scope:

This document specifies requirements for cybersecurity risk management regarding engineering for concept, development, production, operation, maintenance, and decommissioning for road vehicle electrical and electronic (E/E) systems, including their components and interfaces. A framework is defined that includes requirements for cybersecurity processes and a common language for communicating and managing cybersecurity risk. This document is applicable to series production road vehicle E/E systems, including their components and interfaces whose development or modification began after the publication of the document. This document does not prescribe specific technology or solutions related to cybersecurity.