipment (k) to the characteristic coefficient of the vehicle (w) (vehicles with two or more axle ratios shall be fitted with a switch device whereby these various ratios will automatically be brought into line with the ratio for which the equipment has been adapted to the vehicle),

—	to adjust (without limitation) the current time,

—	to adjust the current odometer value,

—	to update motion sensor identification data stored in the data memory,

—	to update or confirm other parameters known to the recording equipment: vehicle identification, w, l, tyre size and speed limiting device setting if applicable.

155
Pairing the motion sensor to the VU shall consist, at least, in:

—	updating motion sensor installation data held by the motion sensor (as needed),

—	copying from the motion sensor to the VU data memory necessary motion sensor identification data.

156
The calibration function shall be able to input necessary data through the calibration/downloading connector in accordance with the calibration protocol defined in Appendix 8. The calibration function may also input necessary data through other connectors.

21.   Time adjustment

157
The time adjustment function shall allow for adjusting the current time in amounts of one minute maximum at intervals of not less than seven days.

158
The time adjustment function shall allow for adjusting the current time without limitation, in calibration mode.

22.   Performance characteristics

159
The Vehicle Unit shall be fully operational in the temperature range − 20 °C to 70 °C, and the motion sensor in the temperature range − 40 °C to 135 °C. Data memory content shall be preserved at temperatures down to − 40 °C.

160
The recording equipment shall be fully operational in the humidity range 10 % to 90 %.

161
The recording equipment shall be protected against over-voltage, inversion of its power supply polarity, and short circuits.

162
The recording equipment shall conform to Commission Directive 95/54/EC of 31 October 1995 (12) adapting to technical progress Council Directive 72/245/EEC (13), related to electromagnetic compatibility, and shall be protected against electrostatic discharges and transients.

23.   Materials

163
All the constituent parts of the recording equipment shall be made of materials of sufficient stability and mechanical strength and with stable electrical and magnetic characteristics.

164
For normal conditions of use, all the internal parts of the equipment shall be protected against damp and dust.

165
The Vehicle Unit shall meet the protection grade IP 40 and the motion sensor shall meet the protection grade IP 64, as per standard IEC 529.

166
The recording equipment shall conform to applicable technical specifications related to ergonomic design.

167
The recording equipment shall be protected against accidental damage.

24.   Markings

168
If the recording equipment displays the vehicle odometer value and speed, the following details shall appear on its display:

—	near the figure indicating the distance, the unit of measurement of distance, indicated by the abbreviation “km“,

—	near the figure showing the speed, the entry “km/h“.

The recording equipment may also be switched to display the speed in miles per hour, in which case the unit of measurement of speed shall be shown by the abbreviation “mph“.

169
A descriptive plaque shall be affixed to each separate component of the recording equipment and shall show the following details:

—	name and address of the manufacturer of the equipment,

—	manufacturer's part number and year of manufacture of the equipment,

—	equipment serial number,

—	approval mark for the equipment type.

170
When physical space is not sufficient to show all abovementioned details, the descriptive plaque shall show at least: the manufacturer's name or logo, and the equipment's part number.

IV.   CONSTRUCTION AND FUNCTIONAL REQUIREMENTS FOR TACHOGRAPH CARDS

1.   Visible data

The front page will contain:

171 the words “Driver card“ or “Control card“ or “Workshop card“ or “Company card“ printed in large type in the official language or languages of the Member State issuing the card, according to the type of the card;

172 the same words in the other official languages of the Community, printed to form the background of the card: ES TARJETA DEL CONDUCTOR TARJETA DE CONTROL TARJETA DEL CENTRO DE ENSAYO TARJETA DE LA EMPRESA DK FØRERKORT KONTROLKORT VÆRKSTEDSKORT VIRKSOMHEDSKORT DE FAHRERKARTE KONTROLLKARTE WERKSTATTKARTE UNTERNEHMENSKARTE EL ΚΑΡΤΑ ΟΔΗΟΥ ΚΑΡΤΑ ΕΛΕΓΧΟΥ ΚΑΡΤΑ ΚΕΝΤΡΟΥ ΔΟΚΙΜΩΝ ΚΑΡΤΑ ΕΠΙΧΕΙΡΗΣΗΣ EN DRIVER CARD CONTROL CARD WORKSHOP CARD COMPANY CARD FR CARTE DE CONDUCTEUR CARTE DE CONTROLEUR CARTE D'ATELIER CARTE D'ENTREPRISE GA CÁRTA TIOMÁNAÍ CÁRTA STIÚRTHA CÁRTA CEARDLAINNE CÁRTA COMHLACHTA IT CARTA DEL CONDUCENTE CARTA DI CONTROLLO CARTA DELL'OFFICINA CARTA DELL'AZIENDA NL BESTUURDERS KAART CONTROLEKAART WERKPLAATSKAART BEDRIJFSKAART PT CARTÃO DE CONDUTOR CARTÃO DE CONTROLO CARTÃO DO CENTRO DE ENSAIO CARTÃO DE EMPRESA FI KULJETTAJA KORTTILLA VALVONTA KORTILLA TESTAUSASEMA KORTILLA YRITYSKORTILLA SV FÖRARKORT KONTROLLKORT VERKSTADSKORT FÖRETAGSKORT

173 the name of the Member State issuing the card (optional);

174 the distinguishing sign of the Member State issuing the card, printed in negative in a blue rectangle and encircled by 12 yellow stars. The distinguishing signs shall be as follows: B Belgium DK Denmark D Germany GR Greece E Spain F France IRL Ireland I Italy L Luxembourg NL The Netherlands A Austria P Portugal FIN Finland S Sweden UK The United Kingdom;

175 information specific to the card issued, numbered as follows:   Driver card Control card Company or workshop card 1. Surname of the driver Control body name Company or workshop card 2. First name(s) of the driver Surname of the controller (if applicable) Surname of card holder (if applicable) 3. Birth date of the driver First name(s) of the controller (if applicable) First name(s) of card holder (if applicable) 4.(a) Card start of validity date (b) Card expiry date (if any) (c) The name of the issuing authority (may be printed on page 2) (d) A different number from the one under heading 5, for administrative purposes (optional) 5.(a) Driving licence number (at the date of issue of the driver card)     5.(b) Card number 6. Photograph of the driver Photograph of the controller (optional) — 7. Signature of the driver Signature of the holder (optional) 8. Normal place of residence, or postal address of the holder (optional) Postal address of control body Postal address of company or workshop

176 dates shall be written using a “dd/mm/yyyy“ or “dd.mm.yyyy“ format (day, month, year);

the reverse page will contain:

177 an explanation of the numbered items which appear on the front page of the card;

178 with the specific written agreement of the holder, information which is not related to the administration of the card may also be added, such addition will not alter in any way the use of the model as a tachograph card.

179
Tachograph cards shall be printed with the following background predominant colours:

—	driver card: white,

—	control card: blue,

—	workshop card: red,

—	company card: yellow.

180
Tachograph cards shall bear at least the following features for protection of the card body against counterfeiting and tampering:

—	a security design background with fine guilloche patterns and rainbow printing,

—	in the area of the photograph, the security design background and the photograph shall overlap,

—	at least one two-coloured microprint line.

181
After consulting the Commission, Member States may add colours or markings, such as national symbols and security features, without prejudice to the other provisions of this Annex.

2.   Security

The system security aims at protecting integrity and authenticity of data exchanged between the cards and the recording equipment, protecting the integrity and authenticity of data downloaded from the cards, allowing certain write operations onto the cards to recording equipment only, ruling out any possibility of falsification of data stored in the cards, preventing tampering and detecting any attempt of that kind.

182
In order to achieve the system security, the tachograph cards shall meet the security requirements defined in the tachograph cards generic security target (Appendix 10).

183
Tachograph cards shall be readable by other equipment such as personal computers.

3.   Standards

184
The tachograph cards shall comply with the following standards:

—	ISO/IEC 7810 Identification cards — Physical characteristics,

—

ISO/IEC 7816 Identification cards — Integrated circuits with contacts: — Part 1: Physical characteristics, — Part 2: Dimensions and location of the contacts, — Part 3: Electronic signals and transmission protocols, — Part 4: Inter-industry commands for interchange, — Part 8: Security related inter-industry commands,

—	ISO/IEC 10373 Identification cards — Test methods.

4.   Environmental and electrical specifications

185
The tachograph cards shall be capable of operating correctly in all the climatic conditions normally encountered in Community territory and at least in the temperature range − 25 °C to + 70 °C with occasional peaks of up to + 85 °C, “occasional“ meaning not more than 4 hours each time and not over 100 times during the lifetime of the card.

186
The tachograph cards shall be capable of operating correctly in the humidity range 10 % to 90 %.

187
The tachograph cards shall be capable of operating correctly for a five-year period if used within the environmental and electrical specifications.

188
During operation, the tachograph cards shall conform to Commission Directive 95/54/EC of 31 October 1995 (14), related to electromagnetic compatibility, and shall be protected against electrostatic discharges.

5.   Data storage

For the purpose of this paragraph,

—	times are recorded with a resolution of one minute, unless otherwise specified,

—	odometer values are recorded with a resolution of one kilometre,

—	speeds are recorded with a resolution of 1 km/h.

The tachograph cards functions, commands and logical structures, fulfilling data storage requirements are specified in Appendix 2.

189
This paragraph specifies minimum storage capacity for the various application data files. The tachograph cards shall be able to indicate to the recording equipment the actual storage capacity of these data files.

Any additional data that may be stored on tachograph cards, related to other applications eventually borne by the card, shall be stored in accordance with Directive 95/46/EC of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (15).

5.1.   Card identification and security data

5.1.1.   Application identification

190
The tachograph cards shall be able to store the following application identification data:

—	tachograph application identification,

—	type of tachograph card identification.

5.1.2.   Chip identification

191
The tachograph cards shall be able to store the following integrated circuit (IC) identification data:

—	IC serial number,

—	IC manufacturing references.

5.1.3.   IC card identification

192
The tachograph cards shall be able to store the following smart card identification data:

—	card serial number (including manufacturing references),

—	card type approval number,

—	card personaliser identification (ID),

—	embedder ID,

—	IC identifier.

5.1.4.   Security elements

193
The tachograph cards shall be able to store the following security elements data:

—	European public key,

—	Member State certificate,

—	card certificate,

—	card private key.

5.2.   Driver card

5.2.1.   Card identification

194
The driver card shall be able to store the following card identification data:

—	card number,

—	issuing Member State, issuing authority name, issue date,

—	card beginning of validity date, card expiry date.

5.2.2.   Card holder identification

195
The driver card shall be able to store the following card holder identification data:

—	surname of the holder,

—	first name(s) of the holder,

—	date of birth,

—	preferred language.

5.2.3.   Driving licence information

196
The driver card shall be able to store the following driving licence data:

—	issuing Member State, issuing authority name,

—	driving licence number (at the date of the issue of the card).

5.2.4.   Vehicles used data

197
The driver card shall be able to store, for each calendar day where the card has been used, and for each period of use of a given vehicle that day (a period of use includes all consecutive insertion/withdrawal cycle of the card in the vehicle, as seen from the card point of view), the following data:

—	date and time of first use of the vehicle (i.e. first card insertion for this period of use of the vehicle, or 00.00 if the period of use is on-going at that time),

—	vehicle odometer value at that time,

—	date and time of last use of the vehicle, (i.e. last card withdrawal for this period of use of the vehicle, or 23.59 if the period of use is on-going at that time),

—	vehicle odometer value at that time,

—	VRN and registering Member State of the vehicle.

198
The driver card shall be able to store at least 84 such records.

5.2.5.   Driver activity data

199
The driver card shall be able to store, for each calendar day where the card has been used or for which the driver has entered activities manually, the following data:

—

the date,

—	a daily presence counter (increased by one for each of these calendar days),

—	the total distance travelled by the driver during this day,

—	a driver status at 00.00,

—

whenever the driver has changed of activity, and/or has changed of driving status, and/or has inserted or withdrawn his card: — the driving status (CREW, SINGLE), — the slot (DRIVER, CO-DRIVER), — the card status (INSERTED, NOT INSERTED), — the activity (DRIVING, AVAILABILITY, WORK, BREAK/REST), — the time of the change.

200
The driver card memory shall be able to hold driver activity data for at least 28 days (the average activity of a driver is defined as 93 activity changes per day).

201
The data listed under requirements 197 and 199 shall be stored in a way allowing the retrieval of activities in the order of their occurrence, even in case of a time overlap situation.

5.2.6.   Places where daily work periods start and/or end

202
The driver card shall be able to store the following data related to places where daily work periods begin and/or end, entered by the driver:

—	the date and time of the entry (or the date/time related to the entry if the entry is made during the manual entry procedure),

—	the type of entry (begin or end, condition of entry),

—	the country and region entered,

—	the vehicle odometer value.

203
The driver card memory shall be able to hold at least 42 pairs of such records.

5.2.7.   Events data

For the purpose of this subparagraph, time shall be stored with a resolution of one second.

204
The driver card shall be able to store data related to the following events detected by the recording equipment while the card was inserted:

—	time overlap (where this card is the cause of the event),

—	card insertion while driving (where this card is the subject of the event),

—	last card session not correctly closed (where this card is the subject of the event),

—	power supply interruption,

—	motion data error,

—	security breach attempts.

205
The driver card shall be able to store the following data for these events:

—	event code,

—	date and time of beginning of the event (or of card insertion if the event was on-going at that time),

—	date and time of end of the event (or of card withdrawal if the event was on-going at that time),

—	VRN and registering Member State of vehicle in which the event happened.

Note: For the “time overlap“ event:

—	date and time of beginning of the event shall correspond to the date and time of the card withdrawal from the previous vehicle,

—	date and time of end of the event shall correspond to the date and time of card insertion in current vehicle,

—	vehicle data shall correspond to the current vehicle raising the event.

Note: For the “last card session not correctly closed“ event:

—	date and time of beginning of event shall correspond to the card insertion date and time of the session not correctly closed,

—	date and time of end of event shall correspond to the card insertion date and time of the session during which the event was detected (current session),

—	vehicle data shall correspond to the vehicle in which the session was not correctly closed.

206
The driver card shall be able to store data for the six most recent events of each type (i.e. 36 events).

5.2.8.   Faults data

For the purpose of this subparagraph, time shall be recorded with a resolution of one second.

207
The driver card shall be able to store data related to the following faults detected by the recording equipment while the card was inserted:

—	card fault (where this card is the subject of the event),

—	recording equipment fault.

208
The driver card shall be able to store the following data for these faults:

—	fault code,

—	date and time of beginning of the fault (or of card insertion if the fault was on-going at that time),

—	date and time of end of the fault (or of card withdrawal if the fault was on-going at that time),

—	VRN and registering Member State of vehicle in which the fault happened.

209
The driver card shall be able to store data for the twelve most recent faults of each type (i.e. 24 faults).

5.2.9.   Control activity data

210
The driver card shall be able to store the following data related to control activities:

—	date and time of the control,

—	control card number and card issuing Member State,

—	type of the control (displaying and/or printing and/or VU downloading and/or card downloading (see note)),

—	period downloaded, in case of downloading,

—	VRN and registering Member State of the vehicle in which the control happened.

Note: security requirements imply that card downloading will only be recorded if performed through a recording equipment.

211
The driver card shall be able to hold one such record.

5.2.10.   Card session data

212
The driver card shall be able to store data related to the vehicle which opened its current session:

—	date and time the session was opened (i.e. card insertion) with a resolution of one second,

—	VRN and registering Member State.

5.2.11.   Specific conditions data

212a
The driver card shall be able to store the following data related to specific conditions entered while the card was inserted (whatever the slot):

—	date and time of the entry,

—	type of specific condition.

212b
The driver card shall be able to hold 56 such records.

5.3.   Workshop card

5.3.1.   Security elements

213
The workshop card shall be able to store a personal identification number (PIN code).

214
The workshop card shall be able to store the cryptographic keys needed for pairing motion sensors to vehicle units.

5.3.2.   Card identification

215
The workshop card shall be able to store the following card identification data:

—	card number,

—	issuing Member State, issuing authority name, issue date,

—	card beginning of validity date, card expiry date.

5.3.3.   Card holder identification

216
The workshop card shall be able to store the following card holder identification data:

—	workshop name,

—	workshop address,

—	surname of the holder,

—	first name(s) of the holder,

—	preferred language.

5.3.4.   Vehicles used data

217
The workshop card shall be able to store vehicles used data records in the same manner as a driver card.

218
The workshop card shall be able to store at least 4 such records.

5.3.5.   Driver activity data

219
The workshop card shall be able to store driver activity data in the same manner as a driver card.

220
The workshop card shall be able to hold driver activity data for at least one day of average driver activity.

5.3.6.   Daily work periods start and/or end data

221
The workshop card shall be able to store daily works period start and/or end data records in the same manner as a driver card.

222
The workshop card shall be able to hold at least three pairs of such records.

5.3.7.   Events and faults data

223
The workshop card shall be able to store events and faults data records in the same manner as a driver card.

224
The workshop card shall be able to store data for the three most recent events of each type (i.e. 18 events) and the six most recent faults of each type (i.e. 12 faults).

5.3.8.   Control activity data

225
The workshop card shall be able to store a control activity data record in the same manner as a driver card.

5.3.9.   Calibration and time adjustment data

226
The workshop card shall be able to hold records of calibrations and/or time adjustments performed while the card is inserted in a recording equipment.

227
Each calibration record shall be able to hold the following data:

—	purpose of calibration (first installation, installation, periodic inspection),

—	vehicle identification,

—	parameters updated or confirmed (w, k, l, tyre size, speed limiting device setting, odometer (new and old values), date and time (new and old values),

—	recording equipment identification (VU part number, VU serial number, motion sensor serial number).

228
The workshop card shall be able to store at least 88 such records.

229
The workshop card shall hold a counter indicating the total number of calibrations performed with the card.

230
The workshop card shall hold a counter indicating the number of calibrations performed since its last download.

5.3.10.   Specific conditions data

230a
The workshop card shall be able to store data relevant to specific conditions in the same manner as the driver card. The workshop card shall be able to store two such records.

5.4.   Control card

5.4.1.   Card identification

231
The control card shall be able to store the following card identification data:

—	card number,

—	issuing Member State, issuing authority name, issue date,

—	card beginning of validity date, card expiry date (if any).

5.4.2.   Card holder identification

232
The control card shall be able to store the following card holder identification data:

—	control body name,

—	control body address,

—	surname of the holder,

—	first name(s) of the holder,

—	preferred language.

5.4.3.   Control activity data

233
The control card shall be able to store the following control activity data:

—	date and time of the control,

—	type of the control (displaying and/or printing and/or VU downloading and/or card downloading),

—	period downloaded (if any),

—	VRN and Member State registering authority of the controlled vehicle,

—	card number and card issuing Member State of the driver card controlled.

234
The control card shall be able to hold at least 230 such records.

5.5.   Company card

5.5.1.   Card identification

235
The company card shall be able to store the following card identification data:

—	card number,

—	issuing Member State, issuing authority name, issue date,

—	card beginning of validity date, card expiry date (if any).

5.5.2.   Card holder identification

236
The company card shall be able to store the following card holder identification data:

—	company name,

—	company address.

5.5.3.   Company activity data

237
The company card shall be able to store the following company activity data:

—	date and time of the activity,

—	type of the activity (VU locking in and/or out, and/or VU downloading and/or card downloading),

—	period downloaded (if any),

—	VRN and Member State registering authority of vehicle,

—	card number and card issuing Member State (in case of card downloading).

238
The company card shall be able to hold at least 230 such records.

V.   INSTALLATION OF RECORDING EQUIPMENT

1.   Installation

239
New recording equipment shall be delivered non-activated to fitters or vehicle manufacturers, with all calibration parameters, as listed in Chapter III(20), set to appropriate and valid default values. Where no particular value is appropriate, literal parameters shall be set to strings of “?“ and numeric parameters shall be set to “0“.

240
Before its activation, the recording equipment shall give access to the calibration function even if not in calibration mode.

241
Before its activation, the recording equipment shall neither record nor store data referred by points III.12.3. to III.12.9. and III.12.12 to III.12.14. inclusive.

242
During installation, vehicle manufacturers shall pre-set all known parameters.

243
Vehicle manufacturers or fitters shall activate the installed recording equipment before the vehicle leaves the premises where the installation took place.

244
The activation of the recording equipment shall be triggered automatically by the first insertion of a workshop card in either of its card interface devices.

245
Specific pairing operations required between the motion sensor and the vehicle unit, if any, shall take place automatically before or during activation.

246
After its activation, the recording equipment shall fully enforce functions and data access rights.

247
The recording and storing functions of the recording equipment shall be fully operational after its activation.

248
Installation shall be followed by a calibration. The first calibration will include entry of VRN and will take place within 2 weeks of this installation or of VRN allocation whichever comes last.

248a
The recording equipment must be positioned in the vehicle in such a way as to allow the driver to access the necessary functions from his seat.

2.   Installation plaque

249
After the recording equipment has been checked on installation, an installation plaque which is clearly visible and easily accessible shall be affixed on, in or beside the recording equipment. After every inspection by an approved fitter or workshop, a new plaque shall be affixed in place of the previous one.

250
The plaque shall bear at least the following details:

—	name, address or trade name of the approved fitter or workshop,

—	characteristic coefficient of the vehicle, in the form “w = … imp/km“,

—	constant of the recording equipment, in the form “k = … imp/km“,

—	effective circumference of the wheel tyres in the form “l = … mm“,

—	tyre size,

—	the date on which the characteristic coefficient of the vehicle was determined and the effective circumference of the wheel tyres measured,

—	the vehicle identification number.

3.   Sealing

251
The following part shall be sealed:

—	any connection which, if disconnected, would cause undetectable alterations to be made or undetectable data loss,

—	the installation plaque, unless it is attached in such a way that it cannot be removed without the markings thereon being destroyed.

252
The seals mentioned above may be removed:

—	in case of emergency,

—

to install, to adjust or to repair a speed limitation device or any other device contributing to road safety, provided that the recording equipment continues to function reliably and correctly and is resealed by an approved fitter or workshop (in accordance with Chapter VI) immediately after fitting the speed limitation device or any other device contributing to road safety or within seven days in other cases.

253
On each occasion that these seals are broken a written statement giving the reasons for such action shall be prepared and made available to the competent authority.

VI.   CHECKS, INSPECTIONS AND REPAIRS

Requirements on the circumstances in which seals may be removed, as referred to in Article 12.5 of Regulation (EEC) No 3821/85 as last amended by Regulation (EC) No 2135/98, are defined in Chapter V(3) of this annex.

1.   Approval of fitters or workshops

The Member States will approve, regularly control and certify the bodies to carry out:

—	installations,

—

checks,

—	inspections,

—

repairs.

In the framework of Article 12(1) of this Regulation, workshop cards will be issued only to fitters and/or workshops approved for the activation and/or the calibration of recording equipment in conformity with this annex and, unless duly justified:

—	who are not eligible for a company card,

—	and whose other professional activities do not present a potential compromise of the overall security of the system as defined in Appendix 10.

2.   Check of new or repaired instruments

254
Every individual device, whether new or repaired, shall be checked in respect of its proper operation and the accuracy of its reading and recordings, within the limits laid down in Chapter III.2.1. and III.2.2 by means of sealing in accordance with Chapter V.3. and calibration.

3.   Installation inspection

255
When being fitted to a vehicle, the whole installation (including the recording equipment) shall comply with the provisions relating to maximum tolerances laid down in Chapter III.2.1 and III.2.2.

4.   Periodic inspections

256
Periodic inspections of the equipment fitted to the vehicles shall take place after any repair of the equipment, or after any alteration of the characteristic coefficient of the vehicle or of the effective circumference of the tyres, or after equipment UTC time is wrong by more than 20 minutes, or when the VRN has changed, and at least once within two years (24 months) of the last inspection.

257
These inspections shall include the following checks:

—	that the recording equipment is working properly, including the data storage in tachograph cards function,

—	that compliance with the provisions of Chapter III.2.1 and III.2.2 on the maximum tolerances on installation is ensured,

—	that the recording equipment carries the type approval mark,

—	that the installation plaque is affixed,

—	that the seals on the equipment and on the other parts of the installation are intact,

—	the tyre size and the actual circumference of the wheel tyres.

258
These inspections shall include a calibration.

5.   Measurement of errors

259
The measurement of errors on installation and during use shall be carried out under the following conditions, which are to be regarded as constituting standard test conditions:

—	vehicle unladen, in normal running order,

—	tyre pressures in accordance with the manufacturer's instructions,

—	tyre wear, within the limits allowed by national law,

—	vehicle movement: — the vehicle shall advance under its own engine power in a straight line on level ground and at a speed of 50 ± 5 km/h. The measuring distance shall be at least 1 000 m,

—	provided that it is of comparable accuracy, alternative methods, such as a suitable test bench, may also be used for the test.

6.   Repairs

260
Workshops shall be able to download data from the recording equipment to give the data back to the appropriate transport company.

261
Approved workshops shall issue to transport companies a certificate of data un-downloadability where the malfunction of the recording equipment prevents previously recorded data to be downloaded, even after repair by this workshop. The workshops will keep a copy of each issued certificate for at least one year.

VII.   CARD ISSUING

The card issuing processes set-up by the Member States shall conform to the following:

262 The card number of the first issue of a tachograph card to an applicant shall have a consecutive index (if applicable) and a replacement index and a renewal index set to “0“.

263 The card numbers of all non-personal tachograph cards issued to a single control body or a single workshop or a single transport company shall have the same first 13 digits, and shall all have a different consecutive index.

264 A tachograph card issued in replacement of an existing tachograph card shall have the same card number as the replaced one except the replacement index which shall be raised by “1“ (in the order 0, …, 9, A, …, Z).

265 A tachograph card issued in replacement of an existing tachograph card shall have the same card expiry date as the replaced one.

266 A tachograph card issued in renewal of an existing tachograph card shall have the same card number as the renewed one except the replacement index which shall be reset to “0“ and the renewal index which shall be raised by “1“ (in the order 0, …, 9, A, …, Z).

267 The exchange of an existing tachograph card, in order to modify administrative data, shall follow the rules of the renewal if within the same Member State, or the rules of a first issue if performed by another Member State.

268 The “card holder surname“ for non-personal workshop or control cards shall be filled with workshop or control body name.

VIII.   TYPE APPROVAL OF RECORDING EQUIPMENT AND TACHOGRAPH CARDS

1.   General points

For the purpose of this chapter, the words “recording equipment“ mean “recording equipment or its components“. No type approval is required for the cable(s) linking the motion sensor to the VU. The paper, for use by the recording equipment, shall be considered as a component of the recording equipment.

269
Recording equipment shall be submitted for approval complete with any integrated additional devices.

270
Type approval of recording equipment and of tachograph cards shall include security related tests, functional tests and interoperability tests. Positive results to each of these tests are stated by an appropriate certificate.

271
Member States type approval authorities will not grant a type approval certificate in accordance with Article 5 of this Regulation, as long as they do not hold:

—	a security certificate,

—	a functional certificate,

—	and an interoperability certificate,

for the recording equipment or the tachograph card, subject of the request for type approval.

272
Any modification in software or hardware of the equipment or in the nature of materials used for its manufacture shall, before being used, be notified to the authority which granted type-approval for the equipment. This authority shall confirm to the manufacturer the extension of the type approval, or may require an update or a confirmation of the relevant functional, security and/or interoperability certificates.

273
Procedures to upgrade in situ recording equipment software shall be approved by the authority which granted type approval for the recording equipment. Software upgrade must not alter nor delete any driver activity data stored in the recording equipment. Software may be upgraded only under the responsibility of the equipment manufacturer.

2.   Security certificate

274
The security certificate is delivered in accordance with the provisions of Appendix 10 to this Annex.

3.   Functional certificate

275
Each candidate for type approval shall provide the Member State's type approval authority with all the material and documentation that the authority deems necessary.

276
A functional certificate shall be delivered to the manufacturer only after all functional tests specified in Appendix 9, at least, have been successfully passed.

277
The type approval authority delivers the functional certificate. This certificate shall indicate, in addition to the name of its beneficiary and the identification of the model, a detailed list of the tests performed and the results obtained.

4.   Interoperability certificate

278
Interoperability tests are carried out by a single laboratory under the authority and responsibility of the European Commission.

279
The laboratory shall register interoperability test requests introduced by manufacturers in the chronological order of their arrival.

280
Requests will be officially registered only when the laboratory is in possession of:

—	the entire set of material and documents necessary for such interoperability tests,

—	the corresponding security certificate,

—	the corresponding functional certificate,

The date of the registration of the request shall be notified to the manufacturer.

281
No interoperability tests shall be carried out by the laboratory, for a recording equipment or a tachograph card that have not been granted a security certificate and a functional certificate.

282
Any manufacturer requesting interoperability tests shall commit to leave to the laboratory in charge of these tests the entire set of material and documents which he provided to carry out the tests.

283
The interoperability tests shall be carried out, in accordance with the provisions of paragraph 5 of Appendix 9 of this Annex, with respectively all the types of recording equipment or tachograph cards:

—	for which type approval is still valid, or

—	for which type approval is pending and that have a valid interoperability certificate.

284
The interoperability certificate shall be delivered by the laboratory to the manufacturer only after all required interoperability tests have been successfully passed.

285
If the interoperability tests are not successful with one or more of the recording equipment or tachograph card(s), as requested by requirement 283, the interoperability certificate shall not be delivered, until the requesting manufacturer has realised the necessary modifications and has succeeded with the interoperability tests. The laboratory shall identify the cause of the problem with the help of the manufacturers concerned by this interoperability fault and shall attempt to help the requesting manufacturer in finding a technical solution. In the case where the manufacturer has modified its product, it is the manufacturer's responsibility to ascertain from the relevant authorities that the security certificate and the functional certificates are still valid.

286
The interoperability certificate is valid for six months. It is revoked at the end of this period if the manufacturer has not received a corresponding type approval certificate. It is forwarded by the manufacturer to the type approval authority of the Member State who has delivered the functional certificate.

287
Any element that could be at the origin of an interoperability fault shall not be used for profit or to lead to a dominant position.

5.   Type approval certificate

288
The type approval authority of the Member State may deliver the type approval certificate as soon as it holds the three required certificates.

289
The type approval certificate shall be copied by the type approval authority to the laboratory in charge of the interoperability tests at the time of deliverance to the manufacturer.

290
The laboratory competent for interoperability tests shall run a public web site on which will be updated the list of recording equipment or tachograph cards models:

—	for which a request for interoperability tests have been registered,

—	having received an interoperability certificate (even provisional),

—	having received a type approval certificate.

6.   Exceptional procedure: first interoperability certificates

291
Until four months after a first couple of recording equipment and tachograph cards (driver, workshop, control and company cards) have been certified to be interoperable, any interoperability certificate delivered (including this very first one), regarding requests registered during this period, shall be considered provisional.

292
If at the end of this period, all products concerned are mutually interoperable, all corresponding interoperability certificates shall become definitive.

293
If during this period, interoperability faults are found, the laboratory in charge of interoperability tests shall identify the causes of the problems with the help of all manufacturers involved and shall invite them to realise the necessary modifications.

294
If at the end of this period, interoperability problems still remain, the laboratory in charge of interoperability tests, with the collaboration of the manufacturers concerned and with the type approval authorities who delivered the corresponding functional certificates shall find out the causes of the interoperability faults and establish which modifications should be made by each of the manufacturers concerned. The search for technical solutions shall last for a maximum of two months, after which, if no common solution is found, the Commission, after having consulted the laboratory in charge of interoperability tests, shall decide which equipment(s) and cards get a definitive interoperability certificate and state the reasons why.

295
Any request for interoperability tests, registered by the laboratory between the end of the four-month period after the first provisional interoperability certificate has been delivered and the date of the decision by the Commission referred to in requirement 294, shall be postponed until the initial interoperability problems have been solved. Those requests are then processed in the chronological order of their registration.