Powered by Google www.ChineseStandard.net Database: 189760 (25 May 2024)

GB/T 41578-2022 PDF in English


GB/T 41578-2022 (GB/T41578-2022, GBT 41578-2022, GBT41578-2022)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GB/T 41578-2022English170 Add to Cart 0-9 seconds. Auto-delivery. Technical requirements and test methods for cybersecurity of electric vehicle charging system Valid


Standards related to: GB/T 41578-2022

GB/T 41578-2022: PDF in English (GBT 41578-2022)

GB/T 41578-2022
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 43.020
CCS T 40
Technical requirements and test methods for cybersecurity
of electric vehicle charging system
ISSUED ON. JULY 11, 2022
IMPLEMENTED ON. FEBRUARY 01, 2023
Issued by. State Administration for Market Regulation;
Standardization Administration of the People's Republic of China.
Table of Contents
Foreword... 3 
1 Scope... 4 
2 Normative references... 4 
3 Terms and definitions... 4 
4 Abbreviation... 6 
5 Technical requirements for cybersecurity of charging system... 7 
5.1 Overview... 7 
5.2 Hardware security requirements... 7 
5.3 Software security requirements... 7 
5.4 Data security requirements... 8 
5.5 Communication security requirements... 8 
6 Test methods... 10 
6.1 Hardware security test method... 10 
6.2 Software security test method... 10 
6.3 Data security test method... 11 
6.4 Communication security test method... 11 
Technical requirements and test methods for cybersecurity
of electric vehicle charging system
1 Scope
This document specifies technical requirements and test methods for cybersecurity of
electric vehicle charging system.
This document applies to the design, development and test of cybersecurity for electric
vehicle charging system.
2 Normative references
The following referenced documents are indispensable for the application of this
document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
GB/T 5271.8-2001, Information technology - Vocabulary - Part 8.Security
GB/T 27930, Communication protocols between off-board conductive charger and
battery management system for electric vehicle
GB/T 29246-2017, Information technology - Security techniques - Information
security management systems - Overview and vocabulary
GB/T 35273-2020, Information security technology - Personal information security
specification
GB/T 37935-2019, Information security technology - Trusted computing
specification - Trusted software base
GB/T 40861-2021, General technical requirements for vehicle cybersecurity
3 Terms and definitions
For the purposes of this document, the terms and definitions defined in GB/T 29246-
2017, GB/T 37935-2019, GBT 35273-2020, GB/T 40861-2021 as well as the
followings apply.
3.1 charging system
A relevant functional system for power battery charging in electric vehicles.
NOTE 1.Also known as in-vehicle charging system.
NOTE 2.Depending on the charging method and technical architecture, the charging system may
include one or more on-board controllers [such as battery management system (BMS), on-board
charger (OBC), wireless power transfer (WPT)], or other in-vehicle communication control units
that integrate related charging functions.
3.2 important data
Based on the charging function design and risk assessment, it is identified as the
relevant data that will cause the risk of the in-vehicle charging system, including data
such as personal sensitive information and security important parameter.
3.3 personal sensitive information
Personal information that once it is leaked, illegally provided or abused, it may
endanger personal and property safety, and easily lead to personal reputation, physical
and mental health damage or discriminatory treatment.
[Source. GB/T 35273-2020, 3.2]
3.4 security important parameter
Security-related information, including secret and private keys, authentication data such
as passwords, or other cryptographic-related parameters.
[Source. GB/T 40861-2021, 3.13]
3.5 out-of-vehicle communication
Communication between the charging system and the outside of the vehicle.
NOTE. The out-of-vehicle communication includes the communication of the conductive charging
method and the communication of the non-conductive charging method.
3.6 in-vehicle communication
Communication between the controllers of the charging system and the electrical and
electronic systems in the vehicle.
NOTE. In-vehicle communication includes the in-vehicle communication based on CAN, CAN-
FD, LIN, Ethernet, and so on.
3.7 entity of root of trust
A functional module used to support the establishment and transmission of the trusted
computing platform trust chain and can provide external services such as integrity
The charging system software shall have the function of secure boot. The secure boot
feature can be protected by entity of root of trust. The root of trust, BootLoader program
and system firmware of the charging system shall meet the following requirements.
a) It cannot be tampered with;
b) If it is tampered with, the charging system cannot start normally.
5.3.2 Security log
The charging system shall have a security log function and meet the following
requirements.
a) When a security event occurs in the charging system (such as communication
authentication failure, secure boot failure), record the relevant information;
b) The security log of the charging system shall at least include the event occurrence
time (absolute time or relative time) and event type that trigger the log;
c) The charging system performs safe storage of security log. Prevent log corruption
and unauthorized addition, access, modification and deletion by non-physical
sabotage attacks. The security log can be recorded and stored in the charging
system, in other ECUs or in the cloud server.
5.4 Data security requirements
5.4.1 Data integrity
The charging system shall protect the integrity of stored important data. Protection
methods such as integrity verification mechanisms or OTP settings shall be adopted.
5.4.2 Data confidentiality
The charging system shall protect the confidentiality of stored important data.
Protection methods such as software encryption or hardware encryption shall be used.
5.5 Communication security requirements
5.5.1 Out-of-vehicle communication security
5.5.1.1 Communication connection security
The charging system with wireless charging function and plug-and-charge function
shall have an identity authentication mechanism.
5.5.1.2 Communication transmission security
When the out-of-vehicle communication involves the transmission of important data,
the following requirements shall be met.
a) The charging system uses cipher text transmission for the transmission of
important data. Conduct the test according to 6.4.1.2a). Ensure that the transmitted
data cannot be obtained in plaintext after being intercepted;
b) The charging system uses integrity check mechanism for the transmission of
important data. Conduct the test according to 6.4.1.2b). The charging system does
not respond to important data that fails the integrity verification;
c) The charging system uses anti-replay mechanism for the transmission of important
data. Conduct the test according to 6.4.1.2c). For the playback data, the charging
system can identify the important data as illegal playback data and does not
respond.
5.5.1.3 Communication interface security
The security of the communication interface of the charging system shall meet the
following requirements.
a) The communication interface has a communication instruction security
verification mechanism. Test according to 6.4.1.3a). It does not respond to
communication instructions other than the charging protocol and diagnostic
protocol specified in GB/T 27930 and the protocol specified by the OEM;
b) The DC charging communication interface does not perform software upgrade
and software calibration of the charging system and other systems in the vehicle;
c) The communication interface does not have the function of accessing the data of
the in-vehicle communication bus.
5.5.2 In-vehicle communication security
When the in-vehicle communication involves important data transmission, the
following requirements shall be met.
a) The charging system uses ciphertext transmission for the transmission of
important data. Test according to 6.4.2a). Ensure that the transmitted data cannot
be obtained in plaintext after being intercepted;
b) The charging system uses integrity verification mechanism for the transmission
of important data. Test according to 6.4.2b). The charging system does not respond
to important data that fails the integrity verification;
c) The charging system uses anti-replay mechanism for the transmission of important
data. Test according to 6.4.2c). For the playback data, the charging system can
identify the important data as illegal playback data and does not respond.
6.2.2 Security log
The security log test shall be carried out in sequence according to the following
procedures.
a) Simulate a security incident. Read logs from the logging system. Check logging;
b) Check whether the log contains the event occurrence time and event type that
triggers the log;
c) Use software debugging tools to attempt to access, modify or delete recorded
security logs.
6.3 Data security test method
6.3.1 Data integrity
Use software debugging tools to modify important data of the charging system. Monitor
whether important data is modified. If the important data is modified, monitor whether
the important data is not used by the charging system after the important data is
modified.
6.3.2 Data confidentiality
Use software debugging tools to read important data of the charging system. Monitor if
important data is being read. If important data is read, monitor whether the important
data is stored in ciphertext.
6.4 Communication security test method
6.4.1 Out-of-vehicle communication security
6.4.1.1 Communication connection security
Use the test equipment to simulate the charging equipment connected to the out-of-
vehicle communication network of the charging system. Monitor whether the charging
system only starts the charging function for the communication device that has passed
the identity authentication.
6.4.1.2 Communication transmission security
When conducting the test of communication transmission security, connect the test
equipment to the out-of-vehicle communication network of the charging system and
proceed in sequence according to the following procedures.
a) Obtain the transferred data. Check if important data is transmitted over the
network in ciphertext;
......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.