本SAE标准确立了以下实践:利用系统工程原理，评估风险并确保网络物理系统（CPS）在其整个生命周期内的安全性；b评估网络物理系统安全（CPSS）目标和要求的影响；评估CP技术有效性和功能的安全风险，并解决弱点和漏洞；d考虑可能对CP或CP设计目的产生负面影响的系统运行条件、命令和控制、配置管理（参考SAE EIA649）等各个考虑领域（见3.1）；E执行设计验证和验证，以评估CP的安全性和风险。

This SAE Standard establishes practices to:aManage risk and ensure security of a cyber-physical system (CPS) throughout its life cycle by utilizing systems engineering principles;bAssess the impact of cyber-physical systems security (CPSS) objectives and requirements;cAssess the security risks to CPS technical effectiveness and functions, and address weaknesses and vulnerabilities;dAddress various domains of consideration (see3.1) that take into account operating conditions of the system, command and control, configuration management (refer to SAE EIA649), etc., that could negatively impact CPSS or CPS-designed purpose;ePerform design validation and verification to assess security and risk of the CPS.