Part 105: Risk-based assessment and handling of IT-security vulnerabilities and incidents
Class/Status:
Draft,
valid
Released: 2023 -10 Published:
2023-09 -29
VDE Art. No.: 1800855
End of objection deadline:
2024-01-29
This document is applicable to safetyrelated electrical, electronic and programmable electronic (E/E/PES) systems including subsystems and equipment for electrical railway signalling systems. This document describes activities and methods with the aim of specifying a procedure for handling IT security vulnerabilities and incidents. Risk-based statements on implementation times for measures are also specified for this purpose. This document is applicable to the assessment and handling of risks arising from IT security threats as a result of security gaps. It does not address vulnerabilities in functional security or physical access. It also does not address vulnerabilities caused solely by the fact that, in the case of time-limited documents which were the basis for bringing the system into operation, expired. Suitable processes for the timely extension / renewal of these bases are to be defined elsewhere. Only the basic steps are explained, the details must be regulated in the applied guidelines and processes at the operator / manufacturer.
This Document is related to the following Topics (in bold):
We use cookies on our website. Some are necessary, while others help us to improve website performance and are used to provide personalized advertising.
For more information, please see our
data protection policy.
Individual Cookie Settings
Necessary Cookies
cookie_consent (Validity: 1 year)
PHPSESSID (Temporary, is removed when the browser is closed)
