Changes are on the way for the cybersecurity concerns in the automotive industry, with the National Highway and Traffic Safety Administration (NHTSA) releasing an update to their Cybersecurity Best Practices for the Safety of Modern Vehicles.
The 2020 update on the document was based on agency research, industry progress, and public comments received on the previous version. The update also built on automotive cybersecurity issues that researchers discovered over the past four years. The best practices also used evolving industry standards and best practices developed by the Automotive Information Sharing and Analysis through its members.
“Vehicle cybersecurity has high stakes. The safety and security of everyone on our roads depend on it. We have learned a great deal in the past four years, and I encourage feedback on the 2020 edition,” said NHTSA Deputy Administrator James Owens.
NHTSA's update aligned with the UN regulations on cybersecurity and software update released in June 2020. These updates aimed to help tackle cybersecurity risks by creating precise performance and audit requirements for car manufacturers. The two new regulations were also adopted by the United Nations Economic Commission for Europe’s (UNECE) World Forum for Harmonization of Vehicle Regulations. The two new regulations also require that measures be applied in four distinct disciplines:
The NHSTA document also included 43 general best practice recommendations and 14 with specific references to ISO/SAE 21434. ISO/SAE 21434 guides the automotive industry, which aids in navigating automotive cybersecurity so that organizations can mitigate risks and strengthen their cyber resilience.
Fourteen other recommendations from the NHTSA can also be directly mapped to 21434, with four other recommendations that would be highly liked covered by the results of the 21434 processes.
To learn more about ISO/SAE 21434 and how it sets the standard for the cybersecurity of connected cars, read Trend Micro’s exclusive white paper. It discusses the importance of cybersecurity in the connected car industry and provides approaches to securing connected cars as recommended by experts.
Author: Ericka Pingol