没有合适的资源?快使用搜索试试~ 我知道了~
JasPar 规范-ECU Penetration Test Guide
需积分: 0 1 下载量 130 浏览量
2024-01-19
13:49:24
上传
评论
收藏 1.07MB PDF 举报
温馨提示
试读
35页
本技术文档是管理车内 ECU 渗透测试的指南。 具有车辆网络通信功能的 ECU 预计将在未来的联网和自主车辆上共享。 由于对更少的漏洞的严格要求,这种 ECU 是渗透测试的主要目标。 对于乍一看似乎不需要信息安全措施的 ECU ,请在了解要求的背景后确定是否有必要应用渗透测试指南。
资源推荐
资源详情
资源评论
JASPAR Technical Document: TD-CST-4
Copyrights for this document belong to the General Incorporated Association JASPAR.
Unauthorized copying or reproduction is prohibited by copyright.
Issued on April 10, 2020
Cybersecurity Technical WG
TD-CST-4
ECU Penetration Test Guide
Ver. 1.0
General Incorporated
Association JASPAR
ECU Penetration Test Guide Ver. 1.0 JASPAR Technical Document: TD-CST-4
- 2 -
Unauthorized copying or reproduction is prohibited by copyright law.
JASPAR uses Japanese as its official language. This document is a translated version of the original Japanese one.
Please note that the Japanese version prevails on others for every difference in contents and/or interpretation among
them.
This English translation is for an informational purpose only and there is absolutely no guarantee regarding its contents.
For your research and development purpose, always use the Japanese version as the reference.
ECU Penetration Test Guide Ver. 1.0 JASPAR Technical Document: TD-CST-4
- 3 -
Unauthorized copying or reproduction is prohibited by copyright law.
Revision History
Date
Version
Details
2020/4/10
1.0
First Edition
ECU Penetration Test Guide Ver. 1.0 JASPAR Technical Document: TD-CST-4
- 4 -
Unauthorized copying or reproduction is prohibited by copyright law.
WG Membership List
Role
Name
Company
Chairperson
HASHIMOTO Hiroshi
Honda R&D Co., Ltd.
Vice-chairperson
NADEHARA Kouhei
DENSO Corporation
Team leader
KOBAYASHI Hiroshi
Honda R&D Co., Ltd.
Members
MATSUI Takeshi
Toyota Motor Corporation
OZAKI Akira
KOGA Yoichi
Nissan Motor Co., Ltd.
ISHII Yasuyuki
SHIMADA Nobuyuki
Mazda Motor Corporation
SEKI Shunichi
SUBARU CORPORATION
DOI Motoki
AISIN AW CO., LTD.
WATANABE Kenichiro
FUTAGAMI Kisei
DENSO Corporation
TAKAHASHI Kenichi
TOKAIRIKA,CO, LTD.
SHIMIZU Norihiro
MIZOGUCHI Seiichiro
DNV GL BUSINESS ASSURANCE JAPAN K.K.
TAKEMORI Keisuke
NAKAYAMA Kenji
Toppan Printing Co., Ltd.
OMORI Takeshi
Nihon Synopsys G.K.
WAGATSUMA Masaaki
MAEKAWA Yosuke
Yazaki Corporation
NODA Kazutoshi
TSUNODA Sho
LAC Co., Ltd.
TANAKA Yuki
OKUYAMA Ken
PwC Consulting LLC
KAMEI Kei
WAGURI Naohide
ECU Penetration Test Guide Ver. 1.0 JASPAR Technical Document: TD-CST-4
- 5 -
Unauthorized copying or reproduction is prohibited by copyright law.
Contents
1. Introduction............................................................................................................................................................. 6
2. Background and purpose of this document ............................................................................................................ 9
2.2.1. Objective of the penetration test ............................................................................................................... 10
2.2.2. Target of the penetration test .................................................................................................................... 11
2.2.3. When to conduct a penetration test .......................................................................................................... 11
2.2.4. Members involved in the penetration test ................................................................................................. 11
3. Processes and activities of penetration testing ...................................................................................................... 13
3.1.1. Making a test plan ................................................................................................................................... 13
3.1.2. Information gathering .............................................................................................................................. 16
3.1.3. Test team building ................................................................................................................................... 16
3.2.1. Agreeing on the test execution plan ......................................................................................................... 17
3.2.2. Preparation for test execution .................................................................................................................. 18
3.3.1. Test execution ......................................................................................................................................... 19
3.4.1. Reporting vulnerabilities and risk levels ................................................................................................... 20
3.4.2. Presenting proposed countermeasures ...................................................................................................... 20
3.4.3. Reporting details of the test execution ...................................................................................................... 21
3.4.4. Agreeing on the final report ..................................................................................................................... 21
3.5.1. Test results assessment ............................................................................................................................ 22
3.5.2. Vulnerability treatment decision .............................................................................................................. 22
3.5.3. Managing the implementation of vulnerability treatment .......................................................................... 23
4. Components of the penetration test ...................................................................................................................... 24
剩余34页未读,继续阅读
资源评论
落叶成花
- 粉丝: 269
- 资源: 9
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功