1
/
의
7
PayPal, credit cards. Download editable-PDF and invoice in 1 second!
MIIT5-2022 English PDF
MIIT5-2022 English PDF
정가
$415.00 USD
정가
할인가
$415.00 USD
단가
/
단위
배송료는 결제 시 계산됩니다.
픽업 사용 가능 여부를 로드할 수 없습니다.
Delivery: 3 seconds. Download true-PDF + Invoice.
Get Quotation: Click MIIT5-2022 (Self-service in 1-minute)
Historical versions (Master-website): MIIT5-2022
Preview True-PDF (Reload/Scroll-down if blank)
MIIT5-2022: Guidelines for the Construction of the Internet of Vehicles Network and Data Security Standard System
MIIT5-2022
Ministry of Industry and Information Technology
[2022] No. 5
Guidelines for the construction of internet of vehicles
network security and data security standard system
Issued by: General Office of the Ministry of Industry and Information
Technology, PRC
February 25, 2022
Table of Contents
Foreword ... 3
1 General requirements ... 4
I. Guiding ideology ... 4
II. Basic principles ... 4
III. Construction goals ... 5
2 Main contents ... 5
I. Framework diagram of the standard system ... 5
II. Key areas and directions ... 7
1) General and basic common standards ... 7
2) Terminal and facility cybersecurity standards ... 7
3) Network communication security standards ... 8
4) Data security standards ... 8
5) Application service security standards ... 9
6) Security assurance and support standards ... 9
3 Organization and Implementation ... 10
Appendix List of standards related to Internet of Vehicles network security and data
security ... 12
Guidelines for the construction of internet of vehicles
network security and data security standard system
1 General requirements
I. Guiding ideology
It is guided by Xi Jinping Thought on Socialism with Chinese Characteristics for a New
Era. It fully implements the spirit of the 19th CPC National Congress and all previous
plenary sessions of the 19th CPC Central Committee. It seriously implements the
decisions and arrangements of the CPC Central Committee and the State Council. It
coordinates development and security. It focuses on the security needs of the Internet
of Vehicles industry and strengthens the top-level design of Internet of Vehicles network
security and data security standards. It pays attention to the connection with the Internet
of Vehicles-related standard systems. It increases the effective supply of standards. It
strengthens the application and implementation of standards. It accelerates the
construction of a systematic, scientific and standardized Internet of Vehicles network
security and data security standard system. It gives full play to the guiding and
normative role of standards in the safe and healthy development of the Internet of
Vehicles industry.
II. Basic principles
Demand-oriented and jointly promoted. Closely align with the urgent needs of the
Internet of Vehicles industry for network security and data security. Encourage all links
in the industrial chain such as complete vehicles and key equipment, Internet of
Vehicles service platforms, information communications, network security, and all
parties in production, education, research and application to strengthen cooperation.
Jointly promote the development and implementation of cross-industry and cross-field
standards. Continuously improve the quality and efficiency of standards.
Focus on key points and prioritize urgent needs. Focus on key areas such as the
network security of vehicle networking terminals and facilities, network
communication security, data security, application service security, security assurance
and support. Focus on increasing the effective supply of basic general, common
technologies, test methods, typical applications and other standards urgently needed by
the industry. Cover the key areas and key links of network security and data security of
vehicle networking.
Openness, integration and deepening of cooperation. In light of the current status of
II. Key areas and directions
1) General and basic common standards
The overall and basic common standards are the overall, general and guiding standards
for the network security and data security of the Internet of Vehicles, including three
types of standards: terminology and definitions, overall architecture, and cryptographic
applications.
The terminology and definition standards mainly regulate the main concepts of Internet
of Vehicles network security and data security, providing a basis for the terms and
definitions in related standards.
The overall architecture standard mainly regulates the overall architecture requirements
of the Internet of Vehicles network security. It clarifies and defines the protection
objects, protection methods, and protection mechanisms. It guides enterprises to carry
out network security protection work in a systematic manner.
The cryptographic application standard mainly regulates the general requirements for
the cryptographic application of the Internet of Vehicles. It clarifies the requirements
for digital certificate format, digital certificate application, and device cryptographic
application.
2) Terminal and facility cybersecurity standards
The terminal and facility network security standards mainly regulate the network
security requirements related to Internet of Vehicles terminals and infrastructure,
including four types of standards: network security of on-board equipment, network
security of vehicle-side equipment, network security of roadside communication
equipment, and network facility and system security.
The network security standards for in-vehicle equipment mainly regulate the security
protection and detection requirements of key intelligent devices and components of
intelligent Internet of Vehicles, including security standards for automotive gateways,
electronic control units, automotive safety chips, and in-vehicle computing platforms.
The vehicle-side network security standard mainly regulates the safety protection and
detection requirements of the vehicle's electronic and electrical architecture, bus
architecture, system architecture, etc.
The network security standard for roadside communication equipment mainly specifies
the security protection and detection requirements for networked roadside equipment.
The network facility and system security standards mainly regulate the security
protection and testing requirements of Internet of Vehicles network facilities and
systems.
3) Network communication security standards
The Internet of Vehicles communication security standard mainly regulates the security
requirements of Internet of Vehicles communication network, identity authentication
and other related security requirements, including two types of standards:
communication security and identity authentication.
The communication security standards mainly regulate the cellular vehicle-to-
everything (C-V2X) and the security protection and testing requirements of cellular
mobile communications (4G/5G), satellite communications, wireless radio frequency
identification, in-vehicle wireless LAN, Bluetooth low energy (BLE), Zigbee, and ultra-
wideband (UWB) used in vehicle networks.
The identity authentication standard mainly regulates technical requirements such as
certificate application interface, certificate management system, security authentication
technology and testing methods, and lightweight authentication of key components
related to digital identity authentication of Internet of Vehicles.
4) Data security standards
The data security standards mainly regulate the data security and personal information
protection requirements of intelligent Internet of Vehicles, Internet of Vehicles
platforms, in-vehicle application services, etc., including five types of standards:
general requirements, classification and grading, outbound security, personal
information protection, and application data security.
The general requirements standards mainly regulate the type, scope, quality, granularity,
etc. of data that can be collected and processed by the Internet of Vehicles, including
standards for minimizing data collection, secure data storage, encrypted data
transmission, and secure data sharing.
The classification and grading standards mainly regulate the classification and grading
protection requirements of Internet of Vehicles data. They formulate the dimensions,
methods, examples and other standards for data classification and grading. They clarify
the important data types and security protection requirements.
The data outbound security standard mainly regulates the Internet of Vehicles industry
to implement data outbound security requirements in accordance with laws and
regulations, including key points and methods for data outbound security assessment.
The personal information protection standard mainly regulates the personal information
protection mechanism and related technical requirements of Internet of Vehicles users.
It clarifies the scenarios, rules, and technical methods for protecting user sensitive data
Internet of Vehicles business delivery gateway (HI) interface.
The security capability assessment standard mainly regulates the deployment of
security protection measures and the implementation of security services by Internet of
Vehicles service platform operators, intelligent Internet of Vehicles manufacturers,
basic telecommunications companies, etc. It proposes relevant requirements such as
network security maturity model, data security maturity model, security capability
maturity evaluation criteria, assessment implementation methods, institutional
capability certification, and road vehicle information security engineering.
3 Organization and Implementation
I. Accelerate the development of standards. Under the guidance of the Special
Committee on the Development of the Internet of Vehicles Industry of the National
Manufacturing Power Construction Leading Group, we focus on the coordination and
connection with relevant standard systems such as intelligent Internet of Vehicles,
information communications, electronic products and services. Guided by the Internet
of Vehicles network security and data security standard system, we organize all parties
involved in industry, academia, research and application to jointly promote the
development of standards.
II. Implement dynamic updates. In accordance with the requirements of relevant laws
and regulations on network security, combined with the technological innovation and
industrial development trends of the Internet of Vehicles, we will continue to improve
the Internet of Vehicles network security and data security standard system to provide
strong support for the development of the Internet of Vehicles industry and industry
management.
III. Strengthen publicity and implementation. Give full play to the role of local
competent departments, standardization organizations, industry associations and
professional institutions, organize and carry out standard publicity and implementation
and technical seminars. Promote the publicity and implementation of standards through
training, consultation, forums, etc. Organize the selection of outstanding enterprises and
cases in the pilot implementation of standards, form best practices, and promote the
application and promotion of standards.
IV. Deepen international cooperation. Strengthen exchanges and cooperation with
international standardization organizations. Actively participate in international
standardization activities such as the International Telecommunication Union (ITU),
the International Organization for Standardization (ISO), the International
Electrotechnical Commission (IEC), and the United Nations World Forum for
Harmonization of Vehicle Regulations (UN/WP29). Work with upstream and
downstream companies in the global industrial chain to jointly promote the
development of international standards.
Get Quotation: Click MIIT5-2022 (Self-service in 1-minute)
Historical versions (Master-website): MIIT5-2022
Preview True-PDF (Reload/Scroll-down if blank)
MIIT5-2022: Guidelines for the Construction of the Internet of Vehicles Network and Data Security Standard System
MIIT5-2022
Ministry of Industry and Information Technology
[2022] No. 5
Guidelines for the construction of internet of vehicles
network security and data security standard system
Issued by: General Office of the Ministry of Industry and Information
Technology, PRC
February 25, 2022
Table of Contents
Foreword ... 3
1 General requirements ... 4
I. Guiding ideology ... 4
II. Basic principles ... 4
III. Construction goals ... 5
2 Main contents ... 5
I. Framework diagram of the standard system ... 5
II. Key areas and directions ... 7
1) General and basic common standards ... 7
2) Terminal and facility cybersecurity standards ... 7
3) Network communication security standards ... 8
4) Data security standards ... 8
5) Application service security standards ... 9
6) Security assurance and support standards ... 9
3 Organization and Implementation ... 10
Appendix List of standards related to Internet of Vehicles network security and data
security ... 12
Guidelines for the construction of internet of vehicles
network security and data security standard system
1 General requirements
I. Guiding ideology
It is guided by Xi Jinping Thought on Socialism with Chinese Characteristics for a New
Era. It fully implements the spirit of the 19th CPC National Congress and all previous
plenary sessions of the 19th CPC Central Committee. It seriously implements the
decisions and arrangements of the CPC Central Committee and the State Council. It
coordinates development and security. It focuses on the security needs of the Internet
of Vehicles industry and strengthens the top-level design of Internet of Vehicles network
security and data security standards. It pays attention to the connection with the Internet
of Vehicles-related standard systems. It increases the effective supply of standards. It
strengthens the application and implementation of standards. It accelerates the
construction of a systematic, scientific and standardized Internet of Vehicles network
security and data security standard system. It gives full play to the guiding and
normative role of standards in the safe and healthy development of the Internet of
Vehicles industry.
II. Basic principles
Demand-oriented and jointly promoted. Closely align with the urgent needs of the
Internet of Vehicles industry for network security and data security. Encourage all links
in the industrial chain such as complete vehicles and key equipment, Internet of
Vehicles service platforms, information communications, network security, and all
parties in production, education, research and application to strengthen cooperation.
Jointly promote the development and implementation of cross-industry and cross-field
standards. Continuously improve the quality and efficiency of standards.
Focus on key points and prioritize urgent needs. Focus on key areas such as the
network security of vehicle networking terminals and facilities, network
communication security, data security, application service security, security assurance
and support. Focus on increasing the effective supply of basic general, common
technologies, test methods, typical applications and other standards urgently needed by
the industry. Cover the key areas and key links of network security and data security of
vehicle networking.
Openness, integration and deepening of cooperation. In light of the current status of
II. Key areas and directions
1) General and basic common standards
The overall and basic common standards are the overall, general and guiding standards
for the network security and data security of the Internet of Vehicles, including three
types of standards: terminology and definitions, overall architecture, and cryptographic
applications.
The terminology and definition standards mainly regulate the main concepts of Internet
of Vehicles network security and data security, providing a basis for the terms and
definitions in related standards.
The overall architecture standard mainly regulates the overall architecture requirements
of the Internet of Vehicles network security. It clarifies and defines the protection
objects, protection methods, and protection mechanisms. It guides enterprises to carry
out network security protection work in a systematic manner.
The cryptographic application standard mainly regulates the general requirements for
the cryptographic application of the Internet of Vehicles. It clarifies the requirements
for digital certificate format, digital certificate application, and device cryptographic
application.
2) Terminal and facility cybersecurity standards
The terminal and facility network security standards mainly regulate the network
security requirements related to Internet of Vehicles terminals and infrastructure,
including four types of standards: network security of on-board equipment, network
security of vehicle-side equipment, network security of roadside communication
equipment, and network facility and system security.
The network security standards for in-vehicle equipment mainly regulate the security
protection and detection requirements of key intelligent devices and components of
intelligent Internet of Vehicles, including security standards for automotive gateways,
electronic control units, automotive safety chips, and in-vehicle computing platforms.
The vehicle-side network security standard mainly regulates the safety protection and
detection requirements of the vehicle's electronic and electrical architecture, bus
architecture, system architecture, etc.
The network security standard for roadside communication equipment mainly specifies
the security protection and detection requirements for networked roadside equipment.
The network facility and system security standards mainly regulate the security
protection and testing requirements of Internet of Vehicles network facilities and
systems.
3) Network communication security standards
The Internet of Vehicles communication security standard mainly regulates the security
requirements of Internet of Vehicles communication network, identity authentication
and other related security requirements, including two types of standards:
communication security and identity authentication.
The communication security standards mainly regulate the cellular vehicle-to-
everything (C-V2X) and the security protection and testing requirements of cellular
mobile communications (4G/5G), satellite communications, wireless radio frequency
identification, in-vehicle wireless LAN, Bluetooth low energy (BLE), Zigbee, and ultra-
wideband (UWB) used in vehicle networks.
The identity authentication standard mainly regulates technical requirements such as
certificate application interface, certificate management system, security authentication
technology and testing methods, and lightweight authentication of key components
related to digital identity authentication of Internet of Vehicles.
4) Data security standards
The data security standards mainly regulate the data security and personal information
protection requirements of intelligent Internet of Vehicles, Internet of Vehicles
platforms, in-vehicle application services, etc., including five types of standards:
general requirements, classification and grading, outbound security, personal
information protection, and application data security.
The general requirements standards mainly regulate the type, scope, quality, granularity,
etc. of data that can be collected and processed by the Internet of Vehicles, including
standards for minimizing data collection, secure data storage, encrypted data
transmission, and secure data sharing.
The classification and grading standards mainly regulate the classification and grading
protection requirements of Internet of Vehicles data. They formulate the dimensions,
methods, examples and other standards for data classification and grading. They clarify
the important data types and security protection requirements.
The data outbound security standard mainly regulates the Internet of Vehicles industry
to implement data outbound security requirements in accordance with laws and
regulations, including key points and methods for data outbound security assessment.
The personal information protection standard mainly regulates the personal information
protection mechanism and related technical requirements of Internet of Vehicles users.
It clarifies the scenarios, rules, and technical methods for protecting user sensitive data
Internet of Vehicles business delivery gateway (HI) interface.
The security capability assessment standard mainly regulates the deployment of
security protection measures and the implementation of security services by Internet of
Vehicles service platform operators, intelligent Internet of Vehicles manufacturers,
basic telecommunications companies, etc. It proposes relevant requirements such as
network security maturity model, data security maturity model, security capability
maturity evaluation criteria, assessment implementation methods, institutional
capability certification, and road vehicle information security engineering.
3 Organization and Implementation
I. Accelerate the development of standards. Under the guidance of the Special
Committee on the Development of the Internet of Vehicles Industry of the National
Manufacturing Power Construction Leading Group, we focus on the coordination and
connection with relevant standard systems such as intelligent Internet of Vehicles,
information communications, electronic products and services. Guided by the Internet
of Vehicles network security and data security standard system, we organize all parties
involved in industry, academia, research and application to jointly promote the
development of standards.
II. Implement dynamic updates. In accordance with the requirements of relevant laws
and regulations on network security, combined with the technological innovation and
industrial development trends of the Internet of Vehicles, we will continue to improve
the Internet of Vehicles network security and data security standard system to provide
strong support for the development of the Internet of Vehicles industry and industry
management.
III. Strengthen publicity and implementation. Give full play to the role of local
competent departments, standardization organizations, industry associations and
professional institutions, organize and carry out standard publicity and implementation
and technical seminars. Promote the publicity and implementation of standards through
training, consultation, forums, etc. Organize the selection of outstanding enterprises and
cases in the pilot implementation of standards, form best practices, and promote the
application and promotion of standards.
IV. Deepen international cooperation. Strengthen exchanges and cooperation with
international standardization organizations. Actively participate in international
standardization activities such as the International Telecommunication Union (ITU),
the International Organization for Standardization (ISO), the International
Electrotechnical Commission (IEC), and the United Nations World Forum for
Harmonization of Vehicle Regulations (UN/WP29). Work with upstream and
downstream companies in the global industrial chain to jointly promote the
development of international standards.
Share
