标准摘要
[中文适用范围]: 本 SAE 标准建立了以下实践: a 利用系统工程原理管理风险并确保网络物理系统 (CPS) 在其整个生命周期内的安全; b 评估网络物理系统安全(CPSS)目标和要求的影响; c 评估 CPS 技术有效性和功能的安全风险,并解决弱点和漏洞; d 解决可能对 CPSS 或 CPS 设计目的产生负面影响的各种考虑领域(参见 3.1),这些领域考虑系统的运行条件、命令和控制、配置管理(参见 SAE EIA649)等; e 执行设计验证和验证以评估 CPS 的安全性和风险。 [外文原描述]: This SAE Standard establishes practices to:aManage risk and ensure security of a cyber-physical system (CPS) throughout its life cycle by utilizing systems engineering principles;bAssess the impact of cyber-physical systems security (CPSS) objectives and requirements;cAssess the security risks to CPS technical effectiveness and functions, and address weaknesses and vulnerabilities;dAddress various domains of consideration (see 3.1 ) that take into account operating conditions of the system, command and control, configuration management (refer to SAE EIA649), etc., that could negatively impact CPSS or CPS-designed purpose;ePerform design validation and verification to assess security and risk of the CPS.Cross Reference:
英文名称Cyber-Physical Systems Security Engineering Plan (CPSSEP)