首頁(yè) > 新能源汽車

首個(gè)汽車信息安全I(xiàn)SO國(guó)際標(biāo)準(zhǔn)正式發(fā)布ISO-SAE 21434

來(lái)源:新能源汽車網(wǎng)
時(shí)間:2021-09-15 08:06:55
熱度:

首個(gè)汽車信息安全I(xiàn)SO國(guó)際標(biāo)準(zhǔn)正式發(fā)布ISO-SAE 21434本文來(lái)源:智車科技/ 導(dǎo)讀 /2021年8月31日,ISO國(guó)際標(biāo)準(zhǔn)化組織正式發(fā)布了ISO/SAE 21434:Roa

本文來(lái)源:智車科技

/ 導(dǎo)讀 /

2021年8月31日,ISO國(guó)際標(biāo)準(zhǔn)化組織正式發(fā)布了ISO/SAE 21434:Road vehicles-Cybersecurity engineering(道路車輛 信息安全工程)標(biāo)準(zhǔn),該標(biāo)準(zhǔn)定義了針對(duì)所有車載電子系統(tǒng)、車輛部件、車載軟件及外部網(wǎng)絡(luò)的網(wǎng)絡(luò)信息安全工程設(shè)計(jì)實(shí)踐/做法。

標(biāo)準(zhǔn)發(fā)布

標(biāo)準(zhǔn)主要規(guī)定了道路車輛電子電氣系統(tǒng)及其組件和接口在概念、開(kāi)發(fā)、生產(chǎn)、運(yùn)行、維護(hù)和銷毀階段工程相關(guān)的信息安全風(fēng)險(xiǎn)管理要求,標(biāo)準(zhǔn)主要側(cè)重于汽車信息安全流程,并未規(guī)定與信息安全相關(guān)的具體技術(shù)或解決方案。作為當(dāng)前汽車信息安全領(lǐng)域最重要的國(guó)際標(biāo)準(zhǔn)之一,其發(fā)布將為汽車全生命周期的信息安全過(guò)程管理及信息安全管理體系建設(shè)提供有力支撐。該標(biāo)準(zhǔn)制訂工作自2016年1月30日啟動(dòng),2021年8月發(fā)布。由中汽中心牽頭組織行業(yè)專家正在推進(jìn)將ISO/SAE 21434國(guó)際標(biāo)準(zhǔn)轉(zhuǎn)化為推薦性國(guó)家標(biāo)準(zhǔn)《道路車輛 信息安全工程》。該標(biāo)準(zhǔn)文件由技術(shù)委員會(huì)ISO/TC 22、道路車輛、小組委員會(huì)SC 32、電氣和電子部件及通用系統(tǒng)方面以及SAE TEVEES18A車輛信息安全系統(tǒng)工程委員會(huì)共同編制。ISO/SAE 21434第一版取消并替代SAE J3061:2016- Cybersecurity Guidebook for Cyber-Physical Vehicle Systems。

ISO/SAE 21434概述

ISO/SAE 21434概覽

ISO/SAE 21434側(cè)重于汽車電子產(chǎn)品設(shè)計(jì)和開(kāi)發(fā)中的網(wǎng)絡(luò)安全風(fēng)險(xiǎn)。該標(biāo)準(zhǔn)涵蓋網(wǎng)絡(luò)安全治理和結(jié)構(gòu)、車輛整個(gè)生命周期的安全工程以及后期生產(chǎn)安全流程。ISO/SAE 21434的前置ISO標(biāo)準(zhǔn)是ISO 26262“道路車輛-功能安全”。ISO 26262為汽車安全提供了一個(gè)生命周期(管理、開(kāi)發(fā)、生產(chǎn)、經(jīng)營(yíng)、服務(wù)、報(bào)廢)理念,并在這些生命周期階段中提供必要的支持。該標(biāo)準(zhǔn)涵蓋功能性安全方面的整體開(kāi)發(fā)過(guò)程(包括需求規(guī)劃、設(shè)計(jì)、實(shí)施、集成、驗(yàn)證、確認(rèn)和配置)。26262不包括軟件開(kāi)發(fā)或車輛子系統(tǒng),也不包括如何處理網(wǎng)絡(luò)安全事件。ISO/SAE 21434涵蓋了網(wǎng)絡(luò)安全的各個(gè)方面——從車輛的初始設(shè)計(jì)到報(bào)廢。供應(yīng)鏈也包括在汽車生產(chǎn)的每個(gè)步驟中。ISO/SAE 21434涵蓋了連接車輛生命周期的所有階段,包括電氣和電子系統(tǒng),包括其部件和接口,包括:? 設(shè)計(jì)與工程? 生產(chǎn)? 客戶操作? 維修保養(yǎng)? 報(bào)廢這種網(wǎng)絡(luò)安全管理的生命周期方法使ISO/SAE 21434成為連接車輛網(wǎng)絡(luò)安全最全面的方法之一。

對(duì)汽車原始設(shè)備制造商和開(kāi)發(fā)商的影響

任何制造商、開(kāi)發(fā)人員或OEM都應(yīng)考慮積極地將ISO/SAE 21434集成到其當(dāng)前的生產(chǎn)過(guò)程中。新標(biāo)準(zhǔn)的主要關(guān)注點(diǎn)是網(wǎng)絡(luò)信息安全。標(biāo)準(zhǔn)的重點(diǎn)是通過(guò)規(guī)范制造商測(cè)試其產(chǎn)品的方式,為汽車消費(fèi)者提供更好的安全性。

ISO/SAE 21434要求制造商和開(kāi)發(fā)商進(jìn)行風(fēng)險(xiǎn)評(píng)估。在識(shí)別風(fēng)險(xiǎn)之前,廠商需要知道是什么導(dǎo)致了風(fēng)險(xiǎn)。評(píng)估將識(shí)別可能容易受到攻擊的任何組件、API或軟件功能。完成評(píng)估后,應(yīng)識(shí)別漏洞。

對(duì)汽車開(kāi)發(fā)商和制造商的影響是,他們可以生產(chǎn)在發(fā)布前經(jīng)過(guò)測(cè)試的應(yīng)用程序和組件,這有利于駕駛員和他們的安全。

標(biāo)準(zhǔn)也與其他框架一起工作:在ISO/SAE 21434的情況下,NIST SP-800—30和StAMARDISO/IEC 31010可用于使用嘗試和測(cè)試的方法建立風(fēng)險(xiǎn)評(píng)估的基礎(chǔ)。

ISO/SAE 21434標(biāo)準(zhǔn)由汽車?yán)嫦嚓P(guān)者引入,以解決連接帶來(lái)的安全問(wèn)題。該標(biāo)準(zhǔn)為強(qiáng)化安全性提供了一個(gè)框架,促進(jìn)使用更理想的方法構(gòu)建更安全的車輛。

ISO/SAE 21434:2021標(biāo)準(zhǔn)簡(jiǎn)介

(一)標(biāo)準(zhǔn)一般信息

狀態(tài):已發(fā)布發(fā)布日期:2021-08版本:第1版頁(yè)數(shù):81頁(yè)技術(shù)委員會(huì):ISO/TC 22/SC 32 Electrical and electronic components and general system aspects(電氣和電子元件及一般系統(tǒng)相關(guān))

(二)標(biāo)準(zhǔn)的目的

本文件闡述了道路車輛電氣和電子(E/E)系統(tǒng)工程中的信息安全觀點(diǎn)。通過(guò)確保對(duì)信息安全的適當(dāng)考慮,本文件旨在使電子/電子系統(tǒng)工程跟上最先進(jìn)的技術(shù)和不斷發(fā)展的攻擊方法。

本文檔提供了與信息安全工程相關(guān)的詞匯、目標(biāo)、要求和準(zhǔn)則,作為整個(gè)供應(yīng)鏈中共同理解的基礎(chǔ)。這使組織能夠:?定義信息安全政策和流程;?管理信息安全風(fēng)險(xiǎn);?培養(yǎng)信息安全文化。本文件可用于實(shí)施信息安全管理系統(tǒng),包括信息安全風(fēng)險(xiǎn)管理。

(三)本文件的組織

圖1給出了標(biāo)準(zhǔn)文檔結(jié)構(gòu)的概述。圖1的元素沒(méi)有規(guī)定各個(gè)主題的執(zhí)行順序。標(biāo)準(zhǔn)文件概述

第4條(一般注意事項(xiàng))僅供參考,包括本文件中道路車輛信息安全工程方法的背景和觀點(diǎn)。

第5條(組織信息安全管理)包括組織信息安全政策、規(guī)則和流程的信息安全管理和規(guī)范。

第6條(項(xiàng)目相關(guān)信息安全管理)包括項(xiàng)目層面的信息安全管理和信息安全活動(dòng)。

第7條(分布式信息安全活動(dòng))包括在客戶和供應(yīng)商之間分配信息安全活動(dòng)責(zé)任的要求。

第8條(持續(xù)信息安全活動(dòng))包括為持續(xù)風(fēng)險(xiǎn)評(píng)估提供信息的活動(dòng),并定義了在信息安全支持結(jié)束前電子/電子系統(tǒng)的脆弱性管理(vulnerability management)。

第9條(概念)包括確定項(xiàng)目信息安全風(fēng)險(xiǎn)、信息安全目標(biāo)和信息安全要求的活動(dòng)。

第10條(產(chǎn)品開(kāi)發(fā))包括定義信息安全規(guī)范、實(shí)施和驗(yàn)證信息安全要求的活動(dòng)。

第11條(信息安全驗(yàn)證)包括車輛級(jí)項(xiàng)目的信息安全驗(yàn)證。

第12條(生產(chǎn))包括物品或組件制造和組裝的信息安全相關(guān)方面。

第13條(操作和維護(hù))包括與信息安全事件響應(yīng)和項(xiàng)目或組件更新相關(guān)的活動(dòng)。

第14條(結(jié)束信息安全支持及報(bào)廢)包括結(jié)束項(xiàng)目或組件支持和報(bào)廢的信息安全考慮因素。

第15條(威脅分析和風(fēng)險(xiǎn)評(píng)估方法)包括模塊化的分析和評(píng)估方法,以確定信息安全風(fēng)險(xiǎn)的程度,從而采取措施。

第5條至第15條有自己的目標(biāo)、規(guī)定(即要求、建議、許可)和工作成果(work products)。工作成果是滿足一個(gè)或多個(gè)相關(guān)要求的信息安全活動(dòng)的結(jié)果。

“先決條件”是由前一階段的工作成果組成的強(qiáng)制性輸入,“進(jìn)一步支持信息”是指可以考慮的信息,可由有別于信息安全活動(dòng)負(fù)責(zé)人的來(lái)源提供。

條款和工作成果被分配唯一標(biāo)識(shí)符,由兩個(gè)字母的縮寫(xiě)(“RQ”表示要求,“RC”表示建議,“PM”表示許可,“WP”表示工作成果)組成,后跟兩個(gè)數(shù)字,用連字符分隔。第一個(gè)數(shù)字表示該條款,第二個(gè)數(shù)字分別表示該條款的條款或工作成果的連續(xù)順序。例如,[RQ-05-14]指第5條中的第14條規(guī)定,這是一項(xiàng)要求。

(四)標(biāo)準(zhǔn)目錄

標(biāo)準(zhǔn)目錄 (參考譯文)

Foreword 前言

Introduction 介紹

1 Scope 1范圍

2 Normative references 2規(guī)范性引用文件

3 Terms, definitions and abbreviated terms 3術(shù)語(yǔ)、定義和縮略語(yǔ)

3.1 Terms and definitions 3.1術(shù)語(yǔ)和定義

3.2 Abbreviated terms 3.2縮略語(yǔ)

4 General considerations 4總體考慮

5 Organizational cybersecurity management 5組織信息安全管理

5.1 General 5.1通則

5.2 Objectives 5.2目標(biāo)

5.3 Inputs 5.3輸入

5.4 Requirements and recommendations 5.4要求和建議

5.5 Work products 5.5工作產(chǎn)品(成果)

6 Project dependent cybersecurity management 6項(xiàng)目相關(guān)信息安全管理

6.1 General 6.1通則

6.2 Objectives 6.2目標(biāo)

6.3 Inputs 6.3輸入

6.4 Requirements and recommendations 6.4要求和建議

6.5 Work products 6.5工作成果

7 Distributed cybersecurity activities 7.分布式信息安全活動(dòng)

7.1 General 7.1通則

7.2 Objectives 7.2目標(biāo)

7.3 Inputs 7.3輸入

7.4 Requirements and recommendations 7.4要求和建議

7.5 Work products 7.5工作成果

8 Continual cybersecurity activities 8持續(xù)信息安全活動(dòng)

8.1 General 8.1通則

8.2 Objectives 8.2目標(biāo)

8.3 Cybersecurity monitoring 8.3信息安全監(jiān)控

8.4 Cybersecurity event evaluation 8.4信息安全事件評(píng)估

8.5 Vulnerability analysis 8.5漏洞分析

8.6 Vulnerability management 8.6漏洞管理

9 Concept 9概念

9.1 General 9.1通則

9.2 Objectives 9.2目標(biāo)

9.3 Item definition 9.3項(xiàng)目定義

9.4 Cybersecurity goals 9.4信息安全目標(biāo)

9.5 Cybersecurity concept 9.5信息安全概念

10 Product development 10 產(chǎn)品開(kāi)發(fā)

10.1 General 10.1通則

10.2 Objectives 10.2目標(biāo)

10.3 Inputs 10.3輸入

10.4 Requirements and recommendations 10.4要求和建議

10.5 Work products 10.5工作產(chǎn)品

11 Cybersecurity validation 11信息安全驗(yàn)證

11.1 General 11.1通則

11.2 Objectives 11.2目標(biāo)

11.3 Inputs 11.3輸入

11.4 Requirements and recommendations 11.4要求和建議

11.5 Work products 11.5工作產(chǎn)品

12 Production 12生產(chǎn)

12.1 General 12.1通則

12.2 Objectives 12.2目標(biāo)

12.3 Inputs 12.3輸入

12.4 Requirements and recommendations 12.4要求和建議

12.5 Work products 12.5工作產(chǎn)品

13 Operations and maintenance 13運(yùn)行和維護(hù)

13.1 General 13.1通則

13.2 Objectives 13.2目標(biāo)

13.3 Cybersecurity incident response 13.3信息安全事件響應(yīng)

13.4 Updates 13.4更新

14 End of cybersecurity support and decommissioning 14信息安全支持結(jié)束和報(bào)廢

14.1 General 14.1通則

14.2 Objectives 14.2目標(biāo)

14.3 End of cybersecurity support 14.3信息安全支持結(jié)束

14.4 Decommissioning 14.4報(bào)廢

15 Threat analysis and risk assessment methods 15威脅分析和風(fēng)險(xiǎn)評(píng)估方法

15.1 General 15.1通則

15.2 Objectives 15.2目標(biāo)

15.3 Asset identification 15.3資產(chǎn)識(shí)別

15.4 Threat scenario identification 15.4威脅場(chǎng)景識(shí)別

15.5 Impact rating 15.5影響等級(jí)

15.6 Attack path analysis 15.6攻擊路徑分析

15.7 Attack feasibility rating 15.7攻擊可行性等級(jí)

15.8 Risk value determination 15.8風(fēng)險(xiǎn)值確定

15.9 Risk treatment decision 15.9風(fēng)險(xiǎn)處理決策

Annex A Summary of cybersecurity activities and work products 附錄A 信息安全活動(dòng)和工作成果概述

A.1 General A.1概述

A.2 Overview of cybersecurity activities and work products A.2信息安全活動(dòng)和工作成果概述

Annex B Examples of cybersecurity culture 附錄B 信息安全文化示例

Annex C Example of cybersecurity interface agreement template 附錄C 信息安全接口協(xié)議模板示例

C.1 General C.1概述

C.2 Example template C.2示例模板附錄

Annex D Cybersecurity relevance – example methods and criteria 附件D 信息安全相關(guān)性-示例方法和標(biāo)準(zhǔn)

D.1 General D.1總則

D.2 Methods D.2方法

Annex E Cybersecurity assurance levels 附件E 網(wǎng)絡(luò)安全保證分級(jí)

E.1 General E.1總則

E.2 Determining a CAL E.2確定CAL

E.3 Using a CAL E.3使用CAL

Annex F Guidelines for impact rating 附件F 影響評(píng)級(jí)指南

F.1 General F.1總則

F.2 Impact rating for safety damage F.2安全損傷的沖擊等級(jí)

F.3 Impact rating for financial damage F.3財(cái)務(wù)損失的影響評(píng)級(jí)

F.4 Impact rating for operational damage F.4操作損傷的沖擊等級(jí)

F.5 Impact rating for privacy damage F.5隱私損害的影響評(píng)級(jí)附錄

Annex G Guidelines for attack feasibility rating G 攻擊可行性評(píng)級(jí)指南

G.1 General G.1概述

G.2 Guidelines for the attack potential-based approach G.2基于攻擊潛力的方法指南

G.3 Guidelines for the CVSS-based approach G.3基于CVSS的方法指南

G.4 Guidelines for the attack vector-based approach G.4基于攻擊向量的方法指南

Annex H Examples of application of TARA methods – headlamp system 附錄H TARA方法應(yīng)用示例-前照燈系統(tǒng)

H.1 General H.1通則

H.2 Example activities for concept phase of a headlamp system H.2前照燈系統(tǒng)概念階段的活動(dòng)示例

BIBLIOGRAPHY 參考文獻(xiàn)

(五)圖目錄

圖目錄 (參考譯文)

Figure 1 — Overview of this document 圖1-本文件概述

Figure 2 — Overall cybersecurity risk management 圖2-總體信息安全風(fēng)險(xiǎn)管理

Figure 3 — Relationship between item, function, component and related terms 圖3-事項(xiàng)、功能、組件和相關(guān)術(shù)語(yǔ)之間關(guān)系

Figure 4 — Cybersecurity governance 圖4-信息安全治理

Figure 5 — Integration of off-the-shelf and out-of-context components 圖5-現(xiàn)有組件和非關(guān)聯(lián)組件的集成

Figure 6 — Reuse analysis examples 圖6-重用分析示例

Figure 7 — Cybersecurity assessment in relation to other cybersecurity activities 圖7-與其他信息安全活動(dòng)相關(guān)的信息安全評(píng)估

Figure 8 — Use cases for customer/supplier relationships in the supply chain 圖8-供應(yīng)鏈中客戶/供應(yīng)商關(guān)系的用例

Figure 9 — Example of product development activities in the V-model 圖9-V型模型中的產(chǎn)品開(kāi)發(fā)活動(dòng)示例

Figure C.1 — Example of a cybersecurity interface agreement template 圖C.1-信息安全接口協(xié)議模板示例

Figure D.1 — Cybersecurity relevance example method and criteria 圖D.1-信息安全相關(guān)性示例方法和標(biāo)準(zhǔn)

Figure E.1 — Relationship between a CAL and risk 圖E.1-CAL和風(fēng)險(xiǎn)之間的關(guān)系

Figure H.1 — Interactions in concept phase 圖H.1-概念階段的交互

Figure H.2 — Example of item boundary and preliminary architecture of the headlamp system 圖H.2-項(xiàng)目邊界和初步架構(gòu)-前照燈系統(tǒng)

(六)表目錄

表目錄 (參考譯文)

Table G.1 — Elapsed time G.1-經(jīng)過(guò)時(shí)間

Table G.2 — Specialist expertise G.2-專家專業(yè)知識(shí)

Table G.3 — Knowledge of the item or component G.3-項(xiàng)目或組件知識(shí)

Table G.4 — Window of opportunity G.4-機(jī)會(huì)窗口

Table G.5 — Equipment G.5-設(shè)備

Table G.6 — Example aggregation of attack potential G.6-潛在攻擊聚合示例

Table G.7 — Example attack potential mapping G.7-潛在攻擊映射示例

Table G.8 — Example CVSS exploitability mapping G.8-CVSS可利用性映射示例

Table G.9 — Attack vector-based approach G.9-基于攻擊向量的方法

Table H.1 — Example description of the operational environment H.1-操作環(huán)境的示例說(shuō)明

Table H.2 — Example list of assets and damage scenarios H.2-資產(chǎn)和損害場(chǎng)景的示例列表

Table H.3 — Example of impact ratings for damage scenarios H.3-損害場(chǎng)景的影響評(píng)級(jí)示例

Table H.4 — Example threat scenarios H.4-威脅場(chǎng)景示例

Table H.5 — Example attack paths for threat scenarios H.5-威脅場(chǎng)景的攻擊路徑示例

Table H.6 — Examples of attack feasibility rating with the attack vector-based approach H.6-基于攻擊向量方法的攻擊可行性示例評(píng)級(jí)

Table H.7 — Examples of attack feasibility rating with the attack potential-based approach H.7-基于攻擊潛力方法的攻擊可行性評(píng)級(jí)示例

Table H.8 — Risk matrix example H.8-風(fēng)險(xiǎn)矩陣示例

Table H.9 — Examples of determined risk values H.9-確定的風(fēng)險(xiǎn)值示例

Table H.10 — Example translation of impact and attack feasibility to numerical values H.10-影響和攻擊可行性轉(zhuǎn)換為數(shù)值的示例

(七)部分標(biāo)準(zhǔn)內(nèi)容(譯文僅供參考):

1.范圍本文件規(guī)定了有關(guān)道路車輛電氣和電子(E/E:electrical and electronic)系統(tǒng)(包括其部件和接口)的概念、產(chǎn)品開(kāi)發(fā)、生產(chǎn)、操作、維護(hù)和報(bào)廢的信息安全風(fēng)險(xiǎn)管理(cybersecurity risk management)工程要求。

定義了一個(gè)框架,其中包括信息安全流程的要求以及溝通和管理信息安全風(fēng)險(xiǎn)的通用語(yǔ)言。

本文件適用于在本文件出版后開(kāi)始開(kāi)發(fā)或修改的系列生產(chǎn)道路車輛E/E系統(tǒng),包括其部件和接口。

本文件未規(guī)定與信息安全相關(guān)的具體技術(shù)或解決方案。

2.規(guī)范性引用文件?ISO 26262-3:2018,Road vehicles — Functional safety — Part 3: Concept phase(道路車輛-功能安全-第3部分:概念階段)

3.術(shù)語(yǔ)、定義和縮寫(xiě)術(shù)語(yǔ)/Terms, definitions and abbreviated terms

3.1術(shù)語(yǔ)和定義在本文件中,適用以下術(shù)語(yǔ)和定義。

3.1.1

architectural design

representation that allows for identification of components (3.1.7), their boundaries, interfaces and interactions

3.1.2

asset

object that has value, or contributes to value

Note 1 to entry: An asset has one or more cybersecurity properties (3.1.20) whose compromise can lead to one or more damage scenarios (3.1.22).

3.1.3

attack feasibility

attribute of an attack path (3.1.4) describing the ease of successfully carrying out the corresponding set of actions

3.1.4

attack path

attack

set of deliberate actions to realize a threat scenario (3.1.33)

3.1.5

attacker

person, group, or organization that carries out an attack path (3.1.4)

3.1.6

audit

examination of a process to determine the extent to which the process objectives are achieved

[SOURCE: ISO 26262-1:2018 [1], 3.5, modified — The phrase “with regard to” was substituted by "to determine the extent to which" and "are achieved" was added.]

3.1.7

component

part that is logically and technically separable

3.1.8

customer

person or organization that receives a service or product

[SOURCE: ISO 9000:2015 [2], 3.2.4, modified — The phrase “could or does receive” was replaced by “receives”, the phrase “that is intended for or required by this person or organization” was omitted, and the example and note 1 to entry were omitted.]

3.1.9

cybersecurity

road vehicle cybersecurity

condition in which assets (3.1.2) are sufficiently protected against threat scenarios (3.1.33) to items (3.1.25) of road vehicles, their functions and their electrical or electronic components (3.1.7)

Note 1 to entry: In this document, for the sake of brevity, the term cybersecurity is used instead of road vehicle cybersecurity.

3.1.10

cybersecurity assessment

judgement of cybersecurity (3.1.9)

3.1.11

cybersecurity case

structured argument supported by evidence to state that risks (3.1.29) are not unreasonable

3.1.12

cybersecurity claim

statement about a risk (3.1.29)

Note 1 to entry: The cybersecurity claim can include a justification for retaining or sharing the risk.

3.1.13

cybersecurity concept

cybersecurity requirements of the item (3.1.25) and requirements on the operational environment (3.1.26), with associated information on cybersecurity controls (3.1.14)

3.1.14

cybersecurity control

measure that is modifying risk (3.1.29)

[SOURCE: ISO 31000:2018 [3], 3.8, modified — The word "cybersecurity" was added to the term, the phrase “maintains and/or” was deleted, the notes to entry were deleted.]

3.1.15

cybersecurity event

cybersecurity information (3.1.18) that is relevant for an item (3.1.25) or component (3.1.7)

3.1.16

cybersecurity goal

concept-level cybersecurity requirement associated with one or more threat scenarios (3.1.33)

3.1.17

cybersecurity incident

situation in the field that can involve vulnerability (3.1.38) exploitation

3.1.18

cybersecurity information

information with regard to cybersecurity (3.1.9) for which relevance is not yet determined

3.1.19

cybersecurity interface agreement

agreement between customer (3.1.8) and supplier concerning distributed cybersecurity activities (3.1.23)

3.1.20

cybersecurity property

attribute that can be worth protecting

Note 1 to entry: Attributes include confidentiality, integrity and/or availability.

3.1.21

cybersecurity specification

cybersecurity requirements and corresponding architectural design (3.1.1)

3.1.22

damage scenario

adverse consequence involving a vehicle or vehicle function and affecting a road user (3.1.31)

3.1.23

distributed cybersecurity activities

cybersecurity activities for the item (3.1.25) or component (3.1.7) whose responsibilities are distributed between customer (3.1.8)and supplier

3.1.24

impact

estimate of magnitude of damage or physical harm from a damage scenario (3.1.22)

3.1.25

item

component or set of components (3.1.7) that implements a function at the vehicle level

Note 1 to entry: A system can be an item if it implements a function at the vehicle level, otherwise it is a component.

[SOURCE: ISO 26262-1:2018 [1], 3.8, modified — The term “system” has been replaced by “component”, the phrases “to which ISO 26262 is applied” and “or part of a function” have been omitted and the Note 1 to entry has been replaced.]

3.1.26

operational environment

context considering interactions in operational use

Note 1 to entry: Operational use of an item (3.1.25) or a component (3.1.7) can include use in a vehicle function, in production, and/or in service and repair.

3.1.27

out-of-context

not developed in the context of a specific item (3.1.25)

EXAMPLE:

Processing unit with assumed cybersecurity requirements to be integrated in different items.

3.1.28

penetration testing

cybersecurity testing in which real-world attacks are mimicked to identify ways to compromise cybersecurity goals (3.1.16)

3.1.29

risk

cybersecurity risk

effect of uncertainty on road vehicle cybersecurity (3.1.9) expressed in terms of attack feasibility (3.1.3) and impact (3.1.24)

3.1.30

risk management

coordinated activities to direct and control an organization with regard to risk (3.1.29)

[SOURCE: ISO 31000:2018 [3], 3.2]

3.1.31

road user

person who uses a road

EXAMPLE:

Passenger, pedestrian, cyclist, motorist, or vehicle owner.

3.1.32

tailor,verb

to omit or perform an activity in a different manner compared to its description in this document

3.1.33

threat scenario

potential cause of compromise of cybersecurity properties (3.1.20) of one or more assets (3.1.2) in order to realize a damage scenario (3.1.22)

3.1.34

triage

analysis to determine the relevance of cybersecurity information (3.1.18) to an item (3.1.25) or component (3.1.7)

3.1.35

trigger

criterion for triage (3.1.34)

3.1.36

validation

/confirm/iation, through the provision of objective evidence, that the cybersecurity goals (3.1.16) of the item (3.1.25) are adequate and are achieved

[SOURCE: ISO/IEC/IEEE 15288:2015 [4], 4.1.53, modified — The phrase “requirements for a specific intended use or application have been fulfilled” has been replaced by “cybersecurity goals of the item are adequate and are achieved”, note 1 to entry has been omitted.]

3.1.37

verification

/confirm/iation, through the provision of objective evidence, that specified requirements have been fulfilled

[SOURCE: ISO/IEC/IEEE 15288:2015 [4], 4.1.54, modified — The note 1 to entry has been omitted.]

3.1.38

vulnerability

weakness (3.1.40) that can be exploited as part of an attack path (3.1.4)

[SOURCE: ISO/IEC 27000:2018 [5], 3.77, modified — The phrase “of an asset or control” has been omitted; the phrase “by one or more threats” has been replaced by “as part of an attack path”.]

3.1.39

vulnerability analysis

systematic identification and evaluation of vulnerabilities (3.1.38)

3.1.40

weakness

defect or characteristic that can lead to undesirable behaviour

EXAMPLE 1:Missing requirement or specification.

EXAMPLE 2:Architectural or design flaw, including incorrect design of a security protocol.

EXAMPLE 3:Implementation weakness, including hardware and software defect, incorrect implementation of a security protocol.

EXAMPLE 4:Flaw in the operational process or procedure, including misuse and inadequate user training.

EXAMPLE 5:Use of an outdated or deprecated function, including cryptographic algorithms.

3.2縮略語(yǔ)

縮略語(yǔ) 標(biāo)準(zhǔn)原文英文 僅供參考

CAL cybersecurity assurance level 信息安全保障級(jí)別

CVSS common vulnerability scoring system 通用脆弱性評(píng)分系統(tǒng)

E/E electrical and electronic 電氣和電子

ECU electronic control unit 電子控制單元

OBD on-board diagnostic 車載診斷

OEM original equipment manufacturer 原始設(shè)備制造商

PM permission 許可

RC recommendation 推薦

RQ requirement 要求

RASIC responsible, accountable, supporting, informed, consulted 責(zé)任、負(fù)責(zé)、支持、知情、咨詢

TARA threat analysis and risk assessment 威脅分析和風(fēng)險(xiǎn)評(píng)估

WP work product 工作成果

- End -

  1. 燃油汽車、燃?xì)馄嚨扰欧艠?biāo)準(zhǔn)更嚴(yán)格
    2023-11-30
  2. 日媒:中日有望統(tǒng)一純電動(dòng)車快速充電標(biāo)準(zhǔn)
    2023-11-30
  3. 環(huán)境部尹航:重型車排放標(biāo)準(zhǔn)實(shí)施進(jìn)展與未來(lái)動(dòng)向
    2021-09-07
  4. 達(dá)不到整車出廠品質(zhì)標(biāo)準(zhǔn)!坦克游俠下線后交付再延遲
    2021-09-06
  5. 首批特斯拉Model Y標(biāo)準(zhǔn)續(xù)航版廣深陸續(xù)交付
    2021-08-29
  6. 工信部:將適時(shí)開(kāi)展鈉離子電池標(biāo)準(zhǔn)制定,引導(dǎo)產(chǎn)業(yè)高質(zhì)量發(fā)展;京津冀燃料電池汽車示范城市群獲批;石家莊廊坊將建全國(guó)性郵政快遞樞紐
    2021-08-27
  7. 27.6萬(wàn)元!首批特斯拉ModelY標(biāo)準(zhǔn)續(xù)航版在北京交付
    2021-08-26
  8. 特斯拉:首批 Model Y 標(biāo)準(zhǔn)續(xù)航版今日交付
    2021-08-26
  9. 蔚來(lái)自動(dòng)輔助駕駛致死!李想重新定義標(biāo)準(zhǔn) 周鴻祎表態(tài)
    2021-08-17
  10. 李想呼吁統(tǒng)一自動(dòng)駕駛中文名詞標(biāo)準(zhǔn)
    2021-08-17
  11. 李想:統(tǒng)一自動(dòng)駕駛中文名詞標(biāo)準(zhǔn),避免誤解
    2021-08-17
  12. 換電重卡電池標(biāo)準(zhǔn)將統(tǒng)一?
    2021-08-15
  13. 交付期延長(zhǎng) 國(guó)產(chǎn)Model Y標(biāo)準(zhǔn)續(xù)航版需6-10周交付
    2021-08-15
  14. 比亞迪漢 EV 新增標(biāo)準(zhǔn)續(xù)航版豪華型:續(xù)航里程 506km
    2021-08-03
  15. 降價(jià)1.5萬(wàn) 特斯拉Model 3標(biāo)準(zhǔn)續(xù)航升級(jí)版售23.59萬(wàn)元
    2021-08-02