Workshop System And Guidelines 2015 Version: 1.0 (SMB00-331)

Publication date: 2014-02-11
Reference number: SMB00-331

WORKSHOP SYSTEM AND GUIDELINES 2015 VERSION: 1.0

TECHNICAL SERVICE BULLETIN

Reference Number(s): SMB00-331, Date of Issue: February 11, 2014

VOLVO:	All Models
GROUP:	00
RELATED REF. NUMBER(S):	SMB00-331

SERVICE INFORMATION

NOTE: This document and its contents are subject to change. Its sole purpose is to provide an advanced notification on IT infrastructure guidelines required to support the technically advanced new XC90 and other SPA vehicles.

This document describes the technical specifications and standards that need to be incorporated in the dealership network and IT infrastructure for running VIDA, TIE and other workshop applications coming in 2015.

During 2015, all work bays and parking spaces used by customers visiting the workshops, shall be covered by a Wireless Local Area Network (WLAN). This is in order to fully support the reintroduction of the new XC90 and other SPA vehicles to come. SPA-based vehicles will support diagnostics over Ethernet and wireless LAN. This delivers a productivity advantage from faster communication and ease of connectivity. Ultimately, this will improve the Workshop experience.

This document is prepared as a technical guide to assist authorized Volvo dealers in building wired and wireless infrastructure for their workshops.

The document will be used intensively during the roll-out of VIDA for 2015.

The new VIDA application will support the new SPA vehicle models as well as all the current available vehicle models. Soon after, the current VIDA application, as we know it, will cease to exist.

It is strongly recommended that this document be reviewed along with a qualified IT consultant in order to gain an understanding of the costs and scope of the project.

1 INTRODUCTION

During 2015, all work bays and parking spaces used by customers visiting the workshops, shall be covered by WLAN. This document is prepared as a technical guide to assist authorized Volvo Cars dealers, importers, harbors and national sales companies to build wired and wireless infrastructure for workshops and other VIDA users. The document will be used intensively during the roll-out of VIDA for 2015.

The new VIDA application, to be delivered in 2015, will meet the requirement of the new SPA vehicle model as well as for current available vehicle models. Eventually the current version of VIDA will cease to exist.

2 VIDA IN 2015

SPA-based vehicles set to launch in 2015 will support diagnostics over Ethernet or wireless LAN. This delivers a productivity advantage from faster communication and ease of connectivity. An enhanced version of VIDA will be launched in tandem and will let the workshops work with SPA vehicles and other existing models from Volvo Cars.

Below diagram depicts the vehicle connectivity scenarios at the workshop in 2015.

There are three different ways of connecting a SPA vehicle to VIDA:

Wireless LAN connection between the vehicle and the workshop network (automatically), where the vehicle is accessible from any VIDA workstation in the workshop
Wired Ethernet , using an Ethernet cable to connect the vehicle to a LAN infrastructure, from where the vehicle is accessible from any VIDA workstation in the workshop.
Point-to-Point , using an Ethernet cable between the computer running the VIDA application and the vehicle.

2.1 Timeline

When the first release of the new VIDA application, launched in 2015 is delivered, the following mandatory components must be fulfilled in order to diagnose SPA vehicles:

VIDA required components.
Point-to-Point connectivity components.

To reap the full benefit of the wireless capabilities of the SPA vehicle, the following infrastructure is required:

Wireless LAN infrastructure setup.
Network configuration.

VIDA REQUIRED COMPONENTS DESCRIPTION

Mandatory requirements for VI DA (Feb 2015)	Recommended requirements for 2015-06-30
VIDA requirements, see chapter 3.1 VIDA requirements on .	Wireless LAN requirements, see chapter 3.2 Wireless LAN requirements on .
Point-to-Point connection requirements, see chapter 3.3 Point-to-Point connectivity requirements on .

3 REQUIREMENT DETAILS

3.1 VIDA requirements

The following are the mandatory infrastructure components for VIDA:

Workstation with Windows 7 Pro/Enterprise or Windows 8.1 Pro.
Public Internet must be facilitated at all workshops (see Volvo Cars Dealer Standards Document for Internet bandwidth requirement details). The Internet connection is used for the communication between the VIDA workstations and the VIDA central servers.
Network storage of 500 GB is needed per customer organization (Partner ID) to locally cache VIDA data. This should be made available either as a NAS drive or a shared folder - accessible to all VIDA workstations in the workshop.
Mobile Internet - USB Internet data card or smartphone Internet source is needed for using VIDA on board during test-drives.

3.1.1 Recommended specifications for VIDA workstation

It is the recommendation of Volvo Cars Customer Service that computer equipment bought for VIDA, should be possible to upgrade. If it is necessary to increase computer performance, it should be possible to increase RAM and replace hard drives easily. Furthermore, purchasing more memory will result in better performance since the use of virtual memory is minimised.

VIDA will be delivered as a desktop application replacing existing VIDA on Web as well as VIDA All-in-one. Users of VIDA on Web and VIDA All-in-one will need to execute an installer package that installs the necessary software components in their workstations.

For using the full version of VIDA, including diagnostics and software download, the workstation requirements are as presented in the table below.

PARTS DESCRIPTION

Item

Recommended specification for VIDA used for diagnostics and SWDL

Processor

Core i3 and above⁽¹⁾

Memory

4 GB or above

Local free disc space

10 GB⁽²⁾

Connections

3 x USB 2.0 or higher (One for DICE/Ethernet, one for SWDL special tool and one for mobile Internet in case of laptop)⁽³⁾

Operating System

Windows 7 Professional/Enterprise or Windows 8.1 Professional⁽⁴⁾

File system

NTFS

Display resolution

1280x1024⁽⁵⁾

⁽¹⁾	Names of processors are frequently changed. These are examples of what to use.

⁽²⁾	This is the disc space that should be available before VIDA is installed. The recommendation is based on the increase of used disk space over three years. If you have other applications, allow extra space for these according to their requirements.

⁽³⁾	Additional USBs may be needed for other equipment, such as mouse and keyboard.

⁽⁴⁾	Windows Update must be enabled and all available updates from Microsoft need to be installed.

⁽⁵⁾	The VIDA application is developed for a 1280 x 1024 resolution.

If diagnostics and software download shall not be used, the workstation requirements are as presented in the table below.

PARTS DESCRIPTION

Item

Recommended specification for VIDA used for parts and service Information access only

Processor

> Pentium IV, 1.3 GHz⁽¹⁾

Memory

2 GB or above

Local free disc space

4 GB⁽²⁾

Operating System

Windows 7 Professional/Enterprise or Windows 8.1 Professional⁽³⁾

File system

NTFS

Display resolution

1280 x 1024⁽⁴⁾

⁽¹⁾	Names of processors are frequently changed. These are examples of what to use.

⁽²⁾	This is the disc space that should be available before VIDA is installed. The recommendation is based on the increase of used disk space over three years. If you have other applications, allow extra space for these according to their requirements.

³ Additional USBs may be needed for other equipment, such as mouse and keyboard.

⁽³⁾	Windows Update must be enabled and all available updates from Microsoft need to be installed.

⁽⁴⁾	The VIDA application is developed for a 1280 x 1024 resolution.

3.2 Wireless LAN requirements

3.2.1 Introduction to WLAN

A WLAN typically extends an existing wired local area network to a wireless network. WLANs are built by attaching a device called access point (AP) to the edge of the wired network which provides wireless medium for wireless endpoints. SPA vehicles will establish a communication channel with the access point, using an in-built wireless network adapter. When the vehicle initiates the wireless connection, it must find an access point that is reachable and able to approve its membership.

3.2.2 Components required

3.2.2.1 Mandatory components

While forming a wireless and wired network for vehicles, these components are to be considered as mandatory for the setup:

Access point(s).
Wireless LAN controller(s).
RADIUS server.
DHCP server.

Wireless access points are specially configured nodes on WLANs that act as a central transmitter and receiver of WLAN radio signals. Access points are dedicated hardware devices featuring a built-in network adapter, antenna, radio transmitter and support wireless communication IEEE 802.11x standards.

A Service Set Identifier (SSID) is a sequence of characters that uniquely names a WLAN. The SSID differentiates one WLAN from another, so all access points and all devices attempting to connect to a specific WLAN must use the same SSID to enable effective roaming. As part of the association process, the vehicle will start searching for a new network with a predefined prefix string in the SSID at the dealership and if it matches, it will try to connect WLAN.

The vehicle negotiates its membership and security measures in the following sequence:

Use a predefined prefix string that matches the AP SSID.
Authenticate with the AP.
Use the packet encryption method.
Use the packet authentication method.
Build an association with the AP.

Wireless LAN Controller (WLC) is usually deployed to provide better flexibility to configure wireless policy administration and security settings through centralized provisioning and management. An AP registers itself with a WLC and tunnels all of the management and data packets to the WLC, which then switch the packets between the vehicle and the wired portion of the network. All of the configurations are done on the WLC and AP downloads the entire configuration from WLC and acts as a wireless interface to the vehicle.

It is highly recommended to use a WLC if the total number of access points needed is greater than 5 for better manageability as well as enabling better roaming facility in the coverage area for the vehicles.

Remote Authentication Dial in User Service (RADIUS) should be used as an authentication server (AS) for the vehicles to authenticate for WLAN. It connects to a database of allowed users on the network and is a central part in IEEE Standard 802.1X-2004 authentication. EAP-TLS method must be used for authentication purpose to connect WLAN. Access points or WLC act as authenticator to relay identity response from vehicle to AS. The WLAN authentication process involves mutual authentication between valid network client (SPA vehicle) and the AS through digital certificates. The AS should be one or more centrally accessed servers that are able to provide authentication services to all connected workshops.

A DHCP server needs to be configured in the newly formed WLAN in order to dynamically assign IP addresses to the connected vehicles from a leased pool.

NOTE: Multiple solutions for RADIUS authentication for wireless network is currently evaluated and the finalized solution will be communicated to national sales companies and dealers at a later point in time.

3.2.2.2 Reusable components in existing infrastructure

The below components could be reused, if these are already existing:

Firewall
Routers
Existing network connectivity between multiple workshops
Layer 2 and layer 3 switches
Proxy service for Internet
Internet bandwidth
Access Points
Wireless LAN Controller
RADIUS server
DHCP server

An existing firewall can be configured with an additional wireless zone in order to secure the wireless clients (SPA vehicles). It is recommended to secure VIDA workstations and other servers like RADIUS, DHCP etc.

The existing layer 2 and layer 3 switches could be used for the mentioned VLAN creation.

Existing routers, layer 3 switches can be used for routing purpose.

An existing proxy service can be used for Internet communication.

The existing public Internet can be used for Internet communication.

Wireless access points, wireless LAN controller, RADIUS server and DHCP server can be reused if they comply with the specifications mentioned in this document.

3.3 Point-to-Point connectivity requirements

SPA vehicles can be connected directly to a VIDA workstation with a standard Ethernet cable using network connectors for a Point-to-Point connection for diagnostics and software download. The following are the mandatory components required:

Additional Ethernet network adapters are required for each VIDA workstation to enable direct connectivity to the vehicle. It can be a PCI network card or a USB Ethernet adapter.
OBD II connector with RJ45-OBD II adapter.
Ethernet cable type CATS, CAT5e or CAT6 must be used for connectivity.

The Point-to-Point option will always be possible, even without any Wi-Fi components since it only requires an Ethernet cable. The other two connectivity mechanisms (wireless LAN connection and wired Ethernet) require additional equipment and configuration at the workshop.

4 ELECTRONIC WIRING DIAGRAM

Electronic Wiring Diagrams (EWDs) are accessible through VIDA.

It is also possible to run EWD as a standalone application. Java Runtime Environment and Adobe Reader have to be installed separately on the computer. When installing EWD on a computer which does not run VIDA, a pop-up will inform the user where to find the Java program and Adobe Reader on the Internet.

5 TIE

TIE is used to report errors/discrepancies and to distribute information. To access TIE, Microsoft Internet Explorer 10 is required.

6 VIDA MENU PRICING

VIDA Menu Pricing is a tool that can be used to plan work in the workshop. It combines Volvo Standard Times (VST), parts packages and price information into one complete job. The VIDA Menu Pricing information is used as part of the content in the work list creation in VIDA.

Starting 2015, VIDA Menu Pricing will be integrated with VIDA and there is no separate system requirement for VIDA Menu Pricing.

7 CONFIGURATION SPECIFICATIONS

7.1 Mandatory specifications for wireless LAN

The following factors contribute to the mandatory change specifications for wireless LAN.

7.1.1 Wireless configurations

IEEE network standard

The access points and wireless LAN controllers shall operate on IEEE standard 802.11 b/g/n mixed mode, for the wireless connectivity of vehicles at workshop, considering the antenna specification of the vehicle which operates on 802.11a/b/g/n for internal antenna and 802.11b/g/n for external antenna.

Frequency

The frequency band for the operation of WLAN should be set to 2.4 GHz and 5 GHz, taking consideration from vehicle specification which operates on 2.4 GHz for external antenna (802.11 b/g/n) and 2.4 GHz and 5 GHz for internal antenna (802.11a/b/g/n).

Data rates

The data rates support per vehicle is according to the specification mentioned in chapter 10.4 Data rate support for 80211n . The sizing at the dealer shall take into account that the data rate per vehicle should not be less than 20 Mb it/s at 2.4 GHz frequency for 802.11 b/g/n standard for full software download performance. High throughput at HT20 and HT40 shall be supported.

Mode of operation of access point

The mode of operation shall be set to access point mode. This enables the access points to act as wireless medium between the vehicle and WLC. The mode of operation for WLC will be routed/direct/switched mode.

Channel configuration

The WLAN should be configured to auto channel selection mode to enable it to find least congested channel for data communication with the SPA vehicles. The channels used by vehicle for passive scanning are 1, 6, 11, 2, 3, 4, 5, 7, 8, 9, 10, 12 at 2.4 GHz frequency and 34, 36, 38%0, 42, 44, 46, 48, 52 56, 60 64 100, 104, 108, 112, 116, 120, 124 128, 132, 140, 149 153, 157, 161 165, 183, 184 185 187 188 189 192 196 at 5 GHz frequency.

SSID

The SSID for WLAN should be configured with a unique prefix string, which will be provided by Volvo Cars Customer Service.

7.1.2 Access point antenna

Indoor antenna

To provide 360-degree coverage pattern inside the workshop bay, indoors and hall-ways at the dealership, omnidirectional antenna shall be deployed or dipole antenna shall be deployed for a very large area like indoor hallway, service bay, area requiring shared coverage space.

These antennas should have dual band capability to transmit/receive wireless signal in both 2.4 GHz and 5 GHz, when used for indoor purpose.

Outdoor antenna

Dipole antenna should be deployed for outdoor parking bay close to workshop building and directional antenna should be deployed to focus coverage towards specific direction like long hallways or outdoor long parking bay. The range of outdoor antennas shall be limited to the workshop area as much as possible.

Dual band antenna should use both 2.4 GHz and 5 GHz for dipole antennas and single band 2.4 GHz for directional antennas, as the external antenna on the vehicle operates on 2.4 GHz.

It is also possible to use outdoor access points for wireless coverage at outside parking area.

Antenna mounting recommendations

The mounting height of the access point should not be more than 5 meters.
Omnidirectional is typically mounted on a ceiling and gives better ceiling floor coverage. Use of high gain omnidirectional antenna should be avoided as higher gain in an omnidirectional antenna increases horizontal beam width with a decrease in vertical beam width. This effect will be more pronounced as the ceiling height increases.

7.1.3 Authentication

EAP-TLS certificated based authentication method must be used for secured WLAN authentication for vehicles, which means each WLAN configuration must use EAP-TLS-based certificate, generated and signed by Volvo Cars Certificate Authority. The PKI certificate will be provided by Volvo Cars Customer Service. The encryption protocol shall be set for AES-CCMP.

Central RADIUS authentication server needs to be deployed at dealer network infrastructure for WLAN authentication for vehicles. RADIUS method eliminates the need to store and manage authentication data on every AP/WLC on the WLAN, making security considerably easier to manage and scale.

It is mandatory to change RADIUS timeout to 5 seconds, allowing enough time for EAP-TLS authentication.

7.2 Network specifications

The network related changes specifications are specified below.

Central systems

If a firewall is used, make sure that port 80 for http and port 443 for https are open.

Dealer Management System

Dealers can connect to their locally installed Dealer Management System (DMS) from the VIDA application by configuring a locally available "VIDA DMS interface end point".

NOTE: This instruction does not cover the setup between the VIDA DMS interface implementation and the actual DMS. This is an issue for the party implementing the VIDA DMS interface.

In order for this to work the following steps must be completed:

The DMS vendor must have implemented the VIDA DMS interface.
The customer information in VIDA Admin must be updated.

VLAN configuration

Dealers may use same VLAN for wireless/wired network for vehicles, as well as for other purposes on the workshop.

IP subnets

A sizing needs to be done of the subnet based on the number of vehicles serviced per day or during particular time duration.

DHCP

Automatic IP address assignment through DHCP server needs to be configured for SPA vehicles that connect through Wi-Fi and Ethernet cable to the network. New DHCP scopes need to be created for the new wireless and wired subnets for each workshop.

The IP address lease period for the scope should be set to 4 hours.

Network switch port configuration

The switch ports connecting to AP and WLC should be configured for trunk mode. This is required to carry data traffic for multiple VLANs simultaneously. 100 Base-T/1000 Base-T switch ports shall be used for access point and WLC connectivity. Enable portfast on the switch port where AP is connected to enable faster joining process with WLC.

Network configuration

Necessary access rules should be enabled for facilitating the communication from the newly created wired and wireless vehicle subnets with VIDA workstation subnet through firewall access-list or layer 3 switch access-list whichever is applicable.

UDP port 13400 must be allowed from the VIDA subnet to wired and wireless vehicle subnet for directional broadcast from VIDA master and TCP port 13400 must be allowed from VIDA subnet to wired and wireless vehicle subnet for diagnostic communication.

In VIDA Admin, the VIDA administrator shall configure the "from" and "to" IP address range for sending the vehicle identification request [Unicast UDP] messages.

NOTE: The directed broadcast for DoIP mentioned above must be limited to the same workshop network, i.e., the directed broadcast for DoIP should be enabled for the VIDA subnet and the vehicle subnet residing in the same workshop location, not across multiple locations for safety requirement. Necessary firewall rules or layer 3-based access list must be enabled to block such traffic between workshops.

Necessary firewall access must be enabled to allow internally hosted RADIUS server at dealer network to connect Volvo Cars Internet hosted OCSP responder for digital certificate verification.

Network cable type

Twisted-pair cables (CATS, CAT5e, CAT6) shall be used for network connectivity.

Universal Resource Locators

The Universal Resource Locators (URLs) below will be used by VIDA. Make sure that the URLs are not blocked by a proxy or an external or internal firewall.

UNIVERSAL RESOURCE LOCATORS DESCRIPTION

Service	URL	port
Volvo Cars password server	TBD	TBD
VIDA Admin	http://vidacas.volvocars.biz/AdministrationWeb	80
TIE	https://tie.volvocars.biz	443

7.3 Additional software requirements

There are different plug-ins that are needed for VIDA to work properly, these are described below.

7.3.1 IsoView

IsoView is an image viewing plug-in, automatically started together with VIDA. IsoView is included in the VIDA installation and there is no additional license fee.

7.3.2 Adobe Acrobat Reader

Adobe Acrobat Reader is included in the VIDA installation.

7.3.3 Microsoft Windows user account

In order to install VIDA, the Microsoft Windows user account has to be set to administrator.

NOTE: It is not possible to run VIDA logged in to the operating system with a guest account. Try to avoid having a domain policy that will override the normal rights for the supported user accounts. Some restrictions might make VIDA not work. For example a user must have right to change the registry since VIDA requires that when adding a DICE. It is strongly recommended that all VIDA users log in as administrators with full admin rights.

7.4 Vehicle communication tools

NOTE: Vehicle communication tools are used to perform diagnostic readouts, diagnostic fault tracing and software downloads on vehicles built on platforms prior to SPA. For SPA vehicles, VIDA does not need to be connected to the vehicle through a communication tool.

A vehicle communication tool transfers data from a VIDA workstation to the correct receiver in the vehicle.

VIDA supports DICE and J2534 devices. Volvo Car Corporation recommends DICE for vehicle communication with vehicles built on platforms prior to SPA.

7.4.1 DiCE

DICE uses a Bluetooth connection to transfer information between VIDA and the vehicle. A USB cable can be used as an alternative to the Bluetooth connection.

Please note that no third party Bluetooth dongles can be used with DiCE, only Volvo Cars DiCE equipment can be used.

Multiple DiCEs

It is possible to connect more than one DiCE to VIDA and download software to as many as three vehicles in parallel and have one vehicle in the diagnostic workflow at the same time. One VIDA workstation with four DiCEs can thus handle four vehicles simultaneously.

7.4.2 J2534 devices

For all vehicles with model year 2004 and later, equipped with OBD and reprogramming capability, manufacturers shall comply with SAE J2534. There are two different versions of J2534:

J2534-1 can be used to download software to vehicles from, and including, model year 2004. J2534-1 manages software to control modules on CAN HS (Controller Area Network High Speed) that are emission related. J2534-1 cannot be used for diagnostics.
J2534-2 manages software download to control modules on both CAN HS and CAN MS (Controller Area Network Middle Speed).

The hardware used to validate VIDA's compliance with J2534 can be purchased separately from third-party suppliers. Validation has been done using the following J2534 pass-thru devices:

J2534-1: Actia Passthru+ XS and CarDAQ2534.
J2534-2s: CarDAQ Plus.

For more information regarding these devices, please contact the respective manufacturer.

8 ADMINISTRATION

8.1 Wireless LAN

WLAN, administration

8.1.1 Access points and wireless LAN controller

Separate WLAN configuration is recommended for each workshop on the WLC. The management interface and virtual interfaces on the WLC shall be configured with static IP address. The access points shall be configured with a static IP addresses and the DHCP client option shall be kept disabled.

8.1.2 Disable default manufacturer settings

The vendor specific default passwords should be changed to a complex enterprise standard password as applicable to AP, WLC and other WLAN components. The default SSID from manufacturer must be disabled.

8.1.3 Management access

Restricted management access shall be followed for AP and WLC with web interface on HTTPS and CLI on SSH only.

8.1.4 Event logging

Event logging mechanism is recommended to be configured on the AP/WLC with remote logging support like syslog.

8.1.5 Security

AP should be mounted in a secure location and access to the AP should be restricted. The signal strength should be verified with a site survey tool in workshop areas and outside parking areas.

8.1.6 Rouge AP detection

Rouge AP detection should be enabled to identify unregistered AP and ensure that only authorized APs are registered. Rogue management allows the network administrators to monitor and eliminate wireless security intrusion. WLC provides two methods of rogue detection, namely Rogue Location Discovery Protocol (RLDP) and passive operation that enable a complete rogue identification and containment solution.

8.1.7 Intrusion detection

Wireless IDS must be enabled to detect intrusion and threat for the wireless network.

8.2 High availability

It is recommended that all the network devices and servers should be configured in high availability mode.

It is highly recommended to have redundant Internet connectivity for high availability. Dealerships should consider having Internet connectivity from multiple service providers to maintain high availability.

It is also recommended to have redundant power supply for the network devices and servers.

8.3 Endpoint security

Licensed and regularly updated version of antivirus software should be used to protect all servers and workstations.

8.4 Patch management

Security patches (Microsoft or non-Microsoft) should be applied on workstations, servers and non-windows systems on monthly/quarterly basis as applicable.

8.5 Administrative rights

The VIDA workstation shall also be enabled for WebEx installation and Volvo Cars special software download tools in case central support is required. The required administrative rights must be granted to the technicians to install applications in case central support is required.

8.6 NTP sync

It is mandatory to use NTP synchronization for all the network devices and servers.

8.7 Backup

It is mandatory to perform configuration backup of network devices and servers on regular basis (weekly/monthly/quarterly).

9 PRODUCT SPECIFICATIONS

9.1 Product specifications for AP

The following are the product specifications under various standards related to the access point.

9.1.1 Wireless standards

Product specifications for AP - 9.1.1 WIRELESS STANDARDS

Standards	Support
IEEE Standards	Single Radio - 802.11n, 802.11g, 802.11b, 802.11a 802.11ac
Ports	Ethernet 100BASE-T/1000BASE-T support
Band support	Dual Band
Cabling type	Twisted-pair cabling (Cat 5, Cat 5e, Cat 6)
PoE support	Yes
Management access	Web interface (HTTPS), CLI (SSH)
SNMP version	1, 2C, 3
Event logging	Event logging, remote Logging
DHCP support	DHCP server, external DHCP server
Backward compatible	Yes
Spec/modulation	Radio and modulation type: 802.11b/DSSS, 11g/OFDM, 11n/OFDM, 11a/OFDM, DSSS
Operating frequency	2.4, 5 GHz
Channels	2.4 GHz: 1, 6, 11, 2, 3, 4, 5, 7, 8, 9, 10, 12 5 GHz: 34, 36, 38, 40, 42, 44, 46, 48, 52, 56, 60, 64, 100, 104, 108, 112, 116, 120, 124, 128, 132, 140, 149, 153, 157, 161, 165, 183, 184, 185, 187, 188, 189, 192, 196
Channel selection	Auto-channel selection to find the least congested channel
WLAN mode at 2.4 GHz	802.11b, 802.11g, 802.11b/g mixed, 802.11b/g/n, 802.11g/n, 802.11n
WLAN mode at 5 GHz	802.11n
Bandwidth support	20 MHz, 40 MHz
Spatial stream	MIMO
Integrated antenna	Yes (optional)
Support for external antenna Antenna type	Yes
Antenna type	Omni directional/dipole/directional
Transmit power	Dependent on vendors as well country/region
Minimum antenna gain in dBi	3
Receiver sensitivity	Vendor dependent. Data rate criteria shall be used as per MCS index value
High throughput	Support HT20 & HT40
Data rate support at 2.4 GHz frequency	802.11b: 1, 2, 5.5, 11 Mbps using 20 MHz channels. 802.11g:6, 9, 12, 18, 24, 36, 48, 54 Mbps using 20 MHz channels. 802.11n:6.5, 13, 19.5, 26, 39, 52, 58.5, 65, 78, 104, 117, 130 using 20 MHz channels. 802.11n:13.5, 27, 40.5, 54, 81, 108, 121.5, 135, 162, 216, 243, 270 using 40 MHz channels.
Data rate support at 5 GHz frequency	802.11a: 6, 9, 12, 18, 24, 36, 48, and 54 Mb/s using 20 MHz channels 802.11n: 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 86.7, 115.6, 130, 144.4 Mbps using 20 MHz channels. 802.11n:15, 30, 45, 60, 90, 120, 135, 150, 180, 240, 270, 300 Mb/s using 40 MHz channels.
QoS support	Full

9.1.2 Network capability

PRODUCT SPECIFICATIONS FOR AP - 9.1.2 NETWORK CAPABILITY

Standards	Support
Service Set Identifier (SSID)	Yes. Supports ESS
Multiple BSSID support	Yes
VLANs	802.1q support
Spanning tree	Supports 802.1q spanning tree protocol
802.11d regulatory domain	Support. (Enables the AP to provide radio channel settings for client devices, facilitating easy client access as they move across regulatory domains.)

9.1.3 Wireless security standards

PRODUCT SPECIFICATIONS FOR AP - 9.1.3 WIRELESS SECURITY STANDARDS

Standards	Support
WEP/WPA/WPA2	WPA2
802.1X	Wireless clients can be authenticated through IEEE 802.1X
Authentication method support	EAP-TLS, PEAP-TLS, EAP-FAST
802.1X supplicant	Support 802.1X supplicant on the Ethernet port to allow the access point to authenticate itself to the network
RADIUS server	Yes
WPS	Support WPS, a WI-FI Alliance specification for simple and secure setup of a wireless network
IDS/IPS	Support IDS/IPS for external network intruders/threats
Rogue access point detection	Yes
Encryption support	AES(128, 256 bits), AES-CCMP, TKIP
Certificate	Support for X509 PKI certificate

9.2 Product specifications for wireless LAN controller

The following are the product specifications under various standards related to the wireless LAN controller.

9.2.1 Wireless standards

PRODUCT SPECIFICATIONS FOR WIRELESS LAN CONTROLLER - 9.2.1 WIRELESS STANDARDS

Standards	Support
IEEE Standards	802.11n, 802.11g, 802.11b, 802.11a, 802.11ac
Ports	Ethernet 100BASE-T/1000BASE-T, IEEE 802.1Q Vtagging, fiber channel
Cabling type	Twisted-pair cabling (Cat 5, Cat 5e, Cat 6)
RFC compliance	RFC 5415 CAPWAP protocol specification RFC 5416 CAPWAP binding for 802.11
Management access	Web interface (HTTPS), command line (SSH)
SNMP version	1, 2C, 3
PoE support	Yes
Event logging	Syslog support, remote logging
DHCP support	DHCP server, External DHCP server
Backward compatible	Yes
High availability support	Yes
Mobility support	Layer 2 and 3
Bi-directional rate limit support	Yes
RF management	Automated access point power/channel auto-tuning, Support to provide real-time and historical information about RF interference impacting network performance

9.2.2 Network capability

PRODUCT SPECIFICATIONS FOR WIRELESS LAN CONTROLLER - 9.2.2 NETWORK CAPABILITY

Standards	Support
Local switching and routing	Enables data forwarding in WLC
AP support	APs managed by WLC across direct, switched or routed connections
VLANs	802.1q tagging and trunking support
Spanning tree	802.1d Spanning tree and per-VLAN spanning tree (PVST+)
AP management	Tracking the location, roaming history, virtual private group, network addresses, state, activity, errors, usage and other attributes by user name, session, VLAN, or user group

9.2.3 Wireless security standards

PRODUCT SPECIFICATIONS FOR WIRELESS LAN CONTROLLER - 9.2.3 WIRELESS SECURITY STANDARDS

Standards	Support
Security standards	WPA, WPA2, RSN, IPSec, DTLS
Authentication method support	EAP-TLS, EAP-FAST, EAP-TTLS, PEAP-TLS
External RADIUS support	Yes
Authentication, Authorization, and Accounting (AAA)	RADIUS Support for EAP (EAP-TLS)
	RADIUS Authentication, Accounting, Tunnel Accounting, Extensible Protocol
	Dynamic authorization extensions to RADIUS
	IEEE 802.1X RADIUS guidelines
ACL support	Yes
Encryption support	AES:CBC, CCM, CCMP
	SSL and TLS: RC4 128-bit and RSA 1024 and 2048-bit
	DTLS:AES-CBC
	IPSec:DES-CBC, 3DES, AES-CBC
Certificate	Support for X.509 PKI certificate
Rogue access point detection	Yes

9.2.4 Scalability standards

PRODUCT SPECIFICATIONS FOR WIRELESS LAN CONTROLLER - 9.2.4 SCALABILITY STANDARDS

Parameters	Support
Min and max WLAN support (small to large enterprise)	16 To 512
Min and max VLAN support (small to large enterprise)	16 To 4096
Min and max access points support (small to large enterprise)	5 To 6000
Min and max client support (small to large enterprise)	3000 To 64000
Min and max throughput (small to large enterprise)	500 Mbps to 10 Gbps

10 APPENDICES

10.1 Examples of network architecture

The network designs of workshops vary in several ways from one another. This chapter considers a set of typical network architectures and illustrates possible ways to incorporate the requirements for VI DA for wired and wireless infrastructure in those.

It is recommended that dealerships consider their existing network infrastructure, size of operation and scalability aspects in conjunction with below design examples to evolve a suitable architecture and required components.

10.1.1 Typical 3-tier architecture

This section details a 3-tier network security architecture example which forms an enhanced security model and consists of multilayer firewalls, providing security for the Internet zone, DMZ, transport zone and internal zone.

Internet zone - Represents untrusted public network.

DMZ - Hosts components which provide services for communicating with public Internet resources.

Transport zone - Hosts application services which require communication with DMZ and internal production zone to enhance security without exposing the production service directly to Internet facing DMZ.

Internal zone - Hosts core applications services.

Complying with the above, the wireless and wired zone can be separate zones, providing secure network connectivity for the vehicles by authenticating and authorizing through AP, WLC, and RADIUS server. Considering various network topology at dealerships, it has been classified into three categories:

Type 1 (A & B) - Multi Site Single Internet gateway.

Type 2 - Multi Site Multi Internet gateway.

Type 3 - Single Site Single Internet gateway.

10.1.2 Type 1 (A)-Multi Site Single Internet gateway

Keeping in line with a 3-tier network security architecture, the following diagram shows the setup for multi site dealership infrastructure where all the branch networks are connected internally through WAN network. This kind of design will facilitate the usage of shared Internet through single Internet gateway. The wired and wireless network for vehicles can be created across individual sites and the centralized services like RADIUS, WLC, DHCP, proxy etc. are configured at central location.

Features

Multilayer firewalls to protect and provide secure connectivity.
All sites of the dealership connected over WAN and sharing common Internet.
Access point deployment at individual sites.
Dedicated central WLC deployment or multiple WLC deployment with respect to various connected branches considering number sites, internal WAN bandwidth and number of access points used
Separate WLAN configuration for individual sites.
Centralized RADIUS server for authentication.
Single DHCP server for IP address assignment for SPA vehicles that connect through Wi-Fi and Ethernet cable to the network.

10.1.3 Type 1 (B)-Multi Site Single Internet gateway

The following diagram is similar to Type 1 (A), however instead of multilayer firewall setup; it can be of single perimeter firewall and layer 3 switch to have multiple VLANs to segregate different internal zones through access lists.

Features

Single firewall to protect and provide secure connectivity for the Internet.
Layer 3 access list to protect internal network resources.
All sites of the dealership connected over WAN and sharing common Internet.
Access point deployment at individual sites.
Dedicated central WLC deployment or multiple WLC deployment with respect to various connected branches considering number sites, internal WAN bandwidth and number of access points used
Separate WLAN configuration for individual sites.
Centralized RADIUS server for authentication.
Single DHCP server for IP address assignment for SPA vehicles that connect through Wi-Fi and Ethernet cable to the network.

10.1.4 Type 2 - Multi Site Multi Internet gateway

In this scenario, the network setup is common as Type 1 (A) and Type 1 (B), however the Internet gateway can be multiple and operate from different site as a part of business continuity plan, disaster recovery plan or depending upon geographical region of the sites to reduce latency for the Internet access. The centralized services for infrastructure components can be at a single location or can be distributed across multiple locations.

Features

Multiple Internet connectivity at different sites.
Sharing of Internet connectivity among multiple sites.
Access point deployment at individual sites.
Dedicated central WLC deployment or multiple WLC deployment with respect to various connected branches considering number sites, internal WAN bandwidth and number of access points used
Separate WLAN configuration for individual sites.
Centralized RADIUS server for authentication.
Multiple DHCP servers for IP address assignment for SPA vehicles that connect through Wi-Fi and Ethernet cable to the network.
Layer 3-based access list to protect internal network resource.

10.1.5 Type 3 - Single Site Single Internet gateway

This can be one of the possible examples, where the network infrastructure is very minimal in comparison to enterprise-level advanced network models. It is one of the best possible ways of establishing wired and wireless network for vehicles through a layer 3 switch by creating separate VLAN and configuring access points. This scenario is applicable for those workshops which have single site with single point for Internet access.

Features

Single Internet connectivity through firewall and Internet router.
Layer 3-based multi VLAN based network.
Access point deployment at single site.
Wireless LAN controller recommended if the number of access points is more than 5.
WLAN configuration.
RADIUS server for authentication.
Single DHCP server for IP address assignment for SPA vehicles that connect through Wi-Fi and Ethernet cable to the network.

NOTE: If the dealer has very minimal network infrastructure lesser than shown in the figure above, then they should upgrade their existing infrastructure to at least a basic infrastructure that supports wire less infrastructure.

10.2 Wireless radios

PRODUCT SPECIFICATIONS FOR WIRELESS LAN CONTROLLER - 10.2 WIRELESS RADIOS

802.1 protocol		A		B	G	N
Frequency (GHz)		2.4	5	2.4	2.4	2.4		5
Bandwidth (MHz)		20	20	20	20	20	40	20	40
Data rate per stream (Mbit/s)		1, 2	6, 9, 12, 18, 24, 36, 48, 54	1, 2, 5.5, 11	6, 9, 12, 18, 24, 36, 48, 54	6.5, 13, 19.5, 26, 39, 52, 58.5, 65	13.5, 27, 40.5, 54, 81, 108, 121.5, 135	7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2	15, 30, 45, 60, 90, 120, 135, 150
Allowable Multiple Input Multiple Output (MIMO) streams		1	1	1	1	4
Modulation		DS SS, FH SS	OFDM	DSSS	OFDM, DSSS	OFDM
Approximate indoor range	(m)	20	35	35	38	70
Approximate indoor range	(ft)	66	115	115	125	230
Approximate outdoor range	(m)	100	120	140	140	250
Approximate outdoor range	(ft)	330	390	460	460	820
Max. No. of non-overlapping channels		-	21	3	3	3	1	21	9

10.3 RF barriers

PRODUCT SPECIFICATIONS FOR WIRELESS LAN CONTROLLER - 10.3 RF BARRIERS

RF barrier	Attenuation
Air	Minimum
Wood	Low
Plaster	Low
Synthetic material	Low
Glass	Low
Water	Medium
Bricks	Medium
Marble	Medium
Paper	High
Concrete	High
Metal	Very high

10.4 Data rate support for 802.11n

Modulation and Coding Scheme (MCS) index values can be used to determine the likely data rate of wireless connection. The MCS value essentially summarizes the number of spatial streams, the modulation type and the coding rate that is possible when connecting a wireless access point. The actual MCS will depend on variables such as hardware design and local interference. If a wireless connection cannot be maintained, i.e. there are too many CRC errors being experienced on the link, the MCS value can be lowered which will reduce the error rate, but reduce data rate.

MODULATION AND CODING SCHEME INDEX VALUES SPECIFICATION

MCS index	GI2 = 800ns		GI = 400ns
MCS index	20-MHz Rate (Mbps)	40-MHz Rate (Mbps)	20-MHz Rate (Mbps)	40-MHz Rate (Mbps)
0	6.5	13.5	7.2	15
1	13	27	14.4	30
2	19.5	40.5	21.7	45
3	26	54	28.9	60
4	39	81	43.3	90
5	52	108	57.8	120
6	58.5	121.5	65	135
7	65	135	72.2	150
8	13	27	14.4	30
9	26	54	28.9	60
10	39	81	43.3	90
11	52	108	57.8	120
12	78	162	86.7	180
13	104	216	115.6	240
14	117	243	130	270
15	130	270	144.4	300

10.5 Vendor reference for WLAN

The below list presents recommended, but not mandatory vendors. It is the specifications that need to be met.

Alcatel-Lucent
Aruba Networks
Hewlett-Packard
Cisco
Meru Networks
Nortel Networks
Siemens
Juniper
Fortinet
Avaya

10.6 Vendor reference for NAS storage

The below list presents recommended, but not mandatory vendors. It is the specifications that need to be met.

Seagate
Netgear
NetApp
Hitachi
IBM
HP
Dell
EMC

11 ABBREVIATIONS

ACL - Access Control Lists

AES-CCMP - AES Counter mode CBC MAC Protocol

AP - Access Point

AS - Authentication Server

BSSID - Basic Service Set Identifier

CAT - Category (cable)

CAN HS - Controller Area Network High Speed

CAN MS - Controller Area Network Middle Speed

CLI - Command Line Interface

DHCP - Dynamic Host Configuration Protocol

DiCE - Diagnostic Communication Equipment

DMS - Dealer Management System

DMZ - Demilitarized Zone

DoIP - Diagnostics over IP

DTLS - Datagram Transport Layer Security

EAP-TLS - Extensible Authentication Protocol-Transport Layer Security

ESS - Extended Service Set

IDS/IPS - Intrusion Detection System/Intrusion Prevention System

IEEE - Institute of Electrical and Electronics Engineers

IP - Internet Protocol

LAN - Local Area Network

MCS - Modulation and Coding Scheme

NAS - Network Attached Storage

NTFS - New Technology File System

NTP - Network Time Protocol

OBD - On Board Diagnosis

OCSP - Online Certificate Status Protocol

PoE - Power over Ethernet

PCI - Peripheral Component Interconnect

PKI - Public-key infrastructure

RADIUS - Remote Authentication Dial In User Service

RAM - Random Access Memory

RF - Radio Frequency

RFC - Request For Comments

SNMP - Simple Network Management Protocol

SPA - Scalable Product Architecture

SSH - Secure Shell

SSID - Service Set Identifier

SWDL - Software download

TBD - To Be Decided

TCP - Transmission Control Protocol

TIE - Technical Information Exchange

UDP - User Datagram Protocol

USB - Universal Serial Bus

URL - Universal Resource Locator

VIDA - Vehicle Information and Diagnostics for Aftersales

VLAN - Virtual Local Area Network

VST - Volvo Standard Time

WLAN - Wireless Local Area Network

WLC - Wireless LAN controller

WPA - Wi-Fi Protected Access

12 HISTORY LOG

12.1 320US01

Document created.

13 INDEX

1, 2, 3...

3-tier ........................................................ 26

Abbreviations ........................................... 34

Access point mode .................................. 14

Access points ............................................ 8

Access point specifications ...................... 21

Access rules ............................................ 16

Administrative rights ................................ 20

Adobe Acrobat Reader ............................ 17

Antenna ................................................... 14

Antivirus software .................................... 20

Backup ..................................................... 20

Cable type, Ethernet ................................ 10

Cable type, network ................................. 16

Central systems ....................................... 15

Channel configuration .............................. 14

Connection types ....................................... 5

Connection types for SPA vehicles ........... 5

Connectivity scenarios ............................... 5

Data rates ................................................ 14

DHCP server ....................................... 9, 16

Diagnostic requirements ............................ 7

DiCE ........................................................ 18

DMS ......................................................... 15

EAP-TLS .................................................. 15

Electronic Wiring Diagram ....................... 11

Firewall .................................................... 16

Firewall, open ports ................................. 15

Frequency band ....................................... 14

High availability mode .............................. 19

Installer package ....................................... 7

IP subnets ................................................ 16

IsoView .................................................... 17

J2534 ....................................................... 18

Launch plan ............................................... 5

Mandatory infrastructure components ....... 7

MCS index ............................................... 32

Mobile Internet ........................................... 7

Multi Site Multi Internet gateway .............. 29

Multi Site Single Internet gateway ..... 27, 28

Network architecture ................................ 26

Network configuration .............................. 16

Network examples ................................... 26

Network specifications ............................. 15

Network standard .................................... 14

Network storage ........................................ 7

Network switch port configuration ............ 16

NTP synchronization ............................... 20

Performance improvement ........................ 7

Point-to-Point requirements ..................... 10

Public Internet ............................................ 7

RADIUS ..................................................... 9

Requirements, overview ............................ 6

RF barriers ............................................... 32

Security patches ...................................... 20

Service Set Identifier ........................... 9, 14

Single Site Single Internet gateway ......... 30

SPA, mandatory diagnosis components .... 5

SPA vehicles ............................................. 5

TIE ........................................................... 12

Timeline ..................................................... 5

URLs ........................................................ 17

Vehicle communication tools ................... 17

Vendor reference ..................................... 33

VIDA Admin ....................................... 15, 16

VIDA Menu Pricing .................................. 13

VLAN configuration .................................. 16

Windows user account ............................ 17

Windows version ....................................... 7

Wireless configurations ........................... 14

Wireless radios ........................................ 31

WLAN definition ......................................... 8

WLAN requirements .................................. 8

WLC ........................................................... 9

Workstation requirements .......................... 7