Information Security Testing and Evaluation of Intelligent Connected Vehicle
At the "2019 4th Annual China Automotive Cyber Security Summit", organized by GRCC, Mr. Zhang Nan from the China Automotive Technology and Research Center, Intelligent Network and Information Security Minister, told us about the intelligent network of automotive information security testing and evaluation research.
First of all, Mr. Zhang believes that intelligent network communication car information security is not 100% safe, there is no standard in the security field. Compared with traditional cars, the automotive network architecture is undergoing tremendous changes, and the development trend of automotive technology will inevitably lead to information security issues with life. The networking, intelligence and electrification of automobiles will have a corresponding impact on vehicle information security.
In the automotive network: the computer and networking systems used have followed the previous computer and network architecture, and also inherited the natural flaws of these systems. The number of intercommunication between the in-vehicle information system and the outside world has increased, and more related to the privacy of users.
In the car intelligence: the first program is complicated, at least 100+ ECU runs 6000+ million lines of code, while unmanned driving requires more than 200 million lines of code. The second intelligent control of safety issues, car perception, decision-making, control will be replaced by machines to control the operation of the car. Information security is not only an economic loss, but also a social security issue.
In the car electrification: the PLC circuit of the charging pile control module is connected to the management system via Ethernet, and there is no protection inside the entire network. On the battery management system, the performance of the electric vehicle is affected by attacking the control algorithm of the EMS.
Then Zhang Zong proposed the automotive information security technology system. Information security is one of the four supporting systems for intelligent driving, and its penetration rate is extremely high. Information security is constantly changing with the timeliness of information. It is not static, and it is not safe to reach a certain standard.
Finally, Mr. Zhang introduced us to the evaluation of automotive information security tests based on the full life cycle. From in-vehicle information service security (including APP, cloud, T-BOX, OTA/FOTA), vehicle network security (including bus system, IVI, car Ethernet), communication security (including V2X, TMPS, RKE data communication), outside Safety (including USB, CDRM, SD, charging pile), ADAS security (including millimeter wave radar, ultrasonic radar, laser wave radar, vision sensor) and other five aspects of automotive information security evaluation. Steps such as functional testing, performance testing, conformance testing, and safety evaluation to ensure the safety of automotive information. And for us to show the company's case and research data on the intelligent network of automotive information security test evaluation.