I. Vulnerability Classification (by Risk Level)

• Critical Risk (ASIL-C/D): May cause thermal runaway, high-voltage electric shock and vehicle runaway. Typical issues include failure of overcharge/over-discharge protection, insulation detection vulnerabilities and remote tampering of firmware.
• Medium Risk (ASIL-B): Impairs accuracy or stability without direct fatal hazards. Typical issues involve SOC estimation deviation, CAN bus message injection and race conditions in non-critical logic.
• Low Risk (ASIL-A/QM): Related to interfaces and configurations with no safety impacts. Typical issues cover log leakage and read-write access to non-critical parameters.

II. Core Handling Solutions

1. Technical Remediation Solutions

• Emergency Patch (Critical Risk): Mandatory OTA updates will be released within 72 hours. For critical faults where insulation resistance is lower than 1kΩ/V, the hardware hard interlock will cut off high voltage within 100 milliseconds.
• Firmware Hotfix (Medium Risk): Incremental OTA updates deployed silently in the background.
• Configuration & Parameter Remediation (Low Risk): Changes delivered via local tools or remote configuration without device restart.

2. Process & Management Solutions

• Vulnerability Reception & Verification: A 24/7 dedicated channel is available. All vulnerabilities will be verified within 48 hours and reported to the vulnerability platform of the Ministry of Industry and Information Technology.
• Risk Assessment & Rating: Confirm the ASIL level and impact scope of each vulnerability.
• Remediation & Testing Closed-Loop: Critical risks shall be fixed, regression-tested and penetration-tested within 24 hours; medium risks within 72 hours; low risks will be addressed in regular version iterations.
• Release & Notification: Deliver risk notifications and update guidelines to end users.
• Retrospection & Prevention: Conduct root cause analysis targeting coding specifications and test coverage, and update security requirements as well as test cases.

3. Emergency Response Plan (Critical Vulnerability Outbreak)

• Real-time Monitoring: The BMS cloud platform will send out alerts for abnormalities such as overvoltage, overtemperature and abnormal insulation.
• Safety Isolation: Remotely limit output power and disable fast charging.
• Product Recall: Initiate product recall in accordance with relevant laws and regulations, and provide free firmware upgrades or hardware replacement services.

4. Compliance & Standard Solutions

• Data Compliance: Key data including voltage, temperature and fault records shall be retained for no less than 90 days for traceability.

III. Policy Implementation Guidelines

• Individual Accountability: Appoint a dedicated BMS security person in charge, and set up a vulnerability response team consisting of R&D, testing, operation & maintenance and legal staff.
• Time Limits: Respond to critical risks within 24 hours and complete remediation within 72 hours; respond to medium risks within 72 hours and finish remediation within 7 days.
• Technical Safeguards: Hardware security mechanisms operate independently of software to avoid failures caused by MCU breakdown.

IV. Countermeasures for Common Vulnerabilities

1. Overcharge Protection Failure (Critical Risk): Adopt dual threshold control via both hardware and software, cut off power within 100 milliseconds, and push mandatory OTA updates.
2. CAN Bus Message Injection (Medium Risk): Filter abnormal messages and activate performance degradation mechanisms.
3. SOC Estimation Deviation (Medium Risk): Optimize algorithms and add redundant verification, with silent OTA remediation.
4. Log Leakage (Low Risk): Implement log desensitization and disable unnecessary debug ports.

Channels for Compliance Consultation & Violation Reporting

• Email for Compliance Consultation & Violation Reporting: kgmarket@kgooer.com
• Tel for Compliance Consultation & Violation Reporting: 0571-85373365