Manufacturing. Establishing and implementing a security-minded approach. Specification

Abstract

This PAS specifies requirements for the security-minded management of manufacturing organizations and the associated value chain utilizing information, digital technologies and associated control systems for the design, production, operation, maintenance and disposal of products and systems. These requirements aim to protect organizational reputation and liability, intellectual property, safety and security of manufacturing assets, and the integrity and value of the manufactured items

© British Standards Institution 2022

Scope

What is this PAS about?

UK manufacturing has gained a lot from the adoption of digital technologies but with these technologies and digital exchanges of information comes related threats, for instance from cybersecurity breaches and IP theft. To help manufacturing organizations and their suplly chain guard against these threats Innovate UK – the innovation agency of the UK Government – has sponsored this PAS. It provides free requirements on how to recognize, manage and mitigate the potential risks and hazards posed by the widespread adoption of digital solutions in the manufacturing value chain.

Who is this PAS for?

It applies to any manufacturing organization and its ecosystem where manufacturing information is processed and used in digital form. Specifically, it will be used by:

• Manufacturers of products and systems and their associated supply chains
• Senior executive managers
• Operational managers
• Engineers
• Small and medium-sized enterprises
• It might also be of use to insurers and trainers

Why should you use this PAS?

It specifies requirements for the security-minded management of manufacturing organizations and their associated value chains wherever information, digital technologies and associated control systems for the design, production, operation, maintenance and disposal of products and systems are in use.

These requirements aim to protect organizational reputation and liability, intellectual property, safety and security of manufacturing assets, and the integrity and value of the manufactured items.

The PAS covers:

• How to identify security threats throughout the manufacturing value chain and product lifecycle: design; manufacture (including processing and mixing); commissioning and handover; operation and maintenance; performance management; change of use/modification; and disposal
• Security issues around people, physical security, process and technology within the digital ecosystem that the organization and its supporting supply chain operate
• The need for, and application of, trustworthiness and security controls throughout a manufacturing value chain to deliver a holistic approach encompassing: safety; authenticity; availability (including reliability); confidentiality; integrity; possession; resilience; and utility
• The steps required to create and cultivate an appropriate security mind-set and culture within a manufacturing organization and across its supply chain, including the need to monitor, audit and evaluate effectiveness

NOTE: This PAS aligns with the approach advocated by the Centre for the Protection of National Infrastructure (CPNI) for raising security mindedness across sectors. © British Standards Institution 2022

External Links