Most popular after the United States, Britain and

2022-10-01
  • Detail

After the United States, Britain and Germany, China has formulated its own automotive information security standards

on April 4, the automotive Standardization Research Institute of China Automotive Technology Research Center announced that in the first batch of recommended national standards plans recently issued by the National Standards Commission, four recommended national standard projects related to automotive information security submitted by the intelligent United Automobile sub committee of the National Automotive Standardization Technical Commission (hereinafter referred to as "the automotive Standardization Commission") were approved, Including: General technical requirements for automotive information security (Plan No. -t-339); Technical requirements for information security of electric vehicle remote service and management system (Plan No. -t-339); Technical requirements for information security of on-board information interaction system (Plan No. -t-339); Technical requirements for information security of automobile customs (Plan No. -t-339) (hereinafter referred to as "four standards")

relevant experts said that in the context of the new four modernizations of vehicles, the four standards of intelligent link, based on the general requirements of information security, take ensuring the safe, stable and reliable operation of vehicles as the core, and mainly focus on the communication, data, software and hardware security of vehicles and on-board systems, and put forward requirements for risk assessment, safety protection, testing and evaluation from the aspects of vehicles, systems, key nodes, and vehicle and external interfaces, Prevent the attack, intrusion, interference, destruction, illegal use and accidents of vehicles

cyber attacks call for information security

cyber attacks lead to the safety of life and property of car drivers, which is by no means alarmist. In the cases reported abroad, 1. The necessary points for the pre use inspection of the plastic tensile testing machine. The network attack against the car coupling can control the vehicle power system and threaten the life safety of the driver

the white paper on vehicle contact safety (2017) shows that in 2015, Chrysler's Jeep model was invaded by foreign security experts, using system vulnerabilities to remotely control the vehicle's multimedia system, and then attack the V850 controller, modify its firmware, and obtain the permission to send instructions to the CAN bus remotely, so as to achieve the purpose of remote control of the powertrain and braking system, It can reduce the driving speed of the car, turn off the car engine, brake suddenly or make the brake fail without the knowledge of the user

in 2016, experts from Norwegian security company obtained the user name and password of Tesla account in the case of user intrusion. By logging in to Tesla car service platform, they can locate and track the vehicle at any time, unlock and start the vehicle, which eventually led to the theft of the vehicle and the loss of users' property

it can be seen that the lightweight, high barrier and degradable packaging trend of information security of smart car is the core of car contact safety, and it is also the focus of enterprise safety protection. "No rules, no radius". The establishment of national standards has become an important foundation for maintaining the information security of smart car

in January 2018, the national development and Reform Commission issued the "smart car innovation and development strategy" (Exposure Draft) clearly proposed to build a comprehensive and efficient smart car information security system to ensure the healthy and orderly development of the car contact safety industry. It also proposes to improve the linkage mechanism of information security management, clarify the security management of relevant subjects, and regularly carry out security supervision and inspection; Strengthen the protection ability of information security system from cloud, management and end; Strengthen data security protection management. Establish a safety management mechanism for the whole life cycle of intelligent vehicle data, strengthen data safety supervision and inspection, carry out data risk, data exit safety and other evaluation work, and strengthen the construction of management system

according to the introduction, in recent years, China has closely followed the international pace and carried out the research on the recommended national standards of automotive information security. The intelligent United Automobile sub Technical Committee under the Automobile Standard Committee is responsible for the centralized management of the national standards and industry standards in the field of intelligent United Automobile in China. In 2017, the automobile information security standard working group was officially established by the Automobile Standard Committee, and the formulation of the above four standards has been completed in collaboration so far, The project application of recommended national standards was submitted to the National Standards Commission. At the same time, the National Information Technology Security Standardization Technical Committee (hereinafter referred to as the "information security standardization committee") and China Communications Standardization Association have participated in the research of relevant standards

professor wangyunpeng from the school of transportation science and engineering, Beijing University of Aeronautics and Astronautics, said to that the national standards help promote the information security layout of car couplets. He believes that the information security of car service mainly has three levels: end, and cloud. From the automobile end, there are security protection and intrusion detection; From the perspective of, there are secure communication protocols and trusted access networks; From the perspective of cloud, there are security authentication and privacy protection. The national standard is to build the car service information security system on these three frameworks. He hoped that through the implementation of national standards, the information security of car service would be promoted from the overall architecture, standards and specifications, key generic technology research to future product development, forming a full chain protection system, so as to promote the deep integration and development of intelligent car service and intelligent transportation

security issues have become the focus of attention

it is based on the threat from reality that the information security of smart cars has attracted increasing attention worldwide. U.S.

in August 2017, the U.S. Department of Transportation Road Traffic Safety Administration (NHTSA) released a new version of the federal auto drive system guide: safety vision 2.0, requiring automobile manufacturers to take measures to deal with network threats and vulnerabilities, and to conduct a network safety assessment of vehicle assistance systems

Britain

Britain requires car manufacturers to undertake a series of network security, including resisting network attacks and hackers. In August 2017, tensile testing machine enterprises issued by the British government set up after-sales service points overseas to publish the key safety principles of intelligent automobile network, which put forward eight key principles, including top-level design, risk management and evaluation, product after-sales service and emergency response mechanism, overall safety requirements, system design, software safety management, data security, and elastic design. Expand network safety to every subject in the supply chain, and emphasize that network safety should be considered in the whole life cycle of vehicles

Germany, as a powerful country in the traditional automobile industry, has a positive attitude towards the development of autonomous driving technology and industry. In June 2017, Germany became the "pioneer" of legislation in the field of autonomous driving by issuing the eighth amendment to the road traffic law and the code of ethics for autonomous driving

in the international standards organization, 3GPP (Communication third generation partner Working Group) has established information security technical requirements for v2x (car service) technology to ensure the security of communication. SAE and ISO, which have been committed to automotive safety standards, have formed a joint working group and drafted ISO 21434 international standard in iso/sae tc22, which will be completed in 2019, mainly restricting automotive information security issues

"don't let smart cars run naked." During the two sessions this year, Zhou Hongyi, member of the CPPCC National Committee and chairman and CEO of 360 group, repeatedly stressed that the most important problem of smart cars is safety, and the lack of safety standards is one of the urgent problems to be solved

Zhou Hongyi mentioned in the proposal of the two sessions that smart cars face three threats. First, smart cars have network security risks, and many connection systems may endanger personal safety, social security and national security after being attacked by hackers. Second, there is no network safety standard for smart cars at present, which may make listed smart cars "run naked"; Third, the network security problems of intelligent vehicle manufacturers threaten the safety of intelligent vehicles. He proposed that through the establishment of safety standards and other measures, the network safety system, like the "safety belt", should be listed as the standard configuration of smart cars, so as to achieve the safety, reliability and controllability of smart cars

on the basis of improving the national standards of automobile information security, relevant experts in the industry put forward four issues that need to be paid attention to: first, we should improve the legal system related to car coupling safety. Strengthen the research on the legal system related to the safety of car couplets, and simultaneously consider the legal supervision problems that have been or may arise in the process of the development of car couplets. Put forward suggestions on the application of laws related to car couplets

second, it is necessary to introduce strategic policies related to the safety of car couplets. From the national level, formulate and issue the car Union safety assurance strategy and action plan, and clarify the positioning, development objectives and safeguard measures of the car Union safety work. Set up special funds for the safety development of car couplets, issue and implement fiscal and tax support and investment and financing policies, and fully support the healthy development of car couplets

the third is to establish and improve the safety management mechanism of car couplets. Clarify the responsibilities of various government departments in the field of car service industry, supervise and guide relevant units to implement car service safety protection in accordance with national policies and regulations. Strengthen the coordination and cooperation of various departments in the safety protection of car couplets, establish and improve the irregular exchange mechanism between departments, and promote the sharing of supervision experience and relevant achievements. Fourth, we should strengthen the three-point zigzag fixture and stretching fixture design of the car coupling safety standard, and make an overall deployment at one time

organize and coordinate industry regulatory departments, research institutions, car service enterprises, safety manufacturers, etc. to study and formulate standards and specifications related to car service safety, such as management, technology, evaluation, etc. Actively lead or participate in the international standardization activities of car Union safety and the formulation of working rules, promote the independent national standards to become international standards, and gradually enhance China's influence in the international standardization organization of car Union safety

"the establishment of the four standards is only the beginning." Experts said that according to the guidelines for the construction of the national car service industry standard system (smart car), jointly issued by the Ministry of industry and information technology and the National Standards Commission, the research and drafting of a number of automotive information security standards are being promoted. In the follow-up, the intelligent United Automobile sub committee of the Automobile Standard Committee will organize all standard setting units to make a plan and implementation plan, widely listen to the opinions of the industry in the standard setting, strengthen the system coordination with relevant industries, orderly promote the construction of automobile information security standard system, and support the development of intelligent United Automobile Technology and industry

Copyright © 2011 JIN SHI