The UK government has released guidelines regarding automotive cybersecurity. The document named as ” Principles of cyber security for connected and automated vehicles” was released by the Department for Transport and Centre for the Protection of National Infrastructure.
The quick start guide to vehicle cyber security lists the 8 principles:
- organisational security is owned, governed and promoted at board level
- security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain
- organisations need product aftercare and incident response to ensure systems are secure over their lifetime
- all organisations, including sub-contractors, suppliers and potential 3rd parties, work together to enhance the security of the system
- systems are designed using a defence-in-depth approach
- the security of all software is managed throughout its lifetime
- the storage and transmission of data is secure and can be controlled
- the system is designed to be resilient to attacks and respond appropriately when its defences or sensors fail
As we move towards connected vehicles it has become crucial to take the correct steps to make them cyber secure. The instances of hacking and stealing of valuable data need to be combated and for that, there needs to be a consensus among the various stakeholders so that high parameters of security are set and here the government has to play a big role.