【免费】JasPar规范-ECUVulnerabilityTestRequirements资源-CSDN文库

需积分: 0 110 浏览量 2024-01-19 13:51:38 上传评论收藏 777KB PDF 举报

资源推荐

资源详情

资源评论

JASPAR Standards Document: ST-CST-1 Ver.1.1

Copyrights for this document belong to the General Incorporated Association JASPAR.

Unauthorized copying or reproduction is prohibited by copyright.

Issued on May 15, 2019

Cybersecurity Technical WG

General Incorporated Association JASPAR

ST-CST-1

ECU Vulnerability Test Requirements

Ver.1.1

ECU Vulnerability Test Requirements Ver.1.1    JASPAR Standards Document: ST-CST-1 
 
 
- 4 - 
Unauthorized copying or reproduction is prohibited by copyright. 
 
 
Contents 
  Introduction ................................................................................................................................................................. 5 
  Disclaimer ............................................................................................................................................................. 5 
  Scope of application .............................................................................................................................................. 5 
  Referenced standards ............................................................................................................................................ 5 
1.3.1  Related documents ................................................................................................................................ 5 
1.3.2  References ............................................................................................................................................ 5 
  Description of terms .............................................................................................................................................. 6 
1.4.1  Definition of terms ................................................................................................................................ 6 
1.4.2  Definition of abbreviations ................................................................................................................... 6 
  Notes on patents .................................................................................................................................................... 7 
  Notes on copyrights .............................................................................................................................................. 7 
  Vulnerability testing in this document ....................................................................................................................... 8 
  Definition of vulnerability test .............................................................................................................................. 8 
  Position of vulnerability tests in the development process.................................................................................... 8 
  Vulnerability tests given in other standards and guidelines .................................................................................. 9 
  Vulnerability test requirements ................................................................................................................................ 10 
  In applying vulnerability test requirements ......................................................................................................... 10 
  Classifications of vulnerability test requirements ............................................................................................... 10 
  Structure of vulnerability test requirements ........................................................................................................ 11 
  List of vulnerability test requirements ................................................................................................................ 12 
3.4.1  Hardware ............................................................................................................................................ 12 
3.4.2  Network .............................................................................................................................................. 12 
3.4.3  Application ......................................................................................................................................... 14 
  Vulnerability test requirement details ................................................................................................................. 15 
3.5.1  Hardware ............................................................................................................................................ 15 
3.5.2  Network .............................................................................................................................................. 18 
3.5.3  Application ......................................................................................................................................... 46 
 
   

ECU Vulnerability Test Requirements Ver.1.1 JASPAR Standards Document: ST-CST-1

- 5 -

Unauthorized copying or reproduction is prohibited by copyright.

Introduction

Disclaimer

General Incorporated Association JASPAR (JASPAR hereafter) is not responsible for revision of this document

due to any changes occurring in sections referenced in this document. Also, JASPAR is not responsible for any issues

that may occur in the implementation of these standards.

Scope of application

This standards document defines test requirements for vulnerability testing for in-vehicle ECUs installed in the

vehicles expected in the near future, such as those connected to the Internet and autonomous cars.

Based on the understanding of the background of these requirements, the readers select vulnerability test for testing

the ECU, even if the reader identified it as an ECU having no-relevance with cyber-security at first glance.

Referenced standards

1.3.1 Related documents

The following table shows industry standards in the creation of this document.

Table 1-1: Referenced standards (Industry standards)

Standard

Issued by

Issued on

Version

JASPAR Information Security ECU Design

Requirements Definitions Document Ver.1.0

JASPAR Cybersecurity Promotion

Working Group

2018.6.15

Ver 1.0

Draft Recommendation on Cyber

Security of the Task Force on Cyber

Security and Over-the-air issues of

UNECE WP.29 GRVA

United Nations, Economic

Commission for Europe

2018.9.20

TFCS-13

-18

Cybersecurity Guidebook for

Cyber-Physical Vehicle Systems

J3061

SAE International

2016.10.14

2016-01

1.3.2 Referenced URLs

The following table shows URLs of documents referenced in the creation of this document.

Table 1-2: Referenced URLs (References)

Reference

Overview

Reference source

OWASP

OWASP (Open Web Application Security Project): A

nonprofit foundation that collects and distributes

information about web security, application security, and

vulnerability assessments.

https://www.owasp.org/index.php/Japan

CMVP

CMVP (Cryptographic Module Validation Program): A U.S.

and Canadian joint project on cryptographic modules

https://csrc.nist.gov/projects/cryptographic-

module-validation-program

CWE

CWE (Common Weakness Enumeration)

https://cwe.mitre.org/data/index.html

CVE

CVE (Common Vulnerabilities and Exposures)

https://cve.mitre.org/

CAPEC

CAPEC (Common Attack Path Enumeration and

Classification)

https://capec.mitre.org/data/

* Reference URLs are as of April 1, 2019.

剩余52页未读，继续阅读

评论收藏

内容反馈

落叶成花

粉丝: 260
资源: 9

JasPar规范-ECU Vulnerability Test Requirements

最新资源

JasPar规范-ECU Vulnerability Test Requirements

JasPar 规范-ECU Penetration Test Guide

JasPar 规范-Requirements Specification for Message Authentication

JasPar规范-Requirements Definition of Secure boot Function

JasPar-OTA Master Software Update Compliance Test Specification

jaspar-bioruby:JASPAR的BioRuby宝石

JASPAR数据库使用教程.pdf

TFBS_extraction_from_JASPAR：访问JASPAR API

PWMScan:基于 Web 的全基因组位置权重矩阵 (PWM) 扫描仪-开源

基于位置关联性打分方程的人类转录因子结合位点的预测* (2009年)

BurpLoaderKeygen.jar.zip

最新版ISO/IEC 27001:2022、ISO 27002:2022中英文合集

Goby红队版-win-x64-2.4.7版本

Chrome Header Editor 插件

ISO SAE 21434-2021 中文版.pdf

OpenVAS GVM 中文翻译补丁

安全认证cisp教材全套

STM32F103C8T6核心板-电路原理图1.PDF

软件工程导论(第六版)课后习题答案1

现代永磁同步电机控制原理及MATLAB仿真__袁雷编著1

goby红队&社区版-win-64-2.4.7

OpenVAS离线资源

全面的安全基线核查清单

2023年最全最精简wifi密码字典(2.6G)

hackbar2.1.3-master安装包

Kali安装burpsuite专业版

CISP、NISP二级、CISE题库最新版（2024年1月更新）

关于STM32F103C8T6芯片的一些重要引脚功能的整理1

UN R155 信息安全法规 中英文版

最新资源

UN R155 信息安全法规中英文版