16.1
|
Manipulation of functions designed to remotely operate vehicle systems, such as remote key, immobiliser, and charging pile
|
M20
|
Security controls shall be applied to systems that have remote access
|
16.2
|
Manipulation of vehicle telematics (e.g. manipulate temperature measurement of sensitive goods, remotely unlock cargo doors)
|
16.3
|
Interference with short range wireless systems or sensors
|
17.1
|
Corrupted applications, or those with poor software security, used as a method to attack vehicle systems
|
M21
|
Software shall be security assessed, authenticated and integrity protected.
Security controls shall be applied to minimise the risk from third party software that is intended or foreseeable to be hosted on the vehicle
|
18.1
|
External interfaces such as USB or other ports used as a point of attack, for example through code injection
|
M22
|
Security controls shall be applied to external interfaces
|
18.2
|
Media infected with viruses connected to the vehicle
|
18.3
|
Diagnostic access (e.g. dongles in OBD port) used to facilitate an attack, e.g. manipulate vehicle parameters (directly or indirectly)
|
M22
|
Security controls shall be applied to external interfaces
|