A security testing method, apparatus, device, and computer-readable storage medium

By constructing an attack graph and generating attack action sequences for the PEPS system, the security vulnerabilities of multi-interface combined attack scenarios in the PEPS system were resolved, achieving efficient and automated security testing.

CN122339824APending Publication Date: 2026-07-03SHANGHAI KOSTAL HUAYANG AUTOMOTIVE ELECTRIC +1

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
SHANGHAI KOSTAL HUAYANG AUTOMOTIVE ELECTRIC
Filing Date
2026-05-14
Publication Date
2026-07-03

Smart Images

  • Figure CN122339824A_ABST
    Figure CN122339824A_ABST
Patent Text Reader

Abstract

This application discloses a security testing method, apparatus, device, and computer-readable storage medium. The method includes determining a target attack path based on an attack graph from a PEPS system; establishing the attack graph based on the attack relationships between nodes in the PEPS system; generating an attack action sequence corresponding to the target attack path based on the current state of the target device; the attack action sequence includes multiple attack actions, each including a trigger time field, which characterizes the time offset of the attack action relative to a reference time; generating test input based on the attack action sequence; and sending the corresponding test input by calling multiple communication interfaces according to the time offset characterized by the trigger time field of each attack action, thereby performing security testing on the target device. This application reduces reliance on human experience, improves automation, and solves the problem that single-interface testing cannot cover vulnerabilities arising from multiple interface combinations.
Need to check novelty before this filing date? Find Prior Art