Connected Vehicle Cybersecurity Services

Balancing innovation and risk for the road ahead

The safety of vehicles has long been a concern of regulators, suppliers, original equipment manufacturers, and consumers. Traditionally, understanding the safety impacts of a vehicle was based on safety risk assessments and testing. As a result of innovation, vehicles began to include advanced technology. This technology introduced a new risk area and an imperative consideration when determining the reliability, resilience, and trustworthiness of a vehicle: cybersecurity.

Cybersecurity threats demand attention since they pose new risks to safety, security, and privacy. A significant challenge associated with these cyber threats is to balance the functionality that is improving and transforming performance and user acceptance with the associated risks.

Regulators, suppliers, original equipment manufacturers, and consumers are waking up to these connected vehicle risks and have begun to put processes in place to manage this risk. Standards and guidelines are now being developed to assist these stakeholders in playing their part to secure connected vehicles. The National Highway Traffic Safety Administration (NHTSA) has issued two sets of guidance for automotive cybersecurity in "Cybersecurity Leading practices for Modern Vehicles"¹ and "Automated Driving Systems: A Vision for Safety 2.0."² These guides address cybersecurity practices suppliers and original equipment manufacturers can put in place both at a programmatic level (e.g., risk assessment, security testing, vulnerability reporting/disclosure) and at a product/vehicle level (e.g., cybersecurity design controls).

¹ https://www.nhtsa.gov/sites/nhtsa.dot.gov/files/documents/13069a-ads2.0_090617_v9a_tag.pdf
² https://www.nhtsa.gov/staticfiles/nvs/pdf/812333_CybersecurityForModernVehicles.pdf

Back to top