T/JSIA 0002-2024
Security technical requirements and test methods for passenger cars hardware fingerprint authenticator of CAN bus (English Version)

Standard No.
T/JSIA 0002-2024
Language
Chinese, Available in English version
Release Date
2024
Published By
Group Standards of the People's Republic of China
Latest
T/JSIA 0002-2024
 

Scope
6 Technical Requirements 6.1 Hardware Information Security Requirements The authentication device should not contain backdoors or hidden interfaces. Debug interfaces should be disabled or secured with a secure access control, and the specific handling method should follow the provisions of GB/T 40857—2021, section 6.1. 6.2 Firmware Information Security Requirements 6.2.1 Secure Boot The authentication device shall have the capability for secure boot. It can protect the trusted root used for secure boot through a trusted root entity. The specific handling method should follow the provisions of GB/T 40857—2021, section 6.3.1. 6.2.2 Security Log If the authentication device has security log capabilities, it shall meet the following requirements: a) It shall comply with the test specifications in GB/T 40857—2021, section 7.3 d), e), and f). When the authentication device detects an unauthenticated CAN device, a software configuration change occurs on the authentication device, or the authentication device fails to validate its software integrity, it shall record relevant information. b) It shall comply with the test specifications in GB/T 40857—2021, section 7.3 g). The security log of the authentication device should at least include the event trigger time (absolute or relative time), event type, and vehicle unique identifier. c) It shall comply with the test specifications in GB/T 40857—2021, section 7.3 h). The authentication device shall securely store the security log to prevent destruction of log records under non-physical attack scenarios while also preventing unauthorized addition, access, modification, and deletion. The location for storing the secure log may be within the authentication device, another ECU (Electronic Control Unit), or a cloud server. d) It shall comply with the test specifications in GB/T 40857—2021, section 7.3 i). The security log of the authentication device should not contain any form of personally identifiable information. 6.2.3 Security Vulnerability The handling method for security vulnerabilities should follow the provisions of GB/T 40857—2021, section 6.3.3. 6.3 Data Information Security Requirements Security-critical parameters in the authentication device shall be stored and processed securely to prevent unauthorized access, modification, deletion, or retrieval. The specific handling method should follow the provisions of GB/T 40857—2021, section 6.4. 6.4 Authentication Information Security Requirements 6.4.1 CAN Frame Identifier Extraction The authentication device shall be capable of distinguishing signals on various CAN networks based on data frame identifiers and extracting CAN data frame identifiers (CANID) as one criterion for legitimacy verification.

T/JSIA 0002-2024 history

  • 2024 T/JSIA 0002-2024 Security technical requirements and test methods for passenger cars hardware fingerprint authenticator of CAN bus
  • 2023 T/JSIA 0002-2023 Data access specification for electric power meteorological public service platform
  • 2022 T/JSIA 0002-2022 Energy big data——Guidelines for data catalog
  • 2021 T/JSIA 0002-2021 Evaluation Specifications for Blockchain Industry Development Agglomeration Areas in Jiangsu Province
  • 2020 T/JSIA 0002-2020 Basic Technology Specification of Blockchain
  • 2019 T/JSIA 0002-2019 Evaluation Specifications for Internet Maker Parks in Jiangsu Province
  • 2017 T/JSIA 0002-2017 Evaluation Specification for Big data Industrial Park in Jiangsu Province

Standard and Specification




Copyright ©2025 All Rights Reserved