Detail of GB/T 40855-2021

Introduction of GB/T 40855-2021

Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative. This standard is developed in accordance with the rules given in GB/T 1.1-2020 Directives for standardization — Part 1: Rules for the structure and drafting of standardizing documents. Attention is drawn to the possibility that some of the elements of this standard may be the subject of patent rights. The issuing body of this standard shall not be held responsible for identifying any or all such patent rights. This standard was proposed by the Ministry of Industry and Information Technology of the People's Republic of China. This standard is under the jurisdiction of the National Technical Committee of Auto Standardization (SAC/TC 114). Technical requirements and test methods for cybersecurity of remote service and management system for electric vehicles 1 Scope This standard specifies the technical requirements and test methods for information security of remote service and management system for electric vehicles. This standard is applicable to data communication among on-board terminal, vehicle enterprise service and management platform, and public service and management platform of battery electric vehicle, plug-in hybrid electric vehicle and fuel cell electric vehicle. 2 Normative references The following documents contain provisions which, through reference in this text, constitute provisions of this standard. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. GB/T 19596 Terminology of electric vehicles GB/T 32960.1-2016 Technical specifications of remote service and management system for electric vehicles — Part 1: General principle GB/T 32960.3-2016 Technical specifications of remote service and management system for electric vehicles — Part 3: Communication protocol and data format 3 Terms and definitions For the purposes of this standard, the terms and definitions given in GB/T 19596, GB/T 32960.1-2016, GB/T 32960.3-2016 and the following apply. 3.1 remote service and management system for electric vehicles system that collects, processes and manages electric vehicle information and provides information services for network users, which consists of public service and management platform, enterprise service and management platform and on-board terminal [Source: GB/T 32960.1-2016, 3.1]  3.2 public service and management platform platform established by the national and local governments or their designated agencies for data collection and unified management of electric vehicles within their jurisdiction [Source: GB/T 32960.1-2016, 3.2] 3.3 enterprise service and management platform platform where whole vehicle enterprises build or entrust a third-party technical unit to manage the electric vehicles and users within the service scope, and provide safe operation services and management [Source: GB/T 32960.1-2016, 3.3] 3.4 on-board terminal device or system which is installed on the vehicle to collect and save the key state parameters of the whole vehicle and system components and send them to the platform [Source: GB/T 32960.1-2016, 3.4] 3.5 client platform platform as the remote service and management platform of the vehicle data sender during the data interaction between the two platforms [Source: GB/T 32960.3-2016, 3.1] 3.6 server platform platform as the remote service and management platform of the vehicle data receiver during the data interaction between the two platforms [Source: GB/T 32960.3-2016, 3.2] 3.7 trusted verification integrity verification of the target program of the device based on the trusted root 4 Abbreviations For the purposes of this standard, the following abbreviations apply. AES: Advanced Encryption Standard IP: Internet Protocol JTAG: Joint Test Action Group LTE: Long Term Evolution PCB: Printed Circuit Board SPI: Serial Peripheral Interface SSL: Secure Sockets Layer TCP: Transmission Control Protocol TLS: Transport Layer Security UART: Universal Asynchronous Receiver/Transmitter USB: Universal Serial Bus UTC: Universal Time Coordinated 5 Information security requirements 5.1 Overall structure diagram The overall structure diagram of information security of remote service and management system for electric vehicles is shown in Figure 1.

Contents of GB/T 40855-2021

Foreword i 1 Scope 2 Normative references 3 Terms and definitions 4 Abbreviations 5 Information security requirements 5.1 Overall structure diagram 5.2 Security requirements for on-board terminal 5.3 Communication security requirements between platforms 5.4 Security requirements for communications between on-board terminals and platforms 5.5 Security requirements for platforms 6 Test methods 6.1 General 6.2 Requirements for information security test samples of on-board terminals 6.3 Information security test environment of on-board terminal 6.4 Information security test of on-board terminal 6.5 Test of communication security between platforms 6.6 Test of communication security between on-board terminal and platform