General Provisions

1. Vulnerability Risk Classification Criteria

• Critical Risk (ASIL‑C/D): Failures of overcharge/over‑discharge protection, insulation detection abnormalities, remote firmware tampering and similar defects.
• Medium Risk (ASIL‑B): No immediate safety hazards but compromising system precision and operational stability, including SOC calculation drift and CAN bus message injection.
• Low Risk (ASIL‑A/QM): Only UI and configuration issues with zero safety risks, such as operational log leakage and unauthorized read/write access to non‑critical parameters.

2. Vulnerability Handling Specifications

(1) Technical Remediation Standards

•     Medium Risk: Incremental silent hotfix for automatic background firmware update without device reboot.
•     Low Risk: Fixed via remote configuration or local tools; no equipment restart required.

(2) End‑to‑End Process Control

•    A 7×24 vulnerability submission channel is available. Vulnerability verification shall be finished within 48 hours upon receipt, and relevant reports shall be submitted to MIIT’s vulnerability platform per regulatory requirements.
• Complete risk assessment and grading to define affected scope.
•   Deadline rules: Critical vulnerabilities to complete fixing, regression test and penetration test within 24h; Medium within 72h; Low risks incorporated into regular version cycles.
•   After patch release, promptly notify users of risks and upgrade instructions; conduct post‑mortem root cause analysis to refine coding standards and test cases to prevent recurring faults.

(3) Emergency Response for Large‑Scale Critical Vulnerability Outbreak

•    Leverage cloud platform to monitor real‑time data of overvoltage, overheating and insulation faults.
• Remotely limit output power and disable fast charging of abnormal devices for safety isolation.
• Initiate product recall per national laws and provide free firmware upgrade or hardware replacement for customers.

(4) Data Compliance Rules

3. Implementation Assurance

•    Organizational Responsibility: Appoint a dedicated full‑time BMS safety manager and set up a cross‑functional response team consisting of R&D, QA, O&M and legal representatives with clear individual accountability.
• Mandatory Time Limits: Critical vulnerabilities: initial response within 24h, full remediation within 72h; Medium vulnerabilities: initial response within 72h, full remediation within 7 working days.
•   Dual Technical Safeguard: Independent hardware security module operates separately, unaffected by faults of master control software or MCU to realize dual safety protection.

4. Detailed Handling Rules for Common Vulnerabilities