As intelligent connected vehicles (ICVs) reshape the future of mobility, a dedicated Chinese lab is working to shield them from cyber vulnerabilities, highlighting China's commitment to balancing innovation with security in the new energy vehicle sector.
The promise of smarter, more connected vehicles inevitably brings along heightened cybersecurity risks. Addressing this challenge head-on is the Cyber Security Research Center of CATARC, also known as the NASI Lab, located in north China's Tianjin Municipality.
Established by the China Automotive Technology and Research Center (CATARC) in 2022, a leading science and technology research body in the automotive sector, the NASI Lab serves as a national hub for automotive cybersecurity research and testing.
A critical asset of the lab is its security vulnerability database for connected vehicles, the only national-level vulnerability repository dedicated to the automotive industry in China.
Paired with vast streams of threat intelligence, the database enables monitoring of potential cyber risks to intelligent vehicles around the clock. Whenever a new vulnerability, attack pattern, or threat event is detected, the center can rapidly issue alerts and coordinate responses, effectively creating a robust "digital shield" for smart cars on the road.
Inside the lab's vulnerability analysis center, researchers conduct controlled "attack-defense" experiments to expose real-world risks. In one striking demonstration, a test expert disabled a vehicle in motion, visibly illustrating to drivers the tangible risks posed by cyber vulnerabilities.
"This is a new energy vehicle currently in motion, and the screen displays the driver's real-time operation of the accelerator pedal. What we are demonstrating now is a malicious cyberattack in which a hacker exploits a network vulnerability to cut power to the entire vehicle. As you can see, the wheels are now coasting solely by inertia. The driver can no longer accelerate or control the vehicle by pressing the accelerator pedal. Under high-speed driving conditions, this type of scenario could easily lead to serious traffic accidents," said Zhou Boya, a test expert at the center.
Another experiment highlighted risks in car key systems.
"Here, we have two vehicles of the same batch and identical model. A hacker can maliciously intercept the signal from a car key fob by exploiting a vulnerability, and then use a corresponding device to replay that signal. This technique enables remote, batch unauthorized access to vehicles," said Zhou.
Beyond threat detection and testing, the NASI Lab fosters a collaborative ecosystem through its "white hat" community. In the cybersecurity field, "white hats" are ethical security researchers who work to identify and fix vulnerabilities, standing in contrast to malicious hackers.
Each year, the center hosts multiple information security challenges, bringing together top-tier white-hat experts and industry professionals from across China. These competitions not only sharpen defensive capabilities, but also help channel cutting-edge research into practical vulnerability prevention, strengthening the industry's security foundation from the ground up.
Chinese cybersecurity lab builds "digital shield" for connected vehicles on road
