ID
| Content
|
5.Organizational Cybersecurity Management
|
RQ-05-01
| The organization shall define a cybersecurity policy that includes:
a) acknowledgement of road vehicle cybersecurity risks; and
b) the executive management’s commitment to manage the corresponding cybersecurity risks.
|
组织应定义网络安全政策,包括:
a)承认道路车辆网络安全风险;和
b)执行管理层对管理相应网络安全风险的承诺。
|
RQ-05-02
| The organization shall establish and maintain rules and processes to:
a) enable the implementation of the requirements of this document; and
b) support the execution of the corresponding activities.
|
组织应建立并维护规则和过程,以便:
a)使本标准的要求得以实施;和
b)支持相应活动的执行。
|
RQ-05-03
| The organization shall assign and communicate the responsibilities and corresponding organizational authority to achieve and maintain cybersecurity.
|
组织应分配和传达为实现和维护网络安全的职责和相应的组织职权。
|
RQ-05-04
| The organization shall provide the resources to address cybersecurity.
|
组织应提供解决网络安全问题的资源。
|
RQ-05-05
| The organization shall identify disciplines related to, or interacting with, cybersecurity and establish and maintain communication channels between those disciplines in order to:
a) determine if and how cybersecurity will be integrated into existing processes; and
b) coordinate the exchange of relevant information.
|
组织应确定与网络安全相关或相互作用的领域,并建立和维护这些领域之间的沟通渠道,以便:
a)确定是否以及如何将网络安全集成到现有流程;和
b)协调相关信息的交流。
|
RQ-05-06
| The organization shall foster and maintain a strong cybersecurity culture.
|
组织应培育和维护强大的网络安全文化。
|
RQ-05-07
| The organization shall ensure that persons to which cybersecurity roles and responsibilities are assigned have the competences and awareness to fulfil these.
|
组织应确保被分配网络安全角色和责任的人员有能力和意识来履行这些职责和责任。
|
RQ-05-08
| The organization shall institute and maintain a continuous improvement process.
|
组织应建立和维护持续改进的流程。
|
RQ-05-09
| The organization shall define the circumstances under which information sharing related to cybersecurity is required, permitted, or prohibited, internal or external to the organization.
|
组织应定义在组织内部或外部,要求、允许或禁止与网络安全相关的信息共享的情况。
|
RC-05-10
| The organization should align its information security management of the shared data with other parties in accordance with [RQ-05-09].
|
组织应根据 [RQ-05-09] 与其他方协调其共享数据的信息安全管理。
|
RQ-05-11
| The organization shall institute and maintain a quality management system in accordance with International Standards, or equivalent, to support cybersecurity engineering, addressing:
a) change management;
b) documentation management;
c) configuration management; and
d) requirements management.
|
组织应根据国际标准或同等标准建立和维护质量管理体系,以支持网络安全工程,解决:
a)变更管理;
b)文档管理;
c)配置管理;和
d)需求管理。
|
RQ-05-12
| The configuration information required for maintaining cybersecurity of a product in the field shall remain available until the end of cybersecurity support for the product, in order to enable remedial actions.
|
产品在维护网络安全所需的配置信息应一直保留到对产品的网络安全支持结束,以便采取补救行动。
|
RC-05-13
| A cybersecurity management system for the production processes should be established in order to support the activities of Clause 12.
|
应建立生产过程的网络安全管理体系,以支持第 12 条的活动。
|
RQ-05-14
| Tools that can influence the cybersecurity of an item or component shall be managed.
|
应管理能够影响相关项或组件网络安全的工具
|
RC-05-15
| An appropriate environment to support remedial actions for cybersecurity incidents (see 13.3) should be reproducible until the end of cybersecurity support for the product.
|
支持网络安全事件补救措施(见 13.3)的适当环境应该是可重复的,直到产品的网络安全支持结束。
|
RC-05-16
| Work products should be managed in accordance with an information security management system.
|
工作产品应根据信息安全管理体系进行管理。
|
RQ-05-17
| A cybersecurity audit shall be performed independently to judge whether the organizational processes achieve the objectives of this document.
|
网络安全审计应独立进行,以判断组织流程是否达到本标准的目标。
|
6.Project Dependent Cybersecurity Management
|
RQ-06-01
| The responsibilities regarding the project’s cybersecurity activities shall be assigned and communicated in accordance with [RQ-05-03].
|
项目网络安全活动的职责应根据 [RQ-05-03] 进行分配和沟通。
|
RQ-06-02
| In order to decide cybersecurity activities needed for the item or component, the item or component shall be analysed to determine:
a) whether the item or component is cybersecurity relevant;
b) if the item or component is cybersecurity relevant, whether the item or component is a new development or a reuse; and
c) whether tailoring in accordance with 6.4.3 is applied.
|
为确定该相关项或组件所需的网络安全活动,应分析相关项或组件以确定:
a)该相关项或组件是否与网络安全相关;
b)如果该相关项或组件与网络安全相关,则该相关项或组件是否为新开发或重复使用;
c)是否按照6.4.3进行剪裁。
|
RQ-06-03
| The cybersecurity plan shall include the:
a) objective of an activity;
b) dependencies on other activities or information;
c) personnel responsible for performing an activity;
d) required resources for performing an activity;
e) starting point or end point, and the expected duration of an activity; and
f) identification of the work products to be produced.
|
网络安全计划应包括:
a)活动的目标;
b)对其他活动或信息的依赖;
c)负责执行某项活动的人员;
d)开展某项活动所需的资源;
e)活动的起始点或结束点以及预期持续时间; 和
f)识别要产生的工作产品。
|
RQ-06-04
| The responsibilities for developing and maintaining the cybersecurity plan, and for tracking the progress of the cybersecurity activities against the cybersecurity plan shall be assigned in accordance with [RQ-05-03] and [RQ-05-04].
|
制定和维护网络安全计划以及根据网络安全计划跟踪网络安全活动进度的职责应按照[RQ-05-03]和[RQ-05-04]分配。
|
RQ-06-05
| The cybersecurity plan shall either be:
a) referenced in the project plan for the development; or
b) included in the project plan, such that the cybersecurity activities are distinguishable.
|
网络安全计划应是:
a)在项目开发计划中引用;或
b)包含在项目计划中,使网络安全活动是可区分的。
|
RQ-06-06
| The cybersecurity plan shall specify the activities that are required for cybersecurity during the concept and product development phases in accordance with the relevant requirements of Clauses 9, 10, 11 and 15.
|
网络安全计划应按照第9、10、11和15章的相关要求,明确概念和产品开发阶段网络安全所需的活动。
|
RQ-06-07
| The cybersecurity plan shall be updated when a change or a refinement of the activities to be performed is identified.
|
当确定将执行的活动发生变更或改进时,应更新网络安全计划。
|
PM-06-08
| For threat scenarios of risk value 1 that are determined from an analysis in accordance with 15.8, conformity with 9.5, Clause 10 and Clause 11 may be omitted.
|
对于根据 15.8 的分析确定的风险值为 1 的威胁场景,可以忽略对 9.5、第 10 条和第 11 条的符合性。
|
RQ-06-09
| The work products identified in the cybersecurity plan shall be updated and maintained for accuracy until and at the release for post-development.
|
网络安全计划中确定的工作产品应进行更新并保持准确性,直到开发后发布为止。
|
RQ-06-10
| If cybersecurity activities are distributed, customer and supplier shall each define a cybersecurity plan regarding their respective cybersecurity activities and interfaces in accordance with Clause 7.
|
如网络安全活动是分布式的,客户和供应商应根据第7条规定各自确定关于各自网络安全活动和接口的网络安全计划。
|
RQ-06-11
| The cybersecurity plan shall be subject to configuration management and documentation management, in accordance with 5.4.4
|
网络安全计划按照5.4.4的规定进行配置管理和文件管理。
|
RQ-06-12
| The work products identified in the cybersecurity plan shall be subject to configuration management, change management, requirements management, and documentation management, in accordance with 5.4.4
|
网络安全计划中确定的工作产品应按照 5.4.4 进行配置管理、变更管理、需求管理和文档管理。
|
PM-06-13
| A cybersecurity activity may be tailored.
|
网络安全活动可以进行裁剪。
|
RQ-06-14
| If a cybersecurity activity is tailored, then a rationale why the tailoring is adequate and sufficient to achieve the relevant objectives of this document shall be provided and reviewed.
|
如果网络安全活动进行了裁剪,则应提供并审查为何裁剪足够且足以实现本标准的相关目标的理由。
|
RQ-06-15
| A reuse analysis shall be carried out if an item or component has been developed and:
a) modifications are planned;
b) is planned to be reused in another operational environment; or
c) is planned to be reused without modification and there are relevant changes to the information concerning the item or component.
|
如果一个相关项或组件已经开发并且满足以下条件,则应进行复用分析:
a)计划进行修改;
b)计划在另一个运行环境中重复使用; 或者
c) 计划不加修改地重复使用,并且相关项或组件的信息有相应变化。
|
RQ-06-16
| A reuse analysis of an item or component shall:
a) identify the modifications to the item or component and the modifications of its operational environment;
b) analyse the cybersecurity implications of the modifications, including the effects on the validity of cybersecurity claims and previously made assumptions;
c) identify the affected or missing work products; and
d) specify the cybersecurity activities necessary to conform with this document in the cybersecurity plan (see 6.4.2).
|
对相关项或组件的复用分析应:
a)识别相关项或组件的修改及其运行环境的修改;
b)分析修改对网络安全的影响,包括对网络安全声明和先前假设的有效性的影响;
c)识别受影响或缺失的工作产品;和
d)在网络安全计划中规定符合本标准所需的网络安全活动(见6.4.2)。
|
RQ-06-17
| A reuse analysis of a component shall evaluate whether:
a) the component is able to fulfil the allocated cybersecurity requirements from the item or component, in which it is to be integrated; and
b) the existing documentation is sufficient to support the integration into an item, or into another component.
|
对组件的复用分析应评估是否:
a) 该组件能够满足要集成的相关项或组件分配的网络安全要求; 和
b)现有的文档足以支持集成到相关项或其他组件中。
|
RQ-06-18
| Assumptions on the intended use and context, including the external interfaces, for a component developed out-of-context shall be documented in the corresponding work products.
|
对于脱离上下文开发的组件的预期用途和上下文(包括外部接口)的假设应记录在相应的工作产品中。
|
RQ-06-19
| For the development of a component out-of-context, the cybersecurity requirements shall be based on the assumptions of [RQ-06-18].
|
对于脱离上下文的组件的开发,网络安全要求应基于[RQ-06-18]的假设。
|
RQ-06-20
| For the integration of a component developed out-of-context, the cybersecurity claims and assumptions of [RQ-06-18] shall be validated.
|
对于脱离上下文开发的组件的集成,应验证 [RQ-06-18] 的网络安全声明和假设。
|
RQ-06-21
| When integrating an off-the-shelf component, the cybersecurity-relevant documentation shall be gathered and analysed to determine whether:
a) allocated cybersecurity requirements can be fulfilled;
b) the component is suitable for the specific application context of the intended use; and
c) existing documentation is sufficient to support the cybersecurity activities.
|
集成现有组件时,应收集并分析网络安全相关文档,以确定是否:
a) 能够满足分配的网络安全要求;
b) 该组件适合预期用途的特定应用环境; 和
c)现有文档足以支持网络安全活动。
|
RQ-06-22
| If the existing documentation is insufficient to support the integration of the off-the-shelf component, then the cybersecurity activities to conform with this document shall be identified and performed.
|
如果现有文档不足以支持现有组件的集成,则应确定并执行符合本标准的网络安全活动。
|
RQ-06-23
| A cybersecurity case shall be created to provide the argument for the cybersecurity of the item or component, supported by work products.
|
应创建网络安全案例,为相关项或组件的网络安全提供论据,并由工作产品支持。
|
RQ-06-24
| A decision whether to perform a cybersecurity assessment for an item or component shall be made supported by a rationale applying a risk-based approach.
|
是否对某个相关项或组件进行网络安全评估的决定应以基于风险的方法的理由为依据。
|
RQ-06-25
| The rationale of [RQ-06-24] shall be reviewed independently.
|
对[RQ-06-24]的理由进行独立评审
|
RQ-06-26
| The cybersecurity assessment shall judge the cybersecurity of the item or component.
|
网络安全评估应当判断相关项或组件的网络安全
|
RQ-06-27
| A person responsible to plan and perform independently a cybersecurity assessment shall be appointed in accordance with [RQ-06-01].
|
应按照[RQ-06-01]的规定,任命负责独立策划和执行网络安全评估的人员
|
RQ-06-28
| A person who carries out a cybersecurity assessment shall have:
a) access to the relevant information and tools; and
b) the cooperation of the personnel performing the cybersecurity activities.
|
实施网络安全评估的人员应当具备:
a)获取相关信息和工具;和
b)开展网络安全活动人员的合作。
|
PM-06-29
| A cybersecurity assessment may be based on a judgement of whether the objectives of this document are achieved.
|
网络安全评估可以基于对本标准的目标是否实现的判断。
|
RQ-06-30
| The scope of a cybersecurity assessment shall include:
a) the cybersecurity plan and all work products identified in the cybersecurity plan;
b) the treatment of the cybersecurity risks;
c) the appropriateness and effectiveness of implemented cybersecurity controls and cybersecurity activities performed for the project; and
d) the rationales, if provided, that demonstrate the achievement of the objectives of this document.
|
网络安全评估的范围应包括:
a)网络安全计划及网络安全计划中确定的所有工作产品;
b)网络安全风险的处理;
c)为项目实施的网络安全控制和网络安全活动的适当性和有效性;和
d) 证明实现本标准目标的理由(如果提供)。
|
RQ-06-31
| A cybersecurity assessment report shall include a recommendation for acceptance, conditional acceptance, or rejection of the cybersecurity of the item or component.
|
网络安全评估报告应包括接受、有条件接受或拒绝相关项或组件网络安全的建议。
|
RQ-06-32
| If a recommendation for conditional acceptance in accordance with [RQ-06-31] is made, then the cybersecurity assessment report shall include the conditions for acceptance.
|
如果根据[RQ-06-31]提出了有条件接受的建议,则网络安全评估报告应包括接受条件。
|
RQ-06-33
| The following work products shall be available prior to the release for post-development:
a) the cybersecurity case [WP-06-02];
b) if applicable, the cybersecurity assessment report [WP-06-03]; and
c) the cybersecurity requirements for post-development [WP-10-02].
|
以下工作产品应在进入到开发后释放之前发布:
a)网络安全案例[WP-06-02];
b)网络安全评估报告[WP-06-03](如适用);
c)开发后的网络安全要求[WP-10-02]。
|
RQ-06-34
| The following conditions shall be fulfilled for the release for post-development of the item or component:
a) the argument for cybersecurity provided by the cybersecurity case is convincing;
b) the cybersecurity case is confirmed by the cybersecurity assessment, if applicable; and
c) the cybersecurity requirements for the post-development phases are accepted.
|
对相关项或组件进行开发后释放,应当满足下列条件:
a) 网络安全案例提供的网络安全论据具有说服力;
b) 网络安全案例经网络安全评估确认(如适用); 和
c) 接受开发后阶段的网络安全要求。
|
7.Distributed Cybersecurity Activities
|
RQ-07-01
| The capability of a candidate supplier to develop and, if applicable, perform post-development activities in accordance with this document shall be evaluated.
|
应评估候选供应商根据本标准开发和执行开发后(如果适用)活动的能力。
|
RC-07-02
| To support a customer’s evaluation of supplier capability, a supplier should provide a record of cybersecurity capability.
|
为支持客户对供应商能力的评估,供应商应提供网络安全能力记录
|
RQ-07-03
| A request for quotation from a customer to a candidate supplier shall include:
a)a formal request to conform to this document;
b)the expectation that cybersecurity responsibilities will be taken on by the supplier in accordancewith 7.4.3; and
c)the cybersecurity goals and/or set of cybersecurity requirements relevant to the item or componentfor which the supplier is quoting.
|
客户向候选供应商提出的报价请求应包括:
a) 符合本标准的正式请求;
b) 期望供应商按照 7.4.3 承担网络安全责任; 和
c) 与供应商报价的相关项或组件相关的网络安全目标和/或一组网络安全要求。
|
RQ-07-04
| A customer and a supplier shall specify the distributed cybersecurity activities in a cybersecurity interface agreement including:
a)appointment of customer’s and supplier’s points of contact regarding cybersecurity;
b)identification of cybersecurity activities that are to be performed by customer and supplier,respectively;
c)if applicable, a joint tailoring of cybersecurity activities in accordance with 6.4.3;
d)the information and the work products to be shared;
e)milestones regarding the distributed cybersecurity activities; and
f)definition of the end of cybersecurity support for the item or component.
|
客户与供应商应在网络安全接口协议中明确分布式网络安全活动,包括:
a) 指定客户和供应商的网络安全联系人;
b) 识别由客户和供应商分别执行的网络安全活动;
c) 按照6.4.3联合剪裁网络安全活动(如适用);
d) 要共享的信息和工作成果;
e)有关分布式网络安全活动的里程碑; 和
f) 相关项或组件的网络安全支持结束的定义。
|
RC-07-05
| The cybersecurity interface agreement should be mutually agreed upon between customer and supplier prior to the start of the distributed cybersecurity activities.
|
在分布式网络安全活动开始之前,客户和供应商应共同商定网络安全接口协议。
|
RQ-07-06
| If there is an identified vulnerability to be managed in accordance with [RQ-08-07], the customer and supplier shall agree on actions and responsibility for those actions.
|
如果存在需要根据 [RQ-08-07] 进行管理的已识别漏洞,客户和供应商应就这些措施的行动和责任达成一致。
|
RQ-07-07
| If requirements are unclear, not feasible, or conflict with other cybersecurity requirements or requirements from other disciplines, then customer and supplier shall each notify the other so that appropriate decisions and actions can be taken.
|
如果要求不明确、不可行或与其他网络安全要求或其他学科的要求相冲突,则客户和供应商应各自通知对方,以便采取适当的决策和行动。
|
RC-07-08
| Responsibilities should be specified in a responsibility assignment matrix.
|
应在责任分配矩阵中指定责任。
|
8.Continuous Cybersecurity Activities
|
RQ-08-01
| Sources shall be selected for collection of cybersecurity information.
|
网络安全信息收集应当选择来源。
|
RQ-08-02
| Triggers shall be defined and maintained for the triage of cybersecurity information.
|
应定义和维护网络安全信息分类的触发器。
|
RQ-08-03
| Cybersecurity information shall be collected and triaged to determine if the cybersecurity information becomes one or more cybersecurity events.
|
应收集并分类网络安全信息,以确定网络安全信息是否成为一项或多项网络安全事件。
|
RQ-08-04
| A cybersecurity event shall be evaluated to identify weaknesses in an item and/or component.
|
应对网络安全事件进行评估,以确定相关项和/或组件中的弱点。
|
RQ-08-05
| Weaknesses shall be analysed to identify vulnerabilities.
|
应分析弱点以识别漏洞。
|
RQ-08-06
| A rationale shall be provided for a weakness that is not identified as a vulnerability.
|
对于未被识别为漏洞的弱点,应提供理由。
|
RQ-08-07
| Vulnerabilities shall be managed such that for each vulnerability:
a) the corresponding cybersecurity risks are assessed and treated in accordance with 15.9 such that no unreasonable risks remain; or
b) the vulnerability is eliminated by applying an available remediation independent of a TARA.
|
应对漏洞进行管理,以便对于每个漏洞:
a) 按照15.9的规定评估和处理相应的网络安全风险,确保不存在不合理的风险; 或者
b) 通过应用独立于 TARA 的可用补救措施来消除漏洞。
|
RQ-08-08
| If a risk treatment decision in accordance with 15.9 necessitates cybersecurity incident response, then 13.3 shall be applied.
|
如果根据 15.9 做出的风险处理决定需要网络安全事件响应,则应适用 13.3。
|
9.Concept
|
RQ-09-01
| The following information on the item shall be identified:
a) item boundary;
b) item functions; and
c) preliminary architecture.
|
应识别相关项的以下信息:
a)相关项边界;
b)相关项功能;和
c)初步架构。
|
RQ-09-02
| Information about the operational environment of the item relevant to cybersecurity shall be described.
|
应描述与网络安全有关的相关项的运行环境信息。
|
RQ-09-03
| An analysis based on the item definition shall be performed that involves:
a) asset identification in accordance with 15.3;
b) threat scenario identification in accordance with 15.4;
c) impact rating in accordance with 15.5;
d) attack path analysis in accordance with 15.6;
e) attack feasibility rating in accordance with 15.7; and
f ) risk value determination in accordance with 15.8.
|
应根据相关项定义进行分析,包括:
a)按照15.3进行资产识别;
b)按照15.4进行威胁场景识别;
c)按照15.5进行影响等级评级;
d)按照15.6进行攻击路径分析;
e)按照15.7进行攻击可行性评级;和
f)按照15.8确定风险值。
|
RQ-09-04
| Based on the results of [RQ-09-03], risk treatment options shall be determined for each threat scenario in accordance with 15.9.
|
根据[RQ-09-03]的结果,应根据15.9确定每种威胁场景的风险处理选项。
|
RQ-09-05
| If the risk treatment decision for a threat scenario includes reducing the risk, then one or more corresponding cybersecurity goals shall be specified.
|
如果针对威胁场景的风险处理决策包括降低风险,则应明确一个或多个相应的网络安全目标。
|
RQ-09-06
| If the risk treatment decision for a threat scenario includes:
a) sharing the risk; or
b) retaining the risk due to one or more assumptions used during the analysis of [RQ-09-03],then one or more corresponding cybersecurity claims shall be specified.
|
如果威胁场景的风险处理决策包括:
a) 转移风险;或
b) 保留由于[RQ-09-03]分析过程中使用的一项或多项假设而产生的风险,然后应指定一项或多项相应的网络安全声明。
|
RQ-09-07
| A verification shall be performed to confirm:
a) correctness and completeness of the result of [RQ-09-03] with respect to the item definition;
b) completeness, correctness and consistency of the risk treatment decisions of [RQ-09-04] with respect to the results of [RQ-09-03];
c) completeness, correctness and consistency of the cybersecurity goals of [RQ-09-05] and of the cybersecurity claims of [RQ-09-06] with respect to the risk treatment decisions of [RQ-09-04]; and
d) consistency of all cybersecurity goals of [RQ-09-05] and cybersecurity claims of [RQ-09-06] of the item.
|
应进行验证以确认:
a) [RQ-09-03]结果关于相关项定义的正确性和完整性;
b) [RQ-09-04]的风险处理决策相对于[RQ-09-03]的结果的完整性、正确性和一致性;
c) [RQ-09-05]的网络安全目标和[RQ-09-06]的网络安全声明相对于[RQ-09-04]的风险处理决策的完整性、正确性和一致性; 和
d) 该相关项的所有网络安全目标[RQ-09-05]和的网络安全声明[RQ-09-06]的一致性。
|
RQ-09-08
| Technical and/or operational cybersecurity controls and their interactions to achieve the cybersecurity goals shall be described, taking into account:
a) dependencies between the functions of the item; and/or
b) cybersecurity claims.
|
应描述技术和/或操作网络安全控制及其为实现网络安全目标的相互作用,同时考虑到:
a)相关项功能之间的依赖关系;和/或
b)网络安全声明。
|
RQ-09-09
| Cybersecurity requirements of the item and requirements on the operational environment shall be defined for the cybersecurity goals in accordance with the description of [RQ-09-08].
|
网络安全目标应按照[RQ-09-08]的描述定义该相关项的网络安全要求和运行环境要求。
|
RQ-09-10
| The cybersecurity requirements shall be allocated to the item, and if applicable to one or more of its components.
|
网络安全要求应分配给该相关项,如果适用的话,也应分配给其一个或多个组件。
|
RQ-09-11
| The results of [RQ-09-08], [RQ-09-09] and [RQ-09-10] shall be verified to confirm:
a) completeness, correctness, and consistency with respect to cybersecurity goals; and
b) consistency with respect to cybersecurity claims.
|
应验证[RQ-09-08]、[RQ-09-09]和[RQ-09-10]的结果以确认:
a) 网络安全目标的完整性、正确性和一致性; 和
b) 网络安全声明的一致性。
|
10.Product Development
|
RQ-10-01
| Cybersecurity specifications shall be defined based on:
a) cybersecurity specifications from higher levels of architectural abstraction;
b) cybersecurity controls selected for implementation, if applicable; and
c) existing architectural design, if applicable.
|
网络安全规范的定义应基于:
a) 来自更高层次的架构抽象的网络安全规范;
b) 选择实施的网络安全控制措施(如果适用); 和
c) 现有的架构设计(如果适用)。
|
RQ-10-02
| The defined cybersecurity requirements shall be allocated to components of the architectural design.
|
定义的网络安全要求应分配给架构设计的组成部分。
|
RQ-10-03
| Procedures to ensure cybersecurity after the development of the component shall be specified, if applicable.
|
应指定组件开发后确保网络安全的程序(如适用)。
|
RQ-10-04
| If design, modelling or programming notations or languages are used for the cybersecurity specifications or their implementation, the following shall be considered when selecting such a notation or language:
a) an unambiguous and comprehensible definition in both syntax and semantics;
b) support for achievement of modularity, abstraction and encapsulation;
c) support for the use of structured constructs;
d) support for the use of secure design and implementation techniques;
e) ability to integrate already existing components; and
f ) resilience of the language against vulnerabilities due to its improper use.
|
如果网络安全规范或其实现使用设计、建模或编程符号或语言,则在选择此类符号或语言时应考虑以下因素:
a) 语法和语义上明确且易于理解的定义;
b) 支持实现模块化、抽象和封装;
c) 支持使用结构化结构;
d) 支持安全设计和实施技术的使用;
e) 集成现有组件的能力; 和
f) 语言针对因使用不当而导致的漏洞的恢复能力。
|
RQ-10-05
| Criteria (see [RQ-10-04]) for suitable design, modelling or programming languages for cybersecurity that are not addressed by the language itself shall be covered by design, modelling and coding guidelines, or by the development environment.
|
语言本身未解决的适用于网络安全的设计、建模或编程语言的标准(参见 [RQ-10-04])应由设计、建模和编码指南或开发环境应涵盖。
|
RC-10-06
| Established and trusted design and implementation principles should be applied to avoid or minimize the introduction of weaknesses.
|
应应用既定且值得信赖的设计和实施原则,以避免或最大限度地减少弱点的引入。
|
RQ-10-07
| The architectural design defined in [RQ-10-01] shall be analysed to identify weaknesses.
|
应分析[RQ-10-01]中定义的架构设计以识别弱点。
|
RQ-10-08
| The defined cybersecurity specifications shall be verified to ensure completeness, correctness, and consistency with the cybersecurity specifications from higher levels of architectural abstraction.
|
定义的网络安全规范应经过验证,以确保完整性、正确性以及与更高架构抽象级别的网络安全规范的一致性。
|
RQ-10-09
| Integration and verification activities shall verify that the implementation and integration of components fulfil the defined cybersecurity specifications.
|
集成和验证活动应验证组件的实施和集成是否满足定义的网络安全规范。
|
RQ-10-10
| The integration and verification activities of [RQ-10-09] shall be specified considering:
a) the defined cybersecurity specifications;
b) configurations intended for series production, if applicable;
c) sufficient capability to support the functionality specified in the defined cybersecurity specifications; and
d) conformity with the modelling, design and coding guidelines of [RQ-10-05], if applicable.
|
[RQ-10-09] 的集成和验证活动应考虑以下因素来指定:
a) 定义的网络安全规范;
b) 用于批量生产的配置(如果适用);
c) 有足够的能力支持所定义的网络安全规范中指定的功能; 和
d) 符合[RQ-10-05]的建模、设计和编码指南(如果适用)。
|
RQ-10-11
| If verification by testing is adopted, test coverage shall be evaluated using defined test coverage metrics to determine sufficiency of the test activities.
|
如果采用测试验证,则应使用定义的测试覆盖率指标来评估测试覆盖率,以确定测试活动的充分性。
|
RC-10-12
| Testing should be performed in order to confirm that unidentified weaknesses and vulnerabilities remaining in the component are minimized.
|
应进行测试,以确认组件中剩余的未识别的弱点和漏洞已最小化。
|
RQ-10-13
| If testing in accordance with [RC-10-12] is not performed, then a rationale shall be provided.
|
如果未按照 [RC-10-12] 进行测试,则应提供理由。
|
11.Cybersecurity Validation
|
RQ-11-01
| Validation activities at the vehicle level for the item considering the configurations for series production shall confirm:
a) adequacy of the cybersecurity goals with respect to the threat scenarios and corresponding risk;
b) achievement of the cybersecurity goals of the item;
c) validity of the cybersecurity claims; and
d) validity of the requirements on the operational environment, if applicable.
|
考虑批量生产配置的相关项在车辆级别的验证活动应确认:
a) 网络安全目标对于威胁场景和相应风险的充分性;
b) 实现该相关项的网络安全目标;
c) 网络安全声明的有效性; 和
d) 运行环境要求的有效性(如果适用)。
|
RQ-11-02
| A rationale for the selection of validation activities shall be provided.
|
应提供选择验证活动的理由。
|
12.Production
|
RQ-12-01
| A production control plan shall be created that applies the cybersecurity requirements for post-development.
|
应制定生产控制计划,以应用开发后的网络安全要求。
|
RQ-12-02
| The production control plan shall include:
a) sequence of steps that apply the cybersecurity requirements for post-development;
b) production tools and equipment;
c) cybersecurity controls to prevent unauthorized alteration during production; and
d) methods to confirm that the cybersecurity requirements for post-development are met.
|
生产控制计划应包括:
a)开发后阶段应用网络安全要求的步骤;
b)生产工具和设备;
c)网络安全控制,防止生产过程中未经授权的变更;和
d)确认满足开发后阶段网络安全要求的方法。
|
RQ-12-03
| The production control plan shall be implemented.
|
应实施生产控制计划。
|
13.Operations and Maintenance
|
RQ-13-01
| For each cybersecurity incident, a cybersecurity incident response plan shall be created that includes:
a) remedial actions;
b) a communication plan;
c) assigned responsibilities for the remedial actions;
d) a procedure for recording new cybersecurity information relevant to the cybersecurity incident;
e) a method for determining progress;
f) criteria for closure of the cybersecurity incident response; and
g) actions for the closure.
|
对于每个网络安全事件,应制定网络安全事件响应计划,其中包括:
a) 补救措施;
b) 沟通计划;
c) 指定补救措施的责任;
d) 记录与网络安全事件相关的新网络安全信息的程序;
e) 确定进度的方法;
f) 网络安全事件响应结束的标准; 和
g) 关闭行动。
|
RQ-13-02
| The cybersecurity incident response plan shall be implemented.
|
应实施网络安全事件响应计划。
|
RQ-13-03
| Updates and update-related capabilities within the vehicle shall be developed in accordance with this document.
|
车辆内的更新和更新相关功能应根据本标准进行开发。
|
14.End of Cybersecurity Support and Decommissioning
|
RQ-14-01
| A procedure shall be created to communicate to customers when an organization decides to end cybersecurity support for an item or component.
|
当组织决定终止对某个相关项或组件的网络安全支持时,应创建一个程序来与客户进行沟通。
|
RQ-14-02
| The cybersecurity requirements for post-development with regard to decommissioning shall be made available.
|
应提供与退役相关的开发后网络安全要求。
|
15.Threat Analysis and Risk Assessment Methods
|
RQ-15-01
| Damage scenarios shall be identified.
|
应识别损害场景
|
RQ-15-02
| Assets with cybersecurity properties whose compromise leads to a damage scenario shall be identified.
|
应识别具有网络安全属性且其损害会导致损害场景的资产。
|
RQ-15-03
| Threat scenarios shall be identified and include:
— targeted asset;
— compromised cybersecurity property of the asset; and
— cause of compromise of the cybersecurity property.
|
应识别威胁场景,包括:
-目标资产;
-损害资产的网络安全属性;和
-网络安全属性受损的原因。
|
RQ-15-04
| The damage scenarios shall be assessed against potential adverse consequences for road users in the impact categories of safety, financial, operational, and privacy (S, F, O, P) respectively.
|
应分别根据安全、财务、运营和隐私(S、F、O、P)影响类别对道路使用者造成的潜在不利后果来评估损害情景。
|
RQ-15-05
| The impact rating of a damage scenario shall be determined for each impact category to be one of the following:
— severe;
— major;
— moderate; or
— negligible.
|
损害场景的影响等级应针对每个影响类别确定为以下之一:
-严重
-重大
-中等
-可忽略
|
RQ-15-06
| Safety related impact ratings shall be derived from ISO 26262-3:2018, 6.4.3.
|
与安全相关的影响评级应根据ISO 26262-3:2018, 6.4.3得出。
|
PM-15-07
| If a damage scenario results in an impact rating and an argument can be made that every impact of another impact category is considered less critical, then further analysis for that other impact category may be omitted.
|
如果损害场景产生影响评级,并且可以提出另一个影响类别的每个影响被认为不太重要的论点,则可以忽略对该其他影响类别的进一步分析。
|
RQ-15-08
| The threat scenarios shall be analysed to identify attack paths.
|
应分析威胁场景以确定攻击路径。
|
RQ-15-09
| An attack path shall be associated with the threat scenarios that can be realized by the attack path.
|
攻击路径应与该攻击路径能够实现的威胁场景相关联。
|
RQ-15-10
| For each attack path, the attack feasibility rating shall be determined as described in Table1
|
对于每条攻击路径,攻击可行性评级应按表1所述确定
|
RC-15-11
| The attack feasibility rating method should be defined based on one of the following approaches:
a) attack potential-based approach;
b) CVSS-based approach; or
c) attack vector-based approach.
|
攻击可行性评级方法应基于以下方法之一来定义:
a) 基于攻击潜力的方法;
b) 基于 CVSS 的方法; 或者
c) 基于攻击向量的方法。
|
RC-15-12
| If an attack potential-based approach is used, the attack feasibility rating should be determined based on core factors including:
a) elapsed time;
b) specialist expertise;
c) knowledge of the item or component;
d) window of opportunity; and
e) equipment.
|
如果使用基于攻击潜力的方法,则应根据核心因素确定攻击可行性评级,包括:
a)经过的时间;
b) 专业知识;
c) 对物品或部件的了解;
d) 机会窗口; 和
e) 设备。
|
RC-15-13
| If a CVSS-based approach is used, the attack feasibility rating should be determined based on the exploitability metrics of the base metric group, including:
a) attack vector;
b) attack complexity;
c) privileges required; and
d) user interaction.
|
如果使用基于 CVSS 的方法,则应根据基本指标组的可利用性指标来确定攻击可行性评级,包括:
a) 攻击向量;
b) 攻击复杂性;
c) 所需的特权; 和
d) 用户交互。
|
RC-15-14
| If an attack vector-based approach is used, the attack feasibility rating should be determined based on evaluating the predominant attack vector (cf. CVSS [24] 2.1.1) of the attack path.
|
如果使用基于攻击向量的方法,则应根据评估攻击路径的主要攻击向量(参见 CVSS [24] 2.1.1)来确定攻击可行性评级。
|
RQ-15-15
| For each threat scenario the risk value shall be determined from the impact of the associated damage scenarios and the attack feasibility of the associated attack paths.
|
对于每个威胁场景,风险值应根据相关损害场景的影响和相关攻击路径的攻击可行性来确定。
|
RQ-15-16
| The risk value of a threat scenario shall be a value between (and including) 1 and 5, where a value of 1 represents minimal risk.
|
威胁场景的风险值应为 1 至 5(含)之间的值,其中 1 表示风险最小。
|
RQ-15-17
| For each threat scenario, considering its risk values, one or more of the following risk treatment option(s) shall be determined:
a) avoiding the risk;
b) reducing the risk;
c) sharing the risk;
d) retaining the risk.
|
对于每种威胁场景,考虑其风险值,应确定以下一个或多个风险处理选项:
a)规避风险;
b)缓解风险;
c)转移风险;
d)保留风险。
|
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜
