Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This standard is developed in accordance with the rules given in GB/T 1.1-2009.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuing body of this standard shall not be held responsible for identifying any or all such patent rights.
This standard was proposed by and is under the jurisdiction of the National Technical Committee 260 on Information Security of Standardization Administration of China (SAC/TC 260).
Information security technology - Cybersecurity guide for automotive electronics systems
1 Scope
This standard gives the framework of cybersecurity activities of automotive electronics systems, and suggestions on cybersecurity activities, organization management, and support of automotive electronics systems under such framework.
This standard is applicable to guiding all organizations involved in the automotive electronics supply chain, such as automobile manufacturers, parts suppliers, software suppliers, chip suppliers and various service providers, to carry out cybersecurity activities, and to guide relevant personnel to meet basic cybersecurity needs in the process of design, development, production, operation, service, etc. of automotive electronics systems.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 18336-2015
(all parts) Information technology - Security techniques - Evaluation criteria for IT security
GB/T 20984-2007 Information security technology - Risk assessment specification for information security
GB/T 29246-2017 Information technology - Security techniques - Information security management systems - Overview and vocabulary
GB/T 30279-2013 Information security technology - Vulnerability classification guide
GB/T 31167-2014 Information security technology - Security guide of cloud computing services
GB/T 31168-2014 Information security technology - Security capability requirements of cloud computing services
GB/T 31509-2015 Information security technology - Guide of implementation for information security risk assessment
GB/T 31722-2015 Information technology - Security techniques - Information security risk management
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 29246-2017 and the following apply.
3.1
automotive electronics systems
system for realizing control or service through electronic technology in automobile, which is an embedded system applied in automobile field, including vehicle body control electronics system and vehicle service electronics system
Note 1: Vehicle body control electronics system shall be used in conjunction with on-board mechanical system, including engine control system, chassis control system and vehicle body electronics control system.
Note 2: In-vehicle service electronics system can be used independently of automobile environment, including the in-vehicle infotainment and personal device interactive information system.
3.2
pending question
cybersecurity threats which cannot be reduced or cannot always be reduced by existing cybersecurity control measures during the security assessment, as well as problems that need to be further analyzed and dealt with in the follow-up process
3.3
system context
collection of contents to define the system hardware and software interfaces, critical data flow, storage and information processing
3.4
attack tree analysis
method to analyze the possible attack paths of attackers starting from the application layer of the system
3.5
cyber-physical system
system consisting of computing components and physical control components
3.6
cyber-physical vehicle system
vehicle embedded control system with tightly-coupled locomotion between the computational components and physical components of the system and the surrounding environment of the system
3.7
cybersecurity statement
cybersecurity assessment, before the production link where the product is about to be officially released and after all the stage inspections are completed, to provide the conclusion and evidence that each design and development feature meets the cybersecurity goal
3.8
cybersecurity goal
cybersecurity goal that needs to be achieved according to the functional characteristics of a certain system from the results of threat analysis and risk assessment
Note: The cybersecurity goal(s) is (are) the highest abstract level of security needs, and specific functional and technical cybersecurity needs will be derived based on it (them) in the product development stage.
3.9
trust boundary
boundary where the "trust" level of program data or execution flow changes
Note: The trust boundary of an execution flow can be where the permission of an application is promoted.
4 Abbreviations
For the purposes of this standard, the following abbreviations apply.
CAN Control Area Network
ECU Electronic Control Unit
FOTA Firmware Over The Air
IVI In-Vehicle Infotainment
JTAG Joint Test Access Group
MISRA Motor Industry Software Reliability Association
OBD On-Board Diagnostic
SIM Subscriber Identity Module
SOTA Software Over The Air
T-BOX Telematics BOX
USB Universal Serial Bus
V2X Vehicle to Everything
5 Cybersecurity activity frameworks of automotive electronics systems
5.1 General
The cybersecurity activity frameworks of automotive electronics systems are shown in Figure 1, including cybersecurity activities of automotive electronics systems, organization management and support, of which, cybersecurity activities are the core of the framework, mainly refer to the related security activities carried out in various stages of automotive electronics system life cycle. These stages include conceptual design stage, system-level product development stage, hardware-level product development stage, software-level product development stage, and product production, operation and service stage.
Foreword i
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviations
5 Cybersecurity activity frameworks of automotive electronics systems
5.1 General
5.2 Organization management
5.3 Cybersecurity activities
5.4 Support
6 Organization management for cybersecurity of automobile electronics systems
6.1 Organization settings
6.2 Establishment of a communication and coordination platform
6.3 System construction and staff training
6.4 Testing and assessment
6.5 Stage inspection
7 Cybersecurity activities of automobile electronics systems
7.1 Conceptual design stage
7.2 System-level product development stage
7.3 Hardware-level product development stage
7.4 Software-level product development stage
7.5 Production, operation and service stages of the product
8 Automotive electronics system cybersecurity support
8.1 Configuration management
8.2 Needs management
8.3 Change management
8.4 Document management
8.5 Supply chain management
8.6 Security of cloud, channel and device
Annex A (Informative) Typical cybersecurity risks of automotive electronics systems
Annex B (Informative) Examples of protective measures for cybersecurity of automotive electronics systems
Annex C (Informative) Example of the incident handling checklist
Bibliography
Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This standard is developed in accordance with the rules given in GB/T 1.1-2009.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuing body of this standard shall not be held responsible for identifying any or all such patent rights.
This standard was proposed by and is under the jurisdiction of the National Technical Committee 260 on Information Security of Standardization Administration of China (SAC/TC 260).
Information security technology - Cybersecurity guide for automotive electronics systems
1 Scope
This standard gives the framework of cybersecurity activities of automotive electronics systems, and suggestions on cybersecurity activities, organization management, and support of automotive electronics systems under such framework.
This standard is applicable to guiding all organizations involved in the automotive electronics supply chain, such as automobile manufacturers, parts suppliers, software suppliers, chip suppliers and various service providers, to carry out cybersecurity activities, and to guide relevant personnel to meet basic cybersecurity needs in the process of design, development, production, operation, service, etc. of automotive electronics systems.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 18336-2015
(all parts) Information technology - Security techniques - Evaluation criteria for IT security
GB/T 20984-2007 Information security technology - Risk assessment specification for information security
GB/T 29246-2017 Information technology - Security techniques - Information security management systems - Overview and vocabulary
GB/T 30279-2013 Information security technology - Vulnerability classification guide
GB/T 31167-2014 Information security technology - Security guide of cloud computing services
GB/T 31168-2014 Information security technology - Security capability requirements of cloud computing services
GB/T 31509-2015 Information security technology - Guide of implementation for information security risk assessment
GB/T 31722-2015 Information technology - Security techniques - Information security risk management
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 29246-2017 and the following apply.
3.1
automotive electronics systems
system for realizing control or service through electronic technology in automobile, which is an embedded system applied in automobile field, including vehicle body control electronics system and vehicle service electronics system
Note 1: Vehicle body control electronics system shall be used in conjunction with on-board mechanical system, including engine control system, chassis control system and vehicle body electronics control system.
Note 2: In-vehicle service electronics system can be used independently of automobile environment, including the in-vehicle infotainment and personal device interactive information system.
3.2
pending question
cybersecurity threats which cannot be reduced or cannot always be reduced by existing cybersecurity control measures during the security assessment, as well as problems that need to be further analyzed and dealt with in the follow-up process
3.3
system context
collection of contents to define the system hardware and software interfaces, critical data flow, storage and information processing
3.4
attack tree analysis
method to analyze the possible attack paths of attackers starting from the application layer of the system
3.5
cyber-physical system
system consisting of computing components and physical control components
3.6
cyber-physical vehicle system
vehicle embedded control system with tightly-coupled locomotion between the computational components and physical components of the system and the surrounding environment of the system
3.7
cybersecurity statement
cybersecurity assessment, before the production link where the product is about to be officially released and after all the stage inspections are completed, to provide the conclusion and evidence that each design and development feature meets the cybersecurity goal
3.8
cybersecurity goal
cybersecurity goal that needs to be achieved according to the functional characteristics of a certain system from the results of threat analysis and risk assessment
Note: The cybersecurity goal(s) is (are) the highest abstract level of security needs, and specific functional and technical cybersecurity needs will be derived based on it (them) in the product development stage.
3.9
trust boundary
boundary where the "trust" level of program data or execution flow changes
Note: The trust boundary of an execution flow can be where the permission of an application is promoted.
4 Abbreviations
For the purposes of this standard, the following abbreviations apply.
CAN Control Area Network
ECU Electronic Control Unit
FOTA Firmware Over The Air
IVI In-Vehicle Infotainment
JTAG Joint Test Access Group
MISRA Motor Industry Software Reliability Association
OBD On-Board Diagnostic
SIM Subscriber Identity Module
SOTA Software Over The Air
T-BOX Telematics BOX
USB Universal Serial Bus
V2X Vehicle to Everything
5 Cybersecurity activity frameworks of automotive electronics systems
5.1 General
The cybersecurity activity frameworks of automotive electronics systems are shown in Figure 1, including cybersecurity activities of automotive electronics systems, organization management and support, of which, cybersecurity activities are the core of the framework, mainly refer to the related security activities carried out in various stages of automotive electronics system life cycle. These stages include conceptual design stage, system-level product development stage, hardware-level product development stage, software-level product development stage, and product production, operation and service stage.
Contents of GB/T 38628-2020
Foreword i
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviations
5 Cybersecurity activity frameworks of automotive electronics systems
5.1 General
5.2 Organization management
5.3 Cybersecurity activities
5.4 Support
6 Organization management for cybersecurity of automobile electronics systems
6.1 Organization settings
6.2 Establishment of a communication and coordination platform
6.3 System construction and staff training
6.4 Testing and assessment
6.5 Stage inspection
7 Cybersecurity activities of automobile electronics systems
7.1 Conceptual design stage
7.2 System-level product development stage
7.3 Hardware-level product development stage
7.4 Software-level product development stage
7.5 Production, operation and service stages of the product
8 Automotive electronics system cybersecurity support
8.1 Configuration management
8.2 Needs management
8.3 Change management
8.4 Document management
8.5 Supply chain management
8.6 Security of cloud, channel and device
Annex A (Informative) Typical cybersecurity risks of automotive electronics systems
Annex B (Informative) Examples of protective measures for cybersecurity of automotive electronics systems
Annex C (Informative) Example of the incident handling checklist
Bibliography