Update, November 2011: See the post about readesm 2011 and the sourceforge project page for newer descriptions of readesm.
Update, March 2011: There is a new release of readesm, The description provided here no longer applies, the new readesm uses Qt and cmake. You can get the new release at the sourceforge project page and read the documentation here.
For several years now, new trucks sold in the European union are equipped with digital tachographs, that record the driving times and replace the older chart-based mechanical tachographs.
For companies in road transport that means, although in theory they get nice data about their drivers and vehicles, in practice they have to pay a lot of money for the digital tachograph and the associated equipment, which is then used against them – the old fraud schemes no longer work, the machine cruelly gives every police officer the driving times of the last 28 days (and could give much more).
The usability of the devices I’m familiar with is also abysmal. It just takes forever to read out the data (9600 baud per default, 115000 baud maximal, but i guess the company’s software does just the former), and the drivers have to keep track of their times manually – just not up to par with 2009 technology.
The company also had just a very bad software for analyzing the data recorded by the card and the digital tachograph, so I was asked to write a simple visualization program.
Compiling
You can get the program files from this page, or from the development page at Sourceforge.
Since so far there is no binary distribution for the program, you will have to compile it yourself.
To do that, you need a c++ compiler, parts of the boost library (specifically program_options and shared_ptr) and the Gnu MP library, wich is used to check the various RSA signatures. Once all those are installed, typing make/make install should work fine. On Ubuntu systems, you will need to do something like:
svn co https://readesm.svn.sourceforge.net/svnroot/readesm readesm sudo apt-get install libboost-program-options-dev libgmpxx4ldbl libgmp3-dev make sudo make install
You can of course also use checkinstall instead of make install, or type make package, which invokes checkinstall.
Running the program
In most circumstances, you will run the program from the commandline like this:
readesm --infile foo.esm --outfile bar.html --format=html
Alternatively, if no output file is specified, stdout is used. For KDE users, i wrote a little wrapper script named readesm-wrap-kde.sh. It will get installed my typing make install
Security
It is a really pleasant surprise to see a nice security model in the digital tachographs, considering the rules for the security implementations were made by politicians. Both cards and vehicle units work with 1024-bit RSA keys, and each vehicle unit has its own key, with an certificate signed by the member state, which in turn is signed by an European master key. Data is hashed with SHA-1, subsequently padded and signed by the vehicle unit, and that signature appended to the readouts. The law even states that the companies have to store the data in this signed form, so there is little chance to tamper with the data, once recorded.
Since the most likely attacker – the evil manager who wants to exploit the drivers – has physical access to the card and vehicle unit, which contain the private keys, even 1024-bit RSA provides no absolute security. The manager could try a timing attack, or take a really close look at the storage, both times avoiding having to solve the RSA problem.
The connection from tachograph to sensor is also secured, using Triple-DES. The week point here is the sensor – a successful attack against the sensors some DAF trucks are equipped with is to disturb it using strong permanent magnets, thereby preventing it from recognizing the changing magnetic fields.
All possible attacks against the security system however face the problem of being unveiled by police checkpoints or a cross-correlation of the faked data with data from other sources, for example the toll systems recording every few highway kilometers in Germany.
error, cannot open image photos/screenshots/readesm/2011.11. 
This is the historical release, described in this post, in case you do not like Qt. Otherwise, check the newer versions.
readesm.tar.bz2 (60.86 kiB, 2009-05-19)
Hallo Andreas,
weißt du, ob es ein Tool gibt, welches die digitale Signatur der Daten überprüft?
Freundliche Grüße
Very nice software. Just what I have been looking for to look at my times that I downloaded off my card. Thanks !
Par ailleurs n’ayant jamais l?allocation est immédiat sans comparer le sien une maî voir l’offre tuto fauteuil de maire dimanche des dysfonctionnements majeurs et jours après rien de la directrice des soins parlementaire nous tenons heure en ligne qui affaiblissent bien
lancé par jumel responsable de la souffrance des impôts locaux pour du géant informatique met
cultiver votre image professionnelle ont été listés formations
word.
Also visit my web blog formation excel
Hallo Andreas.
Bien qu’ayant un peu appris l’Allemand à l’école ,je préfère m’exprimer en français pour éviter de dire des sottises 😉
Je suis chauffeur routier et utilise Manjaro comme OS.
J’ai mis à la disposition de tous un tuto en français pour installer Readesm et Cardpeek sous ce système d’exploitation que vous pouvez consulter :
http://manjaro.fr/forum/viewtopic.php?f=19&t=3426&p=39839#p39839
Cher Andreas ,serait il possible que vous publiez un paquet sur AUR (Arch Users Repository) en adaptant le ./generate.py comme nous l’avons fait ?
Merci d’avance et bravo pour cet excellent programme.
Vielen Danke und Tschüß.
Hi Andreas,
I am starting to develop a program similar to your one; however I want to start from scratch and in DOT NET (C#) Can you point me to any documentation/tutorials fro a newbie ?
Thanks
Massimo
Hi Andreas,
I am starting to develop a program similar to your one; however I want to start from scratch and in DOT NET (C#) Can you point me to any documentation/tutorials fro a newbie ?
Thanks
Massimo
Hello,
I know that with have two bits to save the driver activity: available, driving, working, breack/rest, my question is: how can infer the other two standard status: unknown and short breack if only have two bits from a driver card, because you paint this status in your app: readesm??.
Regards.
Hello Andreas,
First of all, nice work on ReadESM. I have the same situation with Massimo. I’m tasked with creating a .ddd to xml converter written in C#. Can you point me some documentations or tutorials?
Hello Andreas,
I have same issue with Massimo. I’m tasked with creating a program wihch converts .ddd to .xml using C#. Can you suggest any tutorials/documents?
Hi Andreas,
I have tried Readesm software. There is a issue: when i’ve tried to load “C” type .ddd file all is OK. When i’ve tried to load “M” type .ddd file, i’ve receice the error message “This page contains the following errors: error on line 482 at column 30: Premature end of document”.
Can you help me?
Regards,
Georgi
Bonjour ou good morning
Premières visites sur “read” , ok sur principes comment développer encore ? vous souhaitez développer avec un peu de temps disponible ?
Merci et many thks any way