Last edited 27 Oct 2016

PAS 1192-5:2015

PAS 1192-5:2015 Specification for security-minded building information modelling, digital built environments and smart asset management, was published in draft form for comment by the British Standards Institute (BSI) on 2 February 2015. The final version was published on 23 May 2015 and came into effect on 31 May 2015. It was sponsored by the Centre for the Protection of National Infrastructure (CPNI) and was developed with the BIM Task Group's security working group.

PAS 1192 5 cover.jpg

Publicly Available Specifications (PAS) are fast-track standards, specifications, codes of practice or guidelines developed by sponsoring organisations to meet an immediate market need, following guidelines set out by the British Standards Institution. Within 2 years they are reviewed to assess whether they should be revised, withdrawn, or become formal British Standards or international standards.

PAS 1192-5 is one of a suite of standards that supports building information modelling (BIM), including

See BIM standards for more information.

It is applicable to any built assets where asset information is created, stored, processed and viewed in digital form, as well as the capture of digital survey data.

The introduction states that, 'This PAS provides a framework to assist asset owners and stakeholders in understanding the key vulnerability issues and the nature of the controls required to enable the trustworthiness and security of digitally built assets within the built environment. Its purpose is not in any way to undermine the collaboration upon which BIM and asset management systems are centred, but to ensure that information is being shared in a security-minded fashion. It encourages the adoption of a pragmatic, proportionate need-to-know approach to the sharing and publication of that information about built assets that could be exploited by those with hostile or malicious intent.'

Hugh Boyes, cyber security lead at the Institution of Engineering and Technology suggested that the need for the PAS became clear after feedback from early adopters of BIM. Ref BIM+_Cyber security threats trigger need for new PAS 1192-5 12 November 2014.

The PAS outlines security threats to information during the full life-cycle of built assets, from conception to disposal, and establishes procedures necessary to create a security mind-set and culture within an organisation.

The BIM Task Group suggest that the PAS "...will assist organisations in identifying and implementing appropriate and proportionate measures to reduce the risk of loss or disclosure of information which could impact on the safety and security of:

It explains the need for, and application of, trustworthiness and security controls throughout a built asset's lifecycle including:

  • Safety.
  • Authenticity.
  • Availability.
  • Confidentiality.
  • Integrity.
  • Possession.
  • Resilience.
  • Utility.

It provides guidance on:

[edit] Find out more

[edit] Related articles on Designing Buildings Wiki

[edit] External references