Service Content
GRGTEST can provide a complete set of information security testing services for hardware, communication, firmware, and data of automotive gateway products in accordance with the requirements of GB/T 40857-2021, including
1. Hardware information security
2. Communication information security
- Communication Information Security of CAN Gateway
- Ethernet Gateway Communication Information Security
- Hybrid Gateway Communication Information Security
3. Firmware Information Security
4. Data information security
Service Coverage
The test object based on the GB/T 40857 standard is the automotive gateway, also known as the central gateway, which is an electronic control unit primarily used for safe and reliable data forwarding and transmission between multiple networks within the vehicle.

Service Items
GRGTEST can provide information security testing technology services for gateway hardware, communication, firmware, and data. Information security testing is carried out through ARP spoofing attacks, IP spoofing attacks, IP address scanning, port scanning, CAN data frame flooding attacks, CAN network scanning, and other methods to provide technical support for the design, research and development, testing, and evaluation of automotive gateway products, ensuring that product information security meets the requirements of GB/T 40857 standard.
|
Inspection Type |
Main Test Items |
|
Hardware Information Security Test |
Debugging interface exposure |
|
Communication Information Security Test |
CAN gateway communication information security |
|
Ethernet gateway communication information security |
|
|
Hybrid gateway communication information security |
|
|
Firmware Information Security |
Safe startup (models a-c) |
|
Security log (d-i version) |
|
|
Security vulnerabilities (clause j) |
|
|
Data Information Security |
Data Information Security |
Test Cycle
Assess and determine the actual service cycle based on the project situation.

Service Background
In the era of smart cars, more and more car manufacturers are experiencing data breaches and accidents where vehicles are controlled by hackers, which puts forward compliance requirements for information security for car manufacturers. As a key ECU for controlling vehicle communication, the gateway is often the core component that hackers or penetration testers focus on. The security risks of the gateway may directly threaten driving safety and even personal safety. The construction of regulations and standards related to automotive information security has also developed rapidly. On October 11, 2021, the National Standardization Administration released the GB/T 40857-2021 "Technical Requirements and Test Methods for Automotive Gateway Information Security" standard, which is the first basic national standard in the field of information security in the automotive industry. It will provide technical guidance for improving the information security protection technology level of the entire vehicle and its components. This standard specifies the information security technical requirements and testing methods for hardware, communication, firmware, and data of automotive gateway products.
Our Advantages
Complete hardware support
With a dedicated laboratory room of over 1000 square meters and dozens of testing tools, including mainstream static and dynamic testing tools, commonly used performance testing tools, vulnerability scanning tools, and a complete set of FPGA tools.
High end personnel team
A group of comprehensive talents with rich technical and management experience in software project management, quality assurance, lean measurement, software evaluation, etc. have been gathered. All testing personnel have undergone systematic training and regularly participate in relevant ability comparisons to ensure the scientificity and impartiality of testing and evaluation results,
Leading technical capabilities
Combining years of software evaluation experience, continuously iterating and updating the testing and training system based on the Lean Competency Roadmap, we have built testing level testing capabilities and multiple professional technical capabilities throughout the software lifecycle.
National Service Network
Relying on the GRGTEST National Service Platform, it can quickly respond to enterprise needs and provide on-site testing services nearby.
Hot Tags: automotive gateway cybersecurity testing, China automotive gateway cybersecurity testing service provider







