GB/T 40855-2021 Technical requirements and test methods for cybersecurity of remote service and management system for electric vehicles (English Version)
1 Scope
This standard specifies the technical requirements and test methods for information security of remote service and management system for electric vehicles.
This standard is applicable to data communication among on-board terminal, vehicle enterprise service and management platform, and public service and management platform of battery electric vehicle, plug-in hybrid electric vehicle and fuel cell electric vehicle.
2 Normative references
The following documents contain provisions which, through reference in this text, constitute provisions of this standard. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 19596 Terminology of electric vehicles
GB/T 32960.1-2016 Technical specifications of remote service and management system for electric vehicles — Part 1: General principle
GB/T 32960.3-2016 Technical specifications of remote service and management system for electric vehicles — Part 3: Communication protocol and data format
3 Terms and definitions
For the purposes of this standard, the terms and definitions given in GB/T 19596, GB/T 32960.1-2016, GB/T 32960.3-2016 and the following apply.
3.1
remote service and management system for electric vehicles
system that collects, processes and manages electric vehicle information and provides information services for network users, which consists of public service and management platform, enterprise service and management platform and on-board terminal
[Source: GB/T 32960.1-2016, 3.1]
3.2
public service and management platform
platform established by the national and local governments or their designated agencies for data collection and unified management of electric vehicles within their jurisdiction
[Source: GB/T 32960.1-2016, 3.2]
3.3
enterprise service and management platform
platform where whole vehicle enterprises build or entrust a third-party technical unit to manage the electric vehicles and users within the service scope, and provide safe operation services and management
[Source: GB/T 32960.1-2016, 3.3]
3.4
on-board terminal
device or system which is installed on the vehicle to collect and save the key state parameters of the whole vehicle and system components and send them to the platform
[Source: GB/T 32960.1-2016, 3.4]
3.5
client platform
platform as the remote service and management platform of the vehicle data sender during the data interaction between the two platforms
[Source: GB/T 32960.3-2016, 3.1]
3.6
server platform
platform as the remote service and management platform of the vehicle data receiver during the data interaction between the two platforms
[Source: GB/T 32960.3-2016, 3.2]
3.7
trusted verification
integrity verification of the target program of the device based on the trusted root
Foreword i
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviations
5 Information security requirements
5.1 Overall structure diagram
5.2 Security requirements for on-board terminal
5.3 Communication security requirements between platforms
5.4 Security requirements for communications between on-board terminals and platforms
5.5 Security requirements for platforms
6 Test methods
6.1 General
6.2 Requirements for information security test samples of on-board terminals
6.3 Information security test environment of on-board terminal
6.4 Information security test of on-board terminal
6.5 Test of communication security between platforms
6.6 Test of communication security between on-board terminal and platform
GB/T 40855-2021 Technical requirements and test methods for cybersecurity of remote service and management system for electric vehicles (English Version)
Standard No.
GB/T 40855-2021
Status
valid
Language
English
File Format
PDF
Word Count
8000 words
Price(USD)
240.0
Implemented on
2022-5-1
Delivery
via email in 1 business day
Detail of GB/T 40855-2021
Standard No.
GB/T 40855-2021
English Name
Technical requirements and test methods for cybersecurity of remote service and management system for electric vehicles
1 Scope
This standard specifies the technical requirements and test methods for information security of remote service and management system for electric vehicles.
This standard is applicable to data communication among on-board terminal, vehicle enterprise service and management platform, and public service and management platform of battery electric vehicle, plug-in hybrid electric vehicle and fuel cell electric vehicle.
2 Normative references
The following documents contain provisions which, through reference in this text, constitute provisions of this standard. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 19596 Terminology of electric vehicles
GB/T 32960.1-2016 Technical specifications of remote service and management system for electric vehicles — Part 1: General principle
GB/T 32960.3-2016 Technical specifications of remote service and management system for electric vehicles — Part 3: Communication protocol and data format
3 Terms and definitions
For the purposes of this standard, the terms and definitions given in GB/T 19596, GB/T 32960.1-2016, GB/T 32960.3-2016 and the following apply.
3.1
remote service and management system for electric vehicles
system that collects, processes and manages electric vehicle information and provides information services for network users, which consists of public service and management platform, enterprise service and management platform and on-board terminal
[Source: GB/T 32960.1-2016, 3.1]
3.2
public service and management platform
platform established by the national and local governments or their designated agencies for data collection and unified management of electric vehicles within their jurisdiction
[Source: GB/T 32960.1-2016, 3.2]
3.3
enterprise service and management platform
platform where whole vehicle enterprises build or entrust a third-party technical unit to manage the electric vehicles and users within the service scope, and provide safe operation services and management
[Source: GB/T 32960.1-2016, 3.3]
3.4
on-board terminal
device or system which is installed on the vehicle to collect and save the key state parameters of the whole vehicle and system components and send them to the platform
[Source: GB/T 32960.1-2016, 3.4]
3.5
client platform
platform as the remote service and management platform of the vehicle data sender during the data interaction between the two platforms
[Source: GB/T 32960.3-2016, 3.1]
3.6
server platform
platform as the remote service and management platform of the vehicle data receiver during the data interaction between the two platforms
[Source: GB/T 32960.3-2016, 3.2]
3.7
trusted verification
integrity verification of the target program of the device based on the trusted root
Contents of GB/T 40855-2021
Foreword i
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviations
5 Information security requirements
5.1 Overall structure diagram
5.2 Security requirements for on-board terminal
5.3 Communication security requirements between platforms
5.4 Security requirements for communications between on-board terminals and platforms
5.5 Security requirements for platforms
6 Test methods
6.1 General
6.2 Requirements for information security test samples of on-board terminals
6.3 Information security test environment of on-board terminal
6.4 Information security test of on-board terminal
6.5 Test of communication security between platforms
6.6 Test of communication security between on-board terminal and platform