NHTSA is seeking public comment on guidance related to cybersecurity best practices for vehicle safety, the agency said Friday.
The draft guidance is an update to a document published in 2016 that includes recommendations on cybersecurity that have safety implications for vehicles and vehicle equipment. The document is intended to be a resource for the industry and covers various safety-related cybersecurity issues, the agency said.
“Automotive technology has developed to such an extent that today’s vehicles are some of the most complex computerized products available to consumers,” NHTSA said in the document. “Enhanced wireless connectivity and continued innovations in electronic control systems introduce substantial benefits to highway transportation safety, mobility, and efficiency.”
With the proliferation of computer-based control systems, software, connectivity and other technological advancements in today’s vehicles, the agency said, “threats … could jeopardize benefits if the new safety risks are not appropriately addressed.”
NHTSA said the latest update reflects findings from its ongoing research in vehicle cybersecurity such as over-the-air updates, encryption methods and insights gained from public comments in response to the 2016 guidance.
“Vehicle cybersecurity has high stakes,” NHTSA Deputy Administrator James Owens said in a statement. “The safety and security of everyone on our roads depend on it. We have learned a great deal in the past four years, and I encourage feedback on the 2020 edition.”
The agency also has partnered with the Automotive Information Sharing and Analysis Center — an organization formed by automakers in 2014 to share and analyze intel on cybersecurity risks to vehicles — to develop new training for cybersecurity professionals. The group’s members include most major automakers as well as suppliers and tech companies.
