HOME   Cart(0)   Quotation   About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189759 (12 Oct 2025)

GB/T 41578-2022 PDF English

US$170.00 · In stock · Download in 9 seconds
GB/T 41578-2022: Technical requirements and test methods for cybersecurity of electric vehicle charging system
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid
Standard IDContents [version]USDSTEP2[PDF] deliveryName of Chinese StandardStatus
GB/T 41578-2022English170 Add to Cart 0-9 seconds. Auto-delivery Technical requirements and test methods for cybersecurity of electric vehicle charging system Valid

Excerpted PDFs (Download full copy in 9 seconds upon purchase)

PDF Preview: GB/T 41578-2022
      

Similar standards

GB/T 41796   GB/T 41797   GB/T 41901.1   GB/T 45415   

GB/T 41578-2022: Technical requirements and test methods for cybersecurity of electric vehicle charging system


---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT41578-2022
NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 43.020 CCS T 40 Technical requirements and test methods for cybersecurity of electric vehicle charging system Issued on. JULY 11, 2022 Implemented on. FEBRUARY 01, 2023 Issued by. State Administration for Market Regulation; Standardization Administration of the People's Republic of China.

Table of Contents

Foreword... 3 1 Scope... 4 2 Normative references... 4 3 Terms and definitions... 4 4 Abbreviation... 6 5 Technical requirements for cybersecurity of charging system... 7 5.1 Overview... 7 5.2 Hardware security requirements... 7 5.3 Software security requirements... 7 5.4 Data security requirements... 8 5.5 Communication security requirements... 8 6 Test methods... 10 6.1 Hardware security test method... 10 6.2 Software security test method... 10 6.3 Data security test method... 11 6.4 Communication security test method... 11

1 Scope

This document specifies technical requirements and test methods for cybersecurity of electric vehicle charging system. This document applies to the design, development and test of cybersecurity for electric vehicle charging system.

2 Normative references

The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. GB/T 5271.8-2001, Information technology - Vocabulary - Part 8.Security GB/T 27930, Communication protocols between off-board conductive charger and battery management system for electric vehicle GB/T 29246-2017, Information technology - Security techniques - Information security management systems - Overview and vocabulary GB/T 35273-2020, Information security technology - Personal information security specification GB/T 37935-2019, Information security technology - Trusted computing specification - Trusted software base GB/T 40861-2021, General technical requirements for vehicle cybersecurity

3 Terms and definitions

For the purposes of this document, the terms and definitions defined in GB/T 29246- 2017, GB/T 37935-2019, GBT 35273-2020, GB/T 40861-2021 as well as the followings apply. 3.1 charging system A relevant functional system for power battery charging in electric vehicles. 3.2 important data Based on the charging function design and risk assessment, it is identified as the relevant data that will cause the risk of the in-vehicle charging system, including data such as personal sensitive information and security important parameter. 3.3 personal sensitive information Personal information that once it is leaked, illegally provided or abused, it may endanger personal and property safety, and easily lead to personal reputation, physical and mental health damage or discriminatory treatment. 3.4 security important parameter Security-related information, including secret and private keys, authentication data such as passwords, or other cryptographic-related parameters. 3.5 out-of-vehicle communication Communication between the charging system and the outside of the vehicle. method and the communication of the non-conductive charging method. 3.6 in-vehicle communication Communication between the controllers of the charging system and the electrical and electronic systems in the vehicle.

4 Abbreviation

The following abbreviations apply to this document. BGA. Ball Grid Array BMS. Battery Management System CAN. Controller Area Network CAN-FD. CAN with Flexible Data-rate ECU. Electronic Control Unit JTAG. Joint Test Action Group TCM. Trusted Cryptography Module TPM. Trusted Platform Module TPCM. Trusted Platform Control Module USB. Universal Serial Bus UART. Universal Asynchronous Receiver/Transmitter WPT. Wireless Power Transfer

5 Technical requirements for cybersecurity of charging system

5.1 Overview The cybersecurity of charging system includes hardware security, software security, data security and communication security. Communication security includes out-of- vehicle communication and in-vehicle communication. 5.2 Hardware security requirements The system hardware meets the following requirements. 5.3 Software security requirements 5.3.1 Secure boot The charging system software shall have the function of secure boot. The secure boot feature can be protected by entity of root of trust. The root of trust, BootLoader program and system firmware of the charging system shall meet the following requirements. a) It cannot be tampered with; b) If it is tampered with, the charging system cannot start normally. 5.3.2 Security log The charging system shall have a security log function and meet the following requirements. a) When a security event occurs in the charging system (such as communication authentication failure, secure boot failure), record the relevant information; 5.4 Data security requirements 5.4.1 Data integrity The charging system shall protect the integrity of stored important data. Protection methods such as integrity verification mechanisms or OTP settings shall be adopted. 5.4.2 Data confidentiality The charging system shall protect the confidentiality of stored important data. Protection methods such as software encryption or hardware encryption shall be used. 5.5 Communication security requirements 5.5.1 Out-of-vehicle communication security 5.5.2 In-vehicle communication security When the in-vehicle communication involves important data transmission, the following requirements shall be met. a) The charging system uses ciphertext transmission for the transmission of important data. Test according to 6.4.2a). Ensure that the transmitted data cannot be obtained in plaintext after being intercepted;

6 Test methods

6.1 Hardware security test method The hardware security test shall be carried out in sequence according to the following procedures. a) Check the chip manual to analyze whether the key chips of the charging system have adopted necessary measures (such as using BGA/LGA and other packaged chips) to reduce exposed pins; b) Analyze and evaluate whether there are exposed debug interfaces (such as JTAG interface, USB interface, UART interface, SPI interface). If they exist, evaluate whether the debugging interface has an authentication verification mechanism; c) Use the bus tool to connect the DC charging communication network and the in- vehicle network separately and obtain their communication data at the same time. Check whether there is any difference in the communication data between the two. 6.2 Software security test method 6.2.1 Secure boot The secure boot test includes the tamper-proof test of root-of-trust, Bootloader program verification test of charging system, and firmware verification test of charging system. The secure boot test shall be carried out in sequence according to the following procedures. 6.2.2 Security log The security log test shall be carried out in sequence according to the following procedures. a) Simulate a security incident. Read logs from the logging system. Check logging; b) Check whether the log contains the event occurrence time and event type that triggers the log; c) Use software debugging tools to attempt to access, modify or delete recorded security logs. 6.3 Data security test method 6.3.1 Data integrity Use software debugging tools to modify important data of the charging system. Monitor whether important data is modified. If the important data is modified, monitor whether the important data is not used by the charging system after the important data is modified. 6.3.2 Data confidentiality Use software debugging tools to read important data of the charging system. Monitor if important data is being read. If important data is read, monitor whether the important data is stored in ciphertext. 6.4 Communication security test method 6.4.1 Out-of-vehicle communication security 6.4.1.1 Communication connection security Use the test equipment to simulate the charging equipment connected to the out-of- vehicle communication network of the charging system. Monitor whether the charging system only starts the charging function for the communication device that has passed the identity authentication. 6.4.1.2 Communication transmission security When conducting the test of communication transmission security, connect the test equipment to the out-of-vehicle communication network of the charging system and proceed in sequence according to the following procedures. 6.4.1.3 Communication interface security The test of the communication interface security shall be carried out in sequence according to the following procedures. 6.4.2 In-vehicle communication security Connect the test equipment to the in-vehicle communication network connected to the charging system. Carry out the in-vehicle communication security test of the charging system in sequence according to the following procedures. a) Obtain the transferred data. Check if important data is transmitted over the network in ciphertext; b) Send important data that has been tampered with, deleted or inserted. Monitor how the charging system responds to this important data; c) Obtain the transmitted communication data. Then replay the acquired communication data. Monitor the identification and response of the charging system to this important data. ......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.


      

Tips & Frequently Asked Questions

Question 1: How long will the true-PDF of English version of GB/T 41578-2022 be delivered?

Answer: The full copy PDF of English version of GB/T 41578-2022 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.

Question 2: Can I share the purchased PDF of GB/T 41578-2022_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 41578-2022_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. www.ChineseStandard.us -- GB/T 41578-2022 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

How to buy and download a true PDF of English version of GB/T 41578-2022?

A step-by-step guide to download PDF of GB/T 41578-2022_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).
Step 2: Search keyword "GB/T 41578-2022".
Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart.
Step 4: Select payment option (Via payment agents Stripe or PayPal).
Step 5: Customize Tax Invoice -- Fill up your email etc.
Step 6: Click "Checkout".
Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively.
Step 8: Optional -- Go to download PDF.
Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice.
See screenshots for above steps: Steps 1~3    Steps 4~6    Step 7    Step 8    Step 9