New government guidance coming out of the UK will require automobile engineers to make sure their connected and automated vehicles are better protected from hackers.
On Sunday, the British government unveiled new requirements for engineers working on connected cars and smart vehicles that aim to harden their protections against cyberattacks. Smart vehicles are "increasingly becoming the norm on British roads," and engineers must strengthen their defenses against hacking, a UK government press release said.
While these new vehicles offer a host of modern features, hackers can target smart cars "to access personal data, steal cars that use keyless entry, or even take control of technology for malicious reasons," the release said.
As such, the new government guidance, Principles of cyber security for connected and automated vehicles, seeks to provide an outline for what good security looks like in the automotive sector. The principles are built on a few key concepts that explain where security is governed and promoted, how risks are to be assessed, how organizations will respond to incidents, how companies can work together to fight attacks, and how software and systems should be designed and managed.
With these principles in place, automakers may find themselves having to change or update their design and manufacturing process. As part of the new guidance, manufacturers will need to add in defenses against cyberthreats from the get-go.
"Risks of people hacking into the technology might be low, but we must make sure the public is protected," Transport Minister Lord Callanan said in the release. "Whether we're turning vehicles into wifi connected hotspots or equipping them with millions of lines of code to become fully automated, it is important that they are protected against cyber-attacks."
The UK government is also looking into insurance options for autonomous vehicles as well, under a new Autonomous and Electric Vehicles Bill. According to the Queen, in her speech during the June State Opening of Parliament, the bill would "allow innovation to flourish and ensure the next wave of self-driving technology is invented, designed and operated safely in the UK."
In addition to looking at changes to automobile insurance, the bill also allows for infrastructure to be built in support of these vehicles, including charging stations for electric vehicles.
Mike Hawes, chief executive of the Society of Motor Manufacturers and Traders, said in the press release that he is pleased to see the government working to effectively support the future of connected and autonomous cars. "These vehicles will transform our roads and society, dramatically reducing accidents and saving thousands of lives," Hawes said in the release.
The 3 big takeaways for TechRepublic readers
- The UK government announced new guidance to improve connected car cybersecurity, offering principles for engineering and development.
- The new principles address software and systems management, as well as the assessment of risks and how organizations can respond to incidents.
- The UK government also recently announced an Autonomous and Electric Vehicles Bill that aims to address insurance and infrastructure for these next-generation vehicles.
- Connected cars provide big value, but major risks, for automakers (TechRepublic)
- Three years until connected cars are cyberattack-proof? (ZDNet)
- Why the age of connected cars presents a 'very real threat' in cybersecurity (TechRepublic)
- Why the connected car is one of this generation's biggest security risks (ZDNet)
- Complete WiFi and Network Ethical Hacking Course 2017 (TechRepublic Academy)