[REQUEST] Add support of OCPP 1.6 - Security whitepaper #90
Description
🧩 Context
The new messages defined in the OCPP 1.6 Security Whitepaper are already implemented in the ocpp-1-6-core/model package.
However, these messages are not yet exposed in the Operations classes, which makes them currently unavailable for handling within the toolkit.
⚙️ Problem
As of now, the 1.6 “core” operations only include messages from the official OCPP 1.6J specification.
Messages introduced by the Security Whitepaper (e.g. InstallCertificate, GetInstalledCertificateIds, DeleteCertificate, UpdateFirmwareSigned, etc.) are missing from the operational layer, preventing their use in endpoints or clients built on top of the toolkit.
💡 Proposal
Two possible approaches:
-
Extend the existing Operations
Add the missing message definitions and handlers directly in the currentocpp-1-6-coremodule. -
Create a new
ocpp-1-6-securitymodule- Define the operations specific to the Security Whitepaper.
- Keep it optional to preserve modularity and avoid bloating the core.
- Ensure backward compatibility for integrators who don’t use secure firmware update flows.
I’d recommend the second approach, as it aligns better with the modular design of the toolkit and allows future evolution without impacting existing implementations.
🧪 Expected Outcome
- Developers can use a
SecurityOperationsinterfaces to handle messages defined in the OCPP 1.6 Security Whitepaper. - Existing 1.6 core implementations remain unaffected.
- Future compliance with EU directives (e.g., RED firmware signing requirements) can be handled more easily.