WO2019149444A1 - Establishing different euicc modes - Google Patents

Establishing different euicc modes Download PDF

Info

Publication number
WO2019149444A1
WO2019149444A1 PCT/EP2019/000034 EP2019000034W WO2019149444A1 WO 2019149444 A1 WO2019149444 A1 WO 2019149444A1 EP 2019000034 W EP2019000034 W EP 2019000034W WO 2019149444 A1 WO2019149444 A1 WO 2019149444A1
Authority
WO
WIPO (PCT)
Prior art keywords
integrated circuit
operating mode
circuit card
operating modes
operating
Prior art date
Application number
PCT/EP2019/000034
Other languages
English (en)
French (fr)
Inventor
Andreas Zinke
Waleed Badawy
Enric FORT
Original Assignee
Giesecke+Devrient Mobile Security Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke+Devrient Mobile Security Gmbh filed Critical Giesecke+Devrient Mobile Security Gmbh
Publication of WO2019149444A1 publication Critical patent/WO2019149444A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/086Access security using security domains
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/02Arrangements for optimising operational condition

Definitions

  • the present invention is directed towards a method for establishing different operating modes according to specified use cases of an embedded Universal Integrated Circuit Card, eUICC for short.
  • the present invention creates the possibility that rights management is applied regarding different stages of eUICC manufacturing and personalization.
  • the present invention is furthermore directed towards a communication protocol and a computer pro gram product implementing the method steps.
  • an embedded Universal Integrated Circuit Card is suggested along with a mobile terminal comprising the embedded Universal Integrated Circuit Card.
  • US 2014/0219447 A1 teaches a method of managing a profile by using an embedded Universal Integrated Circuit Card cooperating with a mobile network operator, MMO for short, system and subscription manager.
  • the sug gested method encrypts and decrypts respective profile information.
  • US 2014/0235210 A1 teaches a method of managing key information of an embedded Universal Integrated Circuit Card, which is performed in the eUICC while interworking with external entities including a mobile network operator system.
  • US 2014/ 0329502 A1 teaches a method of certificating an embedded Univer sal Integrated Circuit Card cooperating with a mobile network operator sys tem and a subscription manager amongst others.
  • eUICC operating systems support only one mode or status. They provide no possibility to restrict or grant specific functionality, access and support for dedicated use cases.
  • OEMs have access to any profile preloaded to the eUlCC including MNO profiles.
  • MNO profiles In certain scenarios which are dependent on the hardware form factor of the eUlCC, the GSMA certified data generation site cannot di rectly personalize the eUlCCs due to handling problems. Personalization has to be taken over by the semiconductor manufacturer which currently do not fulfill the GSMA requirements.
  • MNO profiles cannot be preloaded to an eUlCC but have to be downloaded via an AirOn platform after device production, which causes additional costs, effort and integration.
  • the AirOn platform can be accessed only over the air and is mostly used by MNOs or customers who act as a virtual MNO within their product landscape, e.g. automotive manufacturers.
  • Test equipment profiles cannot be downloaded from an AirOn platform or OEM production sites are shielded and do not provide over-the-air connectivity. Therefore, test equipment profiles must be preloaded during eUICC production.
  • the profile configuration of each project is typically customer specific and non-generic.
  • In-Factory-personalization of eUICCs requires a full profile setup process at the data-generating entity including generation of a part number, materials, logistic and financial order process. This also applies to the eUICC manufac turer who finally personalizes the eUICCs on-wafer. This is a very time- consuming process which requires resources on both sides, the data- generating entity and eUICC manufacturer. These efforts have to be made in each customer project due to the individual profile setup for each customer. In addition, eUICC manufacturers are not GSMA certified and therefore restricted to personalize MNO card profiles.
  • a method for establishing different operating modes according to specified use cases of an embedded Universal Integrated Circuit Card comprising the steps of specifying functionality and data items being provided by the embedded Universal Integrated Circuit Card, thereby establishing an operating mode, wherein the step of specifying is performed iteratively for providing different operating modes and operat ing the embedded Universal Integrated Circuit Card according to one of the operating modes, wherein access is exclusively granted to functionality and data items specified for the current operating mode.
  • the method steps may comprise further substeps and may be performed iteratively and/or in a different order using predefined operat ing modes.
  • a profile is a combination of file struc ture, data and applications to be provisioned onto or present on an eUICC. Provision refers to downloading and installation of a profile into an eUICC. Furthermore, the present invention is directed towards a provisioning profile, which is a profile containing one and more network access applications and associated network access credentials which, when installed on an eUICC, enables access to communication networks only to provide transport capability for eUICC management and profile management.
  • a mobile network operator is an entity providing access capability and communication services to customers through a mobile network infrastructure.
  • An embedded UICC, eUICC for short is a UICC which is not easily accessi ble and is not intended to be removed or replaced in the terminal. Such an eUICC enables the secure changing of subscriptions.
  • a subcriber is an entity that is engaged in a subscription with a service provider.
  • the subscriber is allowed to subscribe and unsubscribe to services, to register a user or a list of users authorized to use services and also to set limits to the usage that associated users make of these services.
  • a service pro vider is understood to be an actor who provides services to its service sub scribers on a contractual basis and who is responsible for the services offered.
  • An operating mode is a mode in which the UICC or eUICC, in particular the operating system of the UICC or eUICC, can be generally operated.
  • Depend ing on the operation mode e.g. file permissions of files of a file system of the (e)UICC can be different.
  • an operating mode is different to a profile, in particular a MNO profile.
  • a profile is for example more like an application program or configuration data of an application program where as the operating mode is preferably a current configuration of the operating system of the (e)UICC.
  • the present invention is directed towards an eUICC, which is also referred to eSIM, and may accordingly be referred to as embedded SIM.
  • eUICC which is also referred to eSIM, and may accordingly be referred to as embedded SIM.
  • OTA over-the-air interface
  • the profile fea tures the information the MNO needs to enable communication and connec- tivity of the SIM and typically, these profiles are locked to the SIM meaning that changing an operator will imply the replacement of the SIM.
  • so-called e-SIM cards are introduced, which are ena bled to host information of the provider profiles and can be programmed to use a specific profile or change a profile at any time without the need for physical replacement.
  • the present invention overcomes the problem that personalization of the eUICC is labor intense as several modes can be stored on the eUICC and can be selected during manufacturing processes or at runtime.
  • the present invention furthermore provides the advantage that user data can be handled confidentially as in case the user terminal, for instance a mobile phone, is returned to a manufacturer, a confidential mode can be established, thereby hiding user information and accordingly functionality, which is not needed during repair processes, can be disabled. It is furthermore an ad vantage of the present invention that specific modes can be downloaded and applied on the eUICC and accordingly, the personalization process can be performed at minimal effort. In such a way, individual profile setup is improved and it is merely required to select a specific mode.
  • Providing different operating modes means that several operating modes are created, wherein one operating mode can be activated at a time. Consequent ly, specific functionality can be performed, which is not possible during enabling of a further operating mode. Such operating modes must not necessari ly be completely disjoint and accordingly they may overlap.
  • the embedded Universal Integrated Circuit Card eUICC for short, is then operated according to one of the operating modes, which may be selected automatically. It may be the case that during a manufacturing process, a spe cific operating mode is activated and upon termination of the manufacturing process a next operating mode is activated. Consequently, specific events may be defined, which switch the embedded Universal Integrated Circuit Card to a further operating mode. For instance, in case specific profiles are provisioned, the suggested method may switch the operating mode upon detection that specific data is employed. In this way an automatic switch op eration can be implemented handing one operating mode over into a further operating mode.
  • the events, which cause switching of the operating mode can be defined according to process steps. It is furthermore of advantage that such operating modes can be disabled and locked for further usage such that performing a single operating mode twice is not possible. For instance, in case an operat ing mode aims at a manufacturing process, such an operating mode can be performed only once as there will be only one manufacturing process. How ever, a repair mode can be activated several times as the terminal device may be returned for repair several times.
  • the "Testing mode” enables OEMs/ device manufacturers to run end-to-end testing during the production of the device or in a repair case scenario.
  • the test mode grants access only to specific functionalities, certificates, keys, etc. defined especially for testing mode. Access to MNO profiles or any commer cial credentials is not possible.
  • the Testing mode can be enabled if required.
  • the "Production mode” enables OEMs/ device manufacturers only to download (a) MNO profile(s) to the eUlCC using the service platform. Once the download is finished, production mode will be locked and cannot be enabled anymore. An automatic switch to the next mode will be done.
  • the "Commercial mode" The eUlCC is in commercial mode and provides full functionality. Management of MNO profiles can be done only via a corresponding AirOn system. Commercial mode can be enabled after a repair case scenario, providing the same eUlCC configuration before test mode was re-enabled to handle the repair case scenario. End user credentials and information in the MNO profile are secured and shielded. OEMs can download MNO profiles during production of the device which saves additional costs. Original eUlCC settings can be restored after a repair case scenario.
  • profile setup can be accomplished with low technical effort as such profiles can be downloaded and can, for instance, be provided by different modes. For instance, several modes can be downloaded and integrated on the eUICC and accordingly, the personalization process of the eUICC can be performed such that after the manufacturing process a specific mode is selected.
  • the present invention is also directed towards a specific communication protocol, which performs respective steps and deploys different modes on the eUICC.
  • the operating modes are implemented on an operating system level.
  • This provides the advantage that the operating system has access to all hardware components and can espe cially assign access rights to data items. Accordingly, the operating system can be used for granting or denying access to specific functionality and data items, thereby implementing the operation modes.
  • different op erating modes are implemented not only by the embedded Universal Inte grated Circuit Card as such but rather operating modes are implemented under usage of the operating system.
  • data items are provid ed by means of certificates, keys, profiles, mobile network operator profiles, network access credentials, user information, configuration files, a part num ber and/or end-user credentials.
  • This provides the advantage that specific use cases referring to the eUICC can be implemented and accordingly, specific profiles can be assigned to operating modes.
  • data items prepare the specific rights management regarding a testing process, a pro- duction process and an operating mode of the commercial use of the end terminal by providing specific information being relevant for the respective stages from manufacturing to the operation by the customer.
  • the operating mode upon detecting execu tion of pre-specified functionality, is switched from a first operating mode to a second operating mode.
  • the underlying meth od recognizes that a change of operating mode is required. For instance, in case the eUICC is reset, a further operating mode has to be launched or in case specific profile information is provisioned, a further operating mode has to be triggered in case a specific functionality is performed.
  • Such functionali ty may include specific data access, whereupon the operating mode can be switched likewise.
  • the operating mode upon detecting execu tion of pre-specified read or write operations, the operating mode is switched from the first operating mode to the second operating mode. Consequently, in case specific configuration files are accessed, the operating mode can be switched or in case information being required for a repair process is read out then further user information can be disabled. Accordingly, it is possible to recognize that a repair process is started and sensitive data is hidden.
  • the operating mode upon detection of provisioning of a mobile network operator profile, the operating mode is switched from the first operating mode to the second operating mode.
  • a generic operating mode may be established during the manufacturing process of the eUICC and once the mobile network operator has deployed its own profile, a further operating mode is activated. Once the mobile network operator profile is deployed, it is possible to lock further profile management such that further mobile net work operators are excluded from installing their profile information.
  • locking of further exe cutions of specified operating modes is performed once the operating mode ends.
  • the operating modes are stored on the embedded Universal Integrated Circuit Card during a production process. This provides the advantage that operating modes can ge- nerically be installed on every eUICC and no labor-intense personalization has to be performed.
  • the operating modes are stored on the embedded Universal Integrated Circuit Card on-wafer.
  • the operating modes are provided to the embedded Universal Integrated Circuit Card by means of a network.
  • This provides the advantage that method steps being directed towards the creation of operating modes can be performed by a server or at least a remote entity and results can be provided via network. Consequently, such operating modes can be downloaded and integrated on the eUICC during a manufacturing process.
  • one of the operating modes comprises all available functionality and data items. This provides the advantage that a specific operating mode is provided, which allows for in stance the end user to access all functionality and data items being present on the eUICC. This can be performed in case the end user shall have full access, which is to be restricted during alternative operating modes.
  • the object is also solved by a communication protocol to be executed over a network, which establishes different operating modes and furthermore com prises instructions implementing the suggested method steps. Consequently, the suggested method can be performed using a communication protocol under usage of a mobile network. Hence, communication steps, for instance between an eUICC and production entities, can be triggered.
  • the method is also solved by an embedded Universal Integrated Circuit Card for establishing different operating modes according to specified use cases, comprising means being arranged to specify functionality and data items being provided by the embedded Universal Integrated Circuit Card, thereby establishing one operating mode, wherein the step of specifying is performed iteratively for providing different operating modes and means are present being arranged to operate the embedded Universal Integrated Cir cuit Card according to one of the operating modes, wherein access is exclusively granted to functionality and data items specified for the actual current operating mode.
  • the object is also solved by a mobile terminal comprising the embedded Universal Integrated Circuit Card as set forth above.
  • the object is also solved by a computer program product being arranged to perform the suggested method and operate the embedded Universal Integrated Circuit Card.
  • the method steps can be implemented by respective structural features of the embedded Universal Integrated Circuit Card.
  • the embedded Universal Inte grated Circuit Card comprises structural features, which likewise can be im planted using method steps. Consequently, the method is able to operate the embedded Universal Integrated Circuit Card and the Circuit Card is likewise arranged to perform the suggested method steps.
  • Fig. V a schematic flow chart depicting a method for establishing different operating modes according to an aspect of the present invention.
  • Fig. 2 a further flow chart demonstrating a secure personalization process according to an aspect of the present invention.
  • Fig. 1 shows a method for establishing different operating modes according to specify use cases of an embedded Universal Integrated Circuit Card, com prising the steps of specifying 100 functionality and data items being provid ed by the embedded Universal Integrated Circuit Card, thereby establishing one operation mode, wherein the step of specifying 100 is performed itera tively for providing different operating modes and operating 101 the embed- ded Universal Integrated Circuit Card according to one of the operating modes, wherein access is exclusively granted to functionality and data items specified for the current operating mode.
  • the suggested method steps may comprise further substeps and may be performed iteratively and/or in a dif- ferent order especially if substeps are introduced.
  • Fig. 2 shows a secure personalization process, wherein the first row indicates a manufacturer and further rows indicate actors being involved in the secure personalization process. Especially, Fig. 2 demonstrates the usage of the so-called secure production service platform SPSP, which leads to a device be ing ready for being used commercially as indicated on the right-hand side in the bottom portion of Fig. 2.
  • SPSP secure production service platform
  • SPSP Secure Personalization Service Platform
  • the generic eUICC configura- tion can be individualized according to the project/ customer requirements.
  • the SPSP enables the OEM to individually manage test equipment profile life-cycles, e.g. download, enable, disable, deletion, etc., during production of the device and therefore cover the different requirements/ scenarios of the OEM in the end-to-end test process.
  • One of the biggest advantages is that a GSMA-certified OEM can load MNO profiles to the eUICC, which is currently not possible during in-factory per sonalization at the eUICC manufacturer due to missing GSMA certification.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephone Function (AREA)
  • Semiconductor Integrated Circuits (AREA)
PCT/EP2019/000034 2018-02-05 2019-02-04 Establishing different euicc modes WO2019149444A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102018000913.1A DE102018000913A1 (de) 2018-02-05 2018-02-05 Etablierung verschiedener eUICC-Modi
DE102018000913.1 2018-02-05

Publications (1)

Publication Number Publication Date
WO2019149444A1 true WO2019149444A1 (en) 2019-08-08

Family

ID=65411826

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2019/000034 WO2019149444A1 (en) 2018-02-05 2019-02-04 Establishing different euicc modes

Country Status (2)

Country Link
DE (1) DE102018000913A1 (de)
WO (1) WO2019149444A1 (de)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120115441A1 (en) * 2010-11-03 2012-05-10 Schell Stephan V Methods and apparatus for access data recovery from a malfunctioning device
US20140219447A1 (en) 2011-09-05 2014-08-07 Kt Corporation Method for managing profile of embedded uicc, and embedded uicc, embedded uicc-equipped terminal, provision method, and method for changing mno using same
US20140235210A1 (en) 2011-09-05 2014-08-21 Kt Corporation Method for managing embedded uicc and embedded uicc, mno system, provision method, and method for changing mno using same
US20140329502A1 (en) 2011-09-05 2014-11-06 Kt Corporation Certification method using an embedded uicc certificate, provisioning and mno changing methods using the certification method, embedded uicc therefor, mno system, and recording medium
DE202015106611U1 (de) * 2015-11-16 2016-01-15 Comprion Gmbh Vorrichtung zum Testen eines Gerätes
DE102014013516A1 (de) * 2014-09-11 2016-03-17 Giesecke & Devrient Gmbh Verfahren und Vorrichtungen zum Testen eines mobilen Endgeräts mit einem Sicherheitselement
US20160286379A1 (en) * 2013-11-29 2016-09-29 Telefonaktiebolaget Lm Ericsson (Publ) eUICC Subscription Change
US20170013121A1 (en) * 2015-07-10 2017-01-12 Rohde & Schwarz Gmbh & Co. Kg Testing methods and systems for mobile communication devices
EP3270620A1 (de) * 2016-07-13 2018-01-17 Gemalto Sa Verfahren und vorrichtungen zur verwaltung eines sicheren elements

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2854432B1 (de) * 2012-05-23 2021-07-14 Samsung Electronics Co., Ltd. Verfahren zur steuerung und durchsetzung von richtlinien und euicc
US9843674B2 (en) * 2014-09-24 2017-12-12 Oracle International Corporation Managing selection and triggering of applications on a card computing device
US10277587B2 (en) * 2015-10-08 2019-04-30 Apple Inc. Instantiation of multiple electronic subscriber identity module (eSIM) instances
DE102015015734B3 (de) * 2015-12-01 2017-06-01 Giesecke & Devrient Gmbh Teilnehmeridentitätsmodul mit mehreren Profilen und eingerichtet für ein Authenticate-Kommando
KR102487489B1 (ko) * 2016-07-29 2023-01-12 삼성전자주식회사 eUICC를 포함하는 전자 장치 및 eUICC의 프로파일 관리 방법

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120115441A1 (en) * 2010-11-03 2012-05-10 Schell Stephan V Methods and apparatus for access data recovery from a malfunctioning device
US20140219447A1 (en) 2011-09-05 2014-08-07 Kt Corporation Method for managing profile of embedded uicc, and embedded uicc, embedded uicc-equipped terminal, provision method, and method for changing mno using same
US20140235210A1 (en) 2011-09-05 2014-08-21 Kt Corporation Method for managing embedded uicc and embedded uicc, mno system, provision method, and method for changing mno using same
US20140329502A1 (en) 2011-09-05 2014-11-06 Kt Corporation Certification method using an embedded uicc certificate, provisioning and mno changing methods using the certification method, embedded uicc therefor, mno system, and recording medium
US20160286379A1 (en) * 2013-11-29 2016-09-29 Telefonaktiebolaget Lm Ericsson (Publ) eUICC Subscription Change
DE102014013516A1 (de) * 2014-09-11 2016-03-17 Giesecke & Devrient Gmbh Verfahren und Vorrichtungen zum Testen eines mobilen Endgeräts mit einem Sicherheitselement
US20170013121A1 (en) * 2015-07-10 2017-01-12 Rohde & Schwarz Gmbh & Co. Kg Testing methods and systems for mobile communication devices
DE202015106611U1 (de) * 2015-11-16 2016-01-15 Comprion Gmbh Vorrichtung zum Testen eines Gerätes
EP3270620A1 (de) * 2016-07-13 2018-01-17 Gemalto Sa Verfahren und vorrichtungen zur verwaltung eines sicheren elements

Also Published As

Publication number Publication date
DE102018000913A1 (de) 2019-08-08

Similar Documents

Publication Publication Date Title
US10362485B2 (en) Delegated profile and policy management
US10334443B2 (en) Method for configuring profile of subscriber authenticating module embedded and installed in terminal device, and apparatus using same
US10433235B2 (en) Method and apparatus for self organizing networks
US9628981B2 (en) Method for changing MNO in embedded SIM on basis of special privilege, and embedded SIM and recording medium therefore
CN109716805B (zh) 一种签约数据集的安装方法、终端及服务器
DE112016000711T5 (de) Dynamisches Teilnehmer-Identitätsmodul
US10687205B1 (en) Remote operational management of E-SIM
US10582383B2 (en) Method of managing a profile stored in a secure element, and corresponding secure element
CN109196891B (zh) 一种签约数据集的管理方法、终端及服务器
EP2950561B1 (de) Verfahren und system zur domänenerzeugung und für bootstrapping
KR102595073B1 (ko) Sm-sr 플랫폼을 통해 투명하게 보안 엘리먼트 상에서 오퍼레이팅 시스템을 패칭하기 위한 방법
CN109685961A (zh) 虚拟车钥匙管理装置和电子设备
WO2019149444A1 (en) Establishing different euicc modes
US11698994B2 (en) Method for a first start-up operation of a secure element which is not fully customized
CN110582081B (zh) 一种实现移动终端锁网锁卡的方法及移动终端
EP4016346A1 (de) Verfahren zur aktualisierung eines in einem sicheren element installierten betriebssystems, entsprechendes system und sicheres element
KR20190065083A (ko) Sim 카드 관리 시스템, 통신 단말 및 방법
EP3993343A1 (de) Verfahren und vorrichtung zum bewegen eines bündels zwischen vorrichtungen
KR101937622B1 (ko) 서버의 보안 도메인 권한 변경 제어 방법, 스마트 카드의 보안 도메인 권한 변경 방법, 단말의 보안 도메인 권한 변경 방법, 서버, 스마트 카드, 및 단말
KR101896869B1 (ko) 서버의 보안 도메인 권한 변경 제어 방법, 스마트 카드의 보안 도메인 권한 변경 방법, 단말의 보안 도메인 권한 변경 방법, 서버, 스마트 카드, 및 단말
CN109218832B (zh) 机顶盒在recovery模式下的设备升级方法和系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19705087

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19705087

Country of ref document: EP

Kind code of ref document: A1