本文将由亚远景科技为您带来ISO/SAE21434网络安全PART 6与ASPICE管理域具体条款Mapping解读（六）Off-the-shelf Component。

1.ISO/SAE21434网络安全PART 6与ASPICE管理域具体条款Mapping解读（六）Off-the-shelf Component

ISO/SAE21434 6.4.6 Off-the-shelf Component

[RQ-06-21] When integrating an off-the-shelf component, the cybersecurity-relevant documentation shall be gathered and analysed to determine whether：在集成现成组件时，应收集和分析与网络安全相关的文档，以确定是否:

a) allocated cybersecurity requirements can be fulfilled 分配的网络安全需求能够被满足

b) the component is suitable for the specific application context of the intended use该组件适用于预期用途的特定应用环境

c) existing documentation is sufficient to support the cybersecurity activities

现有文档足以支持网络安全活动

[RQ-06-22] If the existing documentation is insufficient to support the integration of the off-the-shelf component, then the cybersecurity activities to conform with this document shall be identified and performed

如果现有文件不足以支持现成组件的集成，则应识别并执行符合本文档要求的网络安全活动

ASPICE MAN.3 BP1

Define the scope of work 定义工作范围

CS SPICE SEC.4

Risk Treatment Validation 风险处理验证

ASPICE SUP.8

Configuration Management 配置管理

以上就是亚远景科技带来的ISO/SAE21434网络安全PART 6与ASPICE管理域具体条款Mapping解读（六）Off-the-shelf Component。

亚远景科技，专注于ASPICE,ISO26262,ISO21434等相关培训、咨询和评估认证服务。