在安全即插即用互操作性的背景下，网络安全是 防止未经授权访问或修改、误用、拒绝使用或未经授权使用存储在PHD/PoCD上、从PHD/PoCD访问或传输至PHD/PoCD的信息。网络安全的能力部分是与数字数据以及与安全性和可用性的关系相关的信息安全控制。对于博士/博士生，本标准为特定用例或满足特定标准的时间定义了应用层网络安全缓解技术的安全基线。 本标准提供了适用于PHD/PoCD接口的可扩展信息安全工具箱，满足国家标准与技术研究所（NIST）和欧洲网络与信息安全局（ENISA）的要求和建议。本标准映射到NIST网络安全框架[B15]；IEC TR 80001-2-2[B8]；以及欺骗、篡改、否认、信息泄露、拒绝服务和特权提升（STRIDE）分类方案。缓解技术基于扩展的CIA三元组（第4条），一般描述为允许制造商确定最合适的算法和实现。

Within the context of secure plug-and-play interoperability, cybersecurity is the process and capability of preventing unauthorized access or modification, misuse, denial of use, or the unauthorized use of information that is stored on, accessed from, or transferred to and from a PHD/PoCD. The capability part of cybersecurity is information security controls related to both digital data and the relationships to safety and usability. For PHDs/PoCDs, this standard defines a security baseline of application layer cybersecurity mitigation techniques for certain use cases or for times when certain criteria are met. This standard provides a scalable information security toolbox appropriate for PHD/PoCD interfaces, which fulfills the intersection of requirements and recommendations from National Institute of Standards and Technology (NIST) and the European Network and Information Security Agency (ENISA). This standard maps to the NIST cybersecurity framework [B15]; IEC TR 80001-2-2 [B8]; and the Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege (STRIDE) classification scheme. The mitigation techniques are based on the extended CIA triad (Clause 4) and are described generally to allow manufacturers to determine the most appropriate algorithms and implementations.