Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This document is developed in accordance with the rules given in GB/T 1.1-2020 Directives for standardization - Part 1: Rules for the structure and drafting of standardizing documents.
Attention is drawn to the possibility that some of the elements of this standard may be the subject of patent rights. The issuing body of this document shall not be held responsible for identifying any or all such patent rights.
This standard was proposed by the Ministry of Industry and Information Technology of the People's Republic of China.
This standard is under the jurisdiction of the National Technical Committee of Auto Standardization (SAC/TC 114).
Introduction
With the rapid development and application of intelligent and networked technology, vehicles have gradually evolved from a relatively isolated electro-mechanical system to an intelligent system that can realize information interaction with the outside world, resulting in the cybersecurity issues derived from the networked vehicles.
Unlike cybersecurity in such industries as communication, which mainly causes property loss, the high-speed vehicles carrying people and goods will not only cause property loss, but also seriously threaten personal and public safety in case of vehicle cybersecurity endangered.
Based on the hazards and causes of vehicle cybersecurity risks, this document sets out general technical requirements for the protected objects (the technical requirements of the vehicles and their electronic and electrical systems and assembly can be determined according to the functional design and risk assessment results), which shall be used together with other management requirements standards to guide the establishment of the technical system of vehicle cybersecurity. The standard framework is shown in Figure 1. In addition to the basic technical requirements such as principle requirements and systematic defense strategy requirements, specific technical requirements are established for protected subobjects from the following eight dimensions:
a) authenticity;
b) confidentiality;
c) integrity;
d) availability;
e) access controllability;
f) non-repudiation;
g) accountability;
h) preventability.
Figure 1 Standard framework
General technical requirements for vehicle cybersecurity
1 Scope
This standard specifies the protected objects of and technical requirements for vehicle cybersecurity.
This standard is applicable to Categories M and N vehicles as well as their electronic and electrical systems and assembly.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 29246-2017 Information technology — Security techniques — Information security management systems—Overview and vocabulary
GB/T 34590.3-2017 Road vehicles—Functional safety—Part 3: Concept phase
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 29246-2017 and the following apply.
3.1
vehicle cybersecurity
state in which a vehicle’s electronic and electrical systems, assembly and functions are protected so that its assets are free from threats
3.2
authenticity
property that ensures that the identity of an entity is the one claimed
[Source: GB/T 29246-2017, 2.8, modified]
3.3
confidentiality
property that information is not available or disclosed to unauthorized individuals, entities, or processes
[Source: GB/T 29246-2017, 2.12]
3.4
integrity
property of accuracy and completeness
[Source: GB/T 29246-2017, 2.40]
3.5
availability
property of being accessible and useable upon demand by an authorized entity
[Source: GB/T 29246-2017, 2.9]
3.6
access controllability
property that ensures that access to assets is authorized and restricted based on business and security requirements
3.7
non-repudiation
ability to prove the occurrence and origin of an alleged event or act
[Source: GB/T 29246-2017, 2.54]
3.8
accountability
property that ensures that the actions of an entity can be traced uniquely to the entity
3.9
preventability
capability to identify, detect and respond to information abnormalities and attacks
3.10
denial of service; DoS
prevention of authorized access to a system resource or delaying of system operations and functions, with resultant loss of availability to authorized users
3.11
distributed denial of service; DDoS
compromising or controlling multiple systems to flood the bandwidth or resources of the targeted system, with resultant denial of service
3.12
backdoor
channel that is able to bypass the control of security mechanisms such as system authentication and enter the information system
3.13
security important parameter
security-related information, including secret key and private key, authentication data such as passwords, or other password-related parameters
3.14
access control
means to ensure access to assets is authorized and restricted based on business and security requirements
[Source: GB/T 29246-2017, 2.1]
4 Abbreviations
For the purposes of this standard, the following abbreviations apply.
CAN: Controller Area Network
DoS: Denial of Service
DDoS: Distributed Denial of Service
ECU: Electronic Control Unit
FTP: File Transfer Protocol
HSM: Hardware Secure Module
ICCID: Integrate Circuit Card Identity
IMSI: International Mobile Subscriber Identity
JTAG: Joint Test Action Group
LIN: Local Interconnect Network
OBD: On-Board Diagnostics
TCM: Trusted Cryptography Module
TEE: Trusted Execution Environments
Telnet: Telecommunication Network Protocol
TFTP: Trivial File Transfer Protocol
TLS: Transport Layer Security
TPM: Trusted Platform Module
V2X: Vehicle to Everything
Wi-Fi: Wireless Fidelity
5 Protected objects
5.1 General
The vehicles may be divided by protected object into three types of protected subobjects: on-board system, off-board communication and off-board system, as shown in Figure 2.
Note 1: The off-board system is not covered in this standard.
Note 2: In order to better understand the technical requirements of protected objects in different dimensions, the typical security threats encountered by on-board system and off-board communication are listed in Annex A, A.1 and A.2 respectively.
Foreword i
Introduction ii
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviations
5 Protected objects
5.1 General
5.2 On-board system
5.3 Off-board communication
6 Technical requirements
6.1 Principle requirements
6.2 Requirements for systematic defense strategy
6.3 Requirements for protection dimensions
Annex A (Informative) Threats to cybersecurity
Bibliography
Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This document is developed in accordance with the rules given in GB/T 1.1-2020 Directives for standardization - Part 1: Rules for the structure and drafting of standardizing documents.
Attention is drawn to the possibility that some of the elements of this standard may be the subject of patent rights. The issuing body of this document shall not be held responsible for identifying any or all such patent rights.
This standard was proposed by the Ministry of Industry and Information Technology of the People's Republic of China.
This standard is under the jurisdiction of the National Technical Committee of Auto Standardization (SAC/TC 114).
Introduction
With the rapid development and application of intelligent and networked technology, vehicles have gradually evolved from a relatively isolated electro-mechanical system to an intelligent system that can realize information interaction with the outside world, resulting in the cybersecurity issues derived from the networked vehicles.
Unlike cybersecurity in such industries as communication, which mainly causes property loss, the high-speed vehicles carrying people and goods will not only cause property loss, but also seriously threaten personal and public safety in case of vehicle cybersecurity endangered.
Based on the hazards and causes of vehicle cybersecurity risks, this document sets out general technical requirements for the protected objects (the technical requirements of the vehicles and their electronic and electrical systems and assembly can be determined according to the functional design and risk assessment results), which shall be used together with other management requirements standards to guide the establishment of the technical system of vehicle cybersecurity. The standard framework is shown in Figure 1. In addition to the basic technical requirements such as principle requirements and systematic defense strategy requirements, specific technical requirements are established for protected subobjects from the following eight dimensions:
a) authenticity;
b) confidentiality;
c) integrity;
d) availability;
e) access controllability;
f) non-repudiation;
g) accountability;
h) preventability.
Figure 1 Standard framework
General technical requirements for vehicle cybersecurity
1 Scope
This standard specifies the protected objects of and technical requirements for vehicle cybersecurity.
This standard is applicable to Categories M and N vehicles as well as their electronic and electrical systems and assembly.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 29246-2017 Information technology — Security techniques — Information security management systems—Overview and vocabulary
GB/T 34590.3-2017 Road vehicles—Functional safety—Part 3: Concept phase
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T 29246-2017 and the following apply.
3.1
vehicle cybersecurity
state in which a vehicle’s electronic and electrical systems, assembly and functions are protected so that its assets are free from threats
3.2
authenticity
property that ensures that the identity of an entity is the one claimed
[Source: GB/T 29246-2017, 2.8, modified]
3.3
confidentiality
property that information is not available or disclosed to unauthorized individuals, entities, or processes
[Source: GB/T 29246-2017, 2.12]
3.4
integrity
property of accuracy and completeness
[Source: GB/T 29246-2017, 2.40]
3.5
availability
property of being accessible and useable upon demand by an authorized entity
[Source: GB/T 29246-2017, 2.9]
3.6
access controllability
property that ensures that access to assets is authorized and restricted based on business and security requirements
3.7
non-repudiation
ability to prove the occurrence and origin of an alleged event or act
[Source: GB/T 29246-2017, 2.54]
3.8
accountability
property that ensures that the actions of an entity can be traced uniquely to the entity
3.9
preventability
capability to identify, detect and respond to information abnormalities and attacks
3.10
denial of service; DoS
prevention of authorized access to a system resource or delaying of system operations and functions, with resultant loss of availability to authorized users
3.11
distributed denial of service; DDoS
compromising or controlling multiple systems to flood the bandwidth or resources of the targeted system, with resultant denial of service
3.12
backdoor
channel that is able to bypass the control of security mechanisms such as system authentication and enter the information system
3.13
security important parameter
security-related information, including secret key and private key, authentication data such as passwords, or other password-related parameters
3.14
access control
means to ensure access to assets is authorized and restricted based on business and security requirements
[Source: GB/T 29246-2017, 2.1]
4 Abbreviations
For the purposes of this standard, the following abbreviations apply.
CAN: Controller Area Network
DoS: Denial of Service
DDoS: Distributed Denial of Service
ECU: Electronic Control Unit
FTP: File Transfer Protocol
HSM: Hardware Secure Module
ICCID: Integrate Circuit Card Identity
IMSI: International Mobile Subscriber Identity
JTAG: Joint Test Action Group
LIN: Local Interconnect Network
OBD: On-Board Diagnostics
TCM: Trusted Cryptography Module
TEE: Trusted Execution Environments
Telnet: Telecommunication Network Protocol
TFTP: Trivial File Transfer Protocol
TLS: Transport Layer Security
TPM: Trusted Platform Module
V2X: Vehicle to Everything
Wi-Fi: Wireless Fidelity
5 Protected objects
5.1 General
The vehicles may be divided by protected object into three types of protected subobjects: on-board system, off-board communication and off-board system, as shown in Figure 2.
Note 1: The off-board system is not covered in this standard.
Note 2: In order to better understand the technical requirements of protected objects in different dimensions, the typical security threats encountered by on-board system and off-board communication are listed in Annex A, A.1 and A.2 respectively.
Contents of GB/T 40861-2021
Foreword i
Introduction ii
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviations
5 Protected objects
5.1 General
5.2 On-board system
5.3 Off-board communication
6 Technical requirements
6.1 Principle requirements
6.2 Requirements for systematic defense strategy
6.3 Requirements for protection dimensions
Annex A (Informative) Threats to cybersecurity
Bibliography