Automotive Gateway Cybersecurity Testing

Automotive Gateway Cybersecurity Testing
Details:
GB/T 40857-2021 is one of the first basic national standards in the field of information security for the automotive industry, providing technical guidance for improving the level of information security protection technology for automotive gateways. Based on its more than ten years of automotive industry testing experience, GRGTEST has deeply participated in the testing of multiple OEM, Tier1, and Tier2 intelligent connected automotive products and can provide gateway information security testing technology services to customers.
Send Inquiry
Download
Description
Technical Parameters

Service Content

 

GRGTEST can provide a complete set of information security testing services for hardware, communication, firmware, and data of automotive gateway products in accordance with the requirements of GB/T 40857-2021, including
1. Hardware information security
2. Communication information security

  • Communication Information Security of CAN Gateway
  • Ethernet Gateway Communication Information Security
  • Hybrid Gateway Communication Information Security

3. Firmware Information Security
4. Data information security

 

Service Coverage

 

The test object based on the GB/T 40857 standard is the automotive gateway, also known as the central gateway, which is an electronic control unit primarily used for safe and reliable data forwarding and transmission between multiple networks within the vehicle.

 

product-650-433

 

Service Items

 

GRGTEST can provide information security testing technology services for gateway hardware, communication, firmware, and data. Information security testing is carried out through ARP spoofing attacks, IP spoofing attacks, IP address scanning, port scanning, CAN data frame flooding attacks, CAN network scanning, and other methods to provide technical support for the design, research and development, testing, and evaluation of automotive gateway products, ensuring that product information security meets the requirements of GB/T 40857 standard.

 

Inspection Type

Main Test Items

Hardware Information Security Test

Debugging interface exposure

Communication Information Security Test

CAN gateway communication information security

Ethernet gateway communication information security

 

Hybrid gateway communication information security

 

Firmware Information Security

Safe startup (models a-c)

Security log (d-i version)

 

Security vulnerabilities (clause j)

 

Data Information Security

Data Information Security

 

Test Cycle

 

Assess and determine the actual service cycle based on the project situation.

 

product-1050-433

 

Service Background

 

In the era of smart cars, more and more car manufacturers are experiencing data breaches and accidents where vehicles are controlled by hackers, which puts forward compliance requirements for information security for car manufacturers. As a key ECU for controlling vehicle communication, the gateway is often the core component that hackers or penetration testers focus on. The security risks of the gateway may directly threaten driving safety and even personal safety. The construction of regulations and standards related to automotive information security has also developed rapidly. On October 11, 2021, the National Standardization Administration released the GB/T 40857-2021 "Technical Requirements and Test Methods for Automotive Gateway Information Security" standard, which is the first basic national standard in the field of information security in the automotive industry. It will provide technical guidance for improving the information security protection technology level of the entire vehicle and its components. This standard specifies the information security technical requirements and testing methods for hardware, communication, firmware, and data of automotive gateway products.

 

Our Advantages

 

Complete hardware support

With a dedicated laboratory room of over 1000 square meters and dozens of testing tools, including mainstream static and dynamic testing tools, commonly used performance testing tools, vulnerability scanning tools, and a complete set of FPGA tools.

 

High end personnel team

A group of comprehensive talents with rich technical and management experience in software project management, quality assurance, lean measurement, software evaluation, etc. have been gathered. All testing personnel have undergone systematic training and regularly participate in relevant ability comparisons to ensure the scientificity and impartiality of testing and evaluation results,

 

Leading technical capabilities

Combining years of software evaluation experience, continuously iterating and updating the testing and training system based on the Lean Competency Roadmap, we have built testing level testing capabilities and multiple professional technical capabilities throughout the software lifecycle.

 

National Service Network

Relying on the GRGTEST National Service Platform, it can quickly respond to enterprise needs and provide on-site testing services nearby.

 

 

Hot Tags: automotive gateway cybersecurity testing, China automotive gateway cybersecurity testing service provider

Send Inquiry