BS PAS 11281:2018 - Connected automotive ecosystems. Impact of security on safety. Code of practice

What is PAS 11281 - Security on safety in connected automotive ecosystems about?
PAS 11281 is the international standard on road vehicles that gives recommendations for managing security risks that might lead to a compromise of safety in a connected automotive ecosystem. The ecosystem includes vehicles as well as road-side and other static infrastructure, communication channels between vehicles and infrastructure, servicing and repair facilities, digital services, data and information and other services that support the proper operation of road transport. PAS 11281 applies to risks that can affect a single system, a few systems or are on a small scale. PAS 11281 also gives recommendations for managing systemic risks – wider risks that might appear small, but which become more significant when interdependencies are considered and where the vulnerability of a single or a few entities poses a more widespread risk. NOTE 1: PAS 11281 covers both the entire connected automotive ecosystem and its constituent systems throughout their lifetimes. NOTE 2: All levels of vehicle automation and autonomy are covered in PAS 11281.

Who is PAS 11281 - Security on safety in connected automotive ecosystems for?

PAS 11281 on the connected automotive ecosystem is useful for:

• Manufacturers of vehicle subsystems
• Vehicle manufacturers
• Maintenance organizations
• Infrastructure operators
• Owners of large vehicle fleets
• Digital service providers

Why should you use PAS 11281 - Security on safety in connected automotive ecosystems?
The connected automotive ecosystem encompasses vehicles and all assets and activities that support the proper functioning of road transport and other off-road systems. PAS 11281 provides the security policy, organization and culture as well as the responsibility and accountability for security-informed safety issues. Risk management and asset management are described in PAS 11281 that is required to deliver, maintain or support the security and safety of the organization’s products, systems and services. Security-aware development process all safety-relevant services or products are also given in PAS 11281. PAS 11281 guides you through effective defences measures to protect the assets, systems and services that are under control and that affect the safety of the connected automotive ecosystem against attack. PAS 11281 specifies an incident management plan to manage events that indicate potential risk to the safety of their assets, products, systems and services. Secure and safe design principles of safety systems are also specified in PAS 11281. Overall, PAS 11281 helps you in the manufacturing of connected and autonomous vehicles ecosystem ensuring the security-related risks in the products, services or activities that don’t pose an unacceptable safety risk in the physical world. © BSI 2022 All rights reserved

The information about this standard has been compiled by the AI Standards Hub, an initiative dedicated to knowledge sharing, capacity building, research, and international collaboration in the field of AI standards. You can find more information and interactive community features related to this standard by visiting the Hub’s AI standards database here. To access the standard directly, please visit the developing organisation’s website.