本文件规定了网络安全风险管理的工程要求，涉及道路车辆电气和电子（E/E）系统（包括其部件和接口）的概念、产品开发、生产、操作、维护和退役。定义了一个框架，其中包括网络安全流程的要求，以及沟通和管理网络安全风险的通用语言。本文件适用于批量生产的道路车辆E/E系统，包括其部件和接口，其开发或修改在本文件出版后开始。本文件未规定与网络安全相关的具体技术或解决方案。

This document specifies engineering requirements for cybersecurity risk management regarding concept, product development, production, operation, maintenance and decommissioning of electrical and electronic (E/E) systems in road vehicles, including their components and interfaces.A framework is defined that includes requirements for cybersecurity processes and a common language for communicating and managing cybersecurity risk.This document is applicable to series production road vehicle E/E systems, including their components and interfaces, whose development or modification began after the publication of this document.This document does not prescribe specific technology or solutions related to cybersecurity.