SAE J3101_202002
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Hardware Protected Security for Ground Vehicles
Hardcopy , PDF
12-05-2020
English
10-02-2020
Important note : Users cannot be edited or removed once added to your Multi user PDF.Access mechanisms to system data and/or control is a primary use case of the hardware protected security environment (hardware protected security environment) during different uses and stages of the system.
| DocumentType |
Standard
|
| Pages |
80
|
| ProductNote |
THIS STANDARD ALSO REFERS TO ISO/IEC/IEEE DIS 8802-1, ISO 18031, ISO 29192-2:2012, IEEE-ISTO 6100.1.0.0, BSI AIS 20/31,NIST SP 800-38A, NIST SP 800-38B, NIST SP 800-38C, NIST SP 800-38D, NIST SP 800-38E, NIST SP 800-38F, NIST SP 800-47, NIST 800-53A, NIST SP 800-57, SP 800-90A, SP 800-90B, SP 800-90C, NIST SP 800-131A, NIST IR 7316, FIPS PUB 140-3, FIPS PUB 186-4, FIPS PUB 180-4, FIPS PUB 198-1, FIPS PUB 199, FIPS PUB 202, RFC 7696, RFC, 4949, RFC 6979, RFC 8391, RFC 7905, RFC 8439, RFC 7748, RFC 8032, RFC 8554, RFC 8125
|
| PublisherName |
SAE International
|
| Status |
Superseded
|
| SupersededBy |
Access mechanisms to system data and/or control is a primary use case of the hardware protected security environment (hardware protected security environment) during different uses and stages of the system. The hardware protected security environment acts as a gatekeeper for these use cases and not necessarily as the executor of the function. This section is a generalization of such use cases in an attempt to extract common requirements for the hardware protected security environment that enable it to be a gatekeeper.Examples are:Creating a new key fobRe-flashing ECU firmwareReading/exporting PII out of the ECUUsing a subscription-based featurePerforming some service on an ECUTransferring ownership of the vehicleSome of these examples are discussed later in this section and some have detailed sections of their own. This list is by no means comprehensive. Other use cases that require hardware protected security environment-based access control may be used by each manufacturer/service provider based on vehicle capabilities, architecture, and business model.This section describes how the hardware protected security environment provides a platform to implement access control by enabling secure authentication, authorization and access enforcement. It does not define any specific access control system (DAC/MAC/capability-based/role-based/etc.), models, or polices.A general access control system is based on the following stages:1Identifying and authenticating the user.2Authorizing access to the resource.aComparing authenticated user to policies (database/certificates/other).bComparing other conditions (temporal/spatial/other) to policies database.cUnlocking access to the resource.3Using the resource.4(Optional) Removing access to the resource based on temporal or other conditions.aLocking access to the resource.The hardware protected security environment can be involved to different extents in each of the stages listed above. The main two types of hardware protected security environment involvements are full control and partial control. In partial control, the hardware protected security environment is responsible to authenticate and authorize the access, while the normal environment is responsible to lock/unlock the resource. In full control, the hardware protected security environment is responsible for both.
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.