Legal Metrology

MID Risk Classes Explained: Class B/C/D Requirements Analysis

Detailed explanation of the MID software risk classification system (Class B/C/D). This article provides an in-depth analysis of requirements across three dimensions: software protection, examination, and consistency, with a focus on the critical binary code consistency requirements for Class C.

6 min read
MID Risk Classes Explained: Class B/C/D Requirements Analysis

MID Risk Classes Explained: Class B/C/D Requirements Analysis

Introduction

Under the European Union’s Measuring Instruments Directive (MID 2014/32/EU) framework, the risk classification system for software-controlled measuring instruments is a core mechanism for ensuring measurement accuracy and fraud prevention capabilities. This article will provide an in-depth analysis of the software requirements for Class B, Class C, and Class D risk levels, with particular emphasis on the binary code consistency requirements for Class C and their critical role in measuring instruments.

Three Dimensions of the Risk Classification System

MID software requirements are built around three core dimensions:

  1. Software Protection: Preventing unauthorized software modifications
  2. Software Examination: Ensuring software can be verified and audited
  3. Software Consistency: Guaranteeing consistent software behavior across different environments and versions

Class B: Basic Protection Requirements

Class B is the lowest risk level, applicable to measuring instruments with lower fraud risk. Its requirements are relatively basic:

Software Protection

  • Basic mechanisms to prevent accidental software modification
  • Basic access control and authentication
  • Simple parameter protection measures

Software Examination

  • Provision of software documentation and functional specifications
  • Basic functional testing requirements
  • Verification that software conforms to specifications

Limitations

Class B lacks mandatory binary code consistency requirements, relying primarily on documentation and testing to ensure software reliability. It provides insufficient protection for high-risk application scenarios.

Class C: Core Requirements for Medium Risk Level

Class C is the most widely applied risk level, suitable for most electricity meters, water meters, and gas meters. Its core characteristic is the mandatory requirement for binary code consistency.

Enhanced Software Protection

  • Strengthened access control with multi-level authentication
  • Secure parameter modification mechanisms
  • Audit trail functionality
  • Timestamp verification to prevent replay attacks

Deepened Software Examination

  • Detailed software design and implementation documentation
  • Source code level review requirements
  • Complete test suites and verification procedures
  • Risk analysis and evaluation documentation

Binary Code Consistency (Core Requirement)

This is the key distinction between Class C and Class B:

1. Checksum Mechanism

  • Each executable software module must calculate and store a checksum
  • Checksums must use cryptographically secure hash algorithms (such as SHA-256)
  • Checksums must be automatically verified at device startup
  • Any checksum mismatch must trigger a clear error indication

2. Software Identification System

  • Each software version must have a unique identifier
  • Identifiers include version number, compilation timestamp, and compiler information
  • Software identifiers must be stored in association with checksums
  • Identification information must be readable through standard interfaces

3. Consistency Verification Process

Startup Process:
1. Read stored checksums
2. Calculate real-time checksums of current code
3. Compare the two checksums
4. Consistency verification passed → Normal operation
5. Consistency verification failed → Error indication + Lockout

4. Implementation Requirements

  • Checksums stored in protected memory areas
  • Verification algorithms themselves must be tamper-proof
  • Provision of official tools for on-site verification
  • Verification failure records must be non-erasable

Parameter Protection and Audit Trail

Class C requires special protection for measurement-related parameters:

Parameter TypeProtection RequirementsAudit Requirements
Measurement FactorsWrite protection + checksumsRecord time, operator, and reason for each modification
Calibration ParametersDual authorizationNon-erasable audit logs
Configuration DataVersion controlComplete change history
Software UpdatesOfficial signatureUpdate source and verification status records

Class D: Comprehensive Requirements for High Risk Level

Class D applies to applications with extremely high fraud risk, such as high-value trade settlement, critical energy metering, etc.

Enhancements Beyond Class C

  • More stringent software development lifecycle requirements
  • Mandatory secure coding standards
  • Third-party security assessment and certification
  • Enhanced cryptographic algorithms and key management

Additional Security Measures

  • Hardware Security Module (HSM) support
  • Real-time integrity monitoring
  • Network communication encryption and authentication
  • Regular security update mechanisms

Comparison Summary of Three Levels

Requirement DimensionClass BClass CClass D
Software ProtectionBasic protectionEnhanced protectionHighest level protection
Software ExaminationDocumentation reviewSource code reviewThird-party assessment
Binary ConsistencyNot requiredMandatoryMandatory + enhanced verification
Checksum MechanismOptionalRequiredEnhanced checksums
Audit TrailBasic recordsDetailed auditComprehensive audit + analysis
Parameter ProtectionAccess controlWrite protection + checksumsHardware protection

Implementation Points for Class C Binary Consistency

1. Development Phase

  • Select appropriate hash algorithm (SHA-256 or stronger recommended)
  • Design secure checksum storage scheme
  • Implement automated checksum calculation tools
  • Establish association database for software versions and checksums

2. Verification Phase

  • Develop comprehensive test plan
  • Verify consistency checks for all startup scenarios
  • Test response mechanisms for checksum corruption
  • Confirm clarity and reliability of error indications

3. Deployment Phase

  • Establish official checksum issuance process
  • Provide on-site verification tools and documentation
  • Train metrology enforcement personnel
  • Build checksum database management system

4. Maintenance Phase

  • Recalculate and issue checksums for software updates
  • Regularly verify consistency of deployed devices
  • Standard procedures for handling checksum anomalies
  • Maintain checksum history records

Common Implementation Pitfalls

Pitfall 1: Ignoring Startup Verification

Verifying checksums only during calibration or initial installation, but not at every device startup.

Pitfall 2: Weak Hash Algorithms

Using weak hash algorithms such as CRC or MD5, which cannot prevent collision attacks.

Pitfall 3: Insecure Checksum Storage

Storing checksums in ordinary storage areas that can be tampered with, negating protection effectiveness.

Pitfall 4: Improper Handling of Verification Failures

Only logging warnings when checksum verification fails, without preventing device operation.

Conclusion

The MID risk classification system provides a graded protection framework for software security of measuring instruments. The binary code consistency requirements of Class C form the core mechanism of this system. Through the organic combination of checksums, software identification, and audit trails, software fraud is effectively prevented. Correct understanding and implementation of these requirements is crucial for ensuring the accuracy and reliability of measuring instruments.

References

  • MID 2014/32/EU Annex II, “Requirements for measuring instruments”
  • WELMEC Guide 7.2: “Software for Measuring Instruments”
  • OIML D 31: “General requirements for software controlled measuring instruments”
  • WELMEC Guide 7.2 Software Guide Release 7.2

This document is continuously updated. Feedback and suggestions are welcome.

Tags

#MID #risk-classes #Class C #software-consistency #checksums