摘要
随着智能网联汽车网络技术的飞速发展,对车辆的信息安全风险分级将为智能网联汽车的网络安全管理提供良好的参考依据。文章介绍了在风险评估过程中对汽车零部件进行信息安全风险分级的方法,利用定性与定量的混合分析方法,对汽车信息安全相关项进行识别并提取关键特征信息,同时利用基于攻击潜力的定量评估法对其进行估值计算得出风险等级。此外,利用车载信息终端T-Box作为示例验证该方法的有效性。
With the rapid development of the network technology of intelligent connected vehicles,the classification of vehicle cyber security risk will provide a good reference for the cyber security management of intelligent connected vehicles.This paper were introduced for auto parts in the process of risk assessment for cyber security risk classification method,using the mixture of qualitative and quantitative analysis method of cyber security related items on vehicles information to identify and extract the key features,at the same time,based on the quantitative assessment of the potential attack method to estimate the risk level is calculated.In addition,the validity of the proposed method is verified by using the T-box as an example.
作者
赵浩
刘平一
刘天宇
ZHAO Hao;LIU Pingyi;LIU Tianyu(China Automotive Data(Tianjin)Co.,Ltd.,Tianjin 300387)
出处
《汽车实用技术》
2021年第16期26-29,共4页
Automobile Applied Technology
基金
中汽中心指南类课题(20223405)资助。
关键词
风险分级
风险评估
信息安全
T-BOX
Risk classification
Risk assessment
Information security
T-BOX
