本SAE标准建立了以下实践: 一个 利用系统工程原理，在信息物理系统（CPS）的整个生命周期中管理风险并确保其安全性； b 评估网络物理系统安全（CPSS）目标和要求的影响； c 评估CPS技术有效性和功能的安全风险，并解决弱点和漏洞； d 解决各种考虑领域（见 3.1 ）考虑到可能对CPSS或CPS设计目的产生负面影响的系统运行条件、命令和控制、配置管理（参见SAE EIA649）等； 和 执行设计确认和验证，以评估CPS的安全性和风险。

This SAE Standard establishes practices to: a Manage risk and ensure security of a cyber-physical system (CPS) throughout its life cycle by utilizing systems engineering principles; b Assess the impact of cyber-physical systems security (CPSS) objectives and requirements; c Assess the security risks to CPS technical effectiveness and functions, and address weaknesses and vulnerabilities; d Address various domains of consideration (see 3.1 ) that take into account operating conditions of the system, command and control, configuration management (refer to SAE EIA649), etc., that could negatively impact CPSS or CPS-designed purpose; e Perform design validation and verification to assess security and risk of the CPS.