The automotive industry faces new cybersecurity challenges as vehicles become more connected.
All parties in the manufacturing supply chain should follow key principles for vehicle cybersecurity, such as organizational security, risk assessment and management, and product aftercare and incident response.
Connected vehicles also use new technologies such as over-the-air updates, which enable remote software updates.
All parties in the manufacturing supply chain must ensure that vehicles are secure from cyber threats.
UNECE WP.29 Cybersecurity Regulations: These regulations define a framework for identifying and managing cybersecurity risks in vehicle design, verifying risk management, keeping risk assessments updated, and monitoring and responding to attacks.
With remote hacking, hackers will attempt to access a vehicle's systems remotely without permission.
The vehicle architecture and the system implementation will determine how well the breach is contained to non-critical systems.
One way they can do this is by keeping their vehicle's software updated and using strong passwords for any connected services to reduce the risks of connected cars.
The modern vehicle infotainment system offers and uses various connectivity options like wifi, bluetooth, usb, or cellular.
These systems expose many interfaces that hackers may be able to exploit to access and control vehicle functions remotely, endangering human safety.
The vehicle architecture determines how well the critical systems are protected from such breaches.
One of them allows for the possibility of attackers to send arbitrary controller access network messages that affect safety-critical systems in the vehicle and as such the CSD suggests separating the telematics/infotainment actions from the CAN bus communication functions to prevent this.
Vehicle manufacturers vary in their security standards and practices, which makes standards such as ISO/SAE 21434 and regulations such as UN155/156 more important.
Automotive manufacturers are adopting new processes and technologies that meet the changing cybersecurity standards to keep their vehicles safe from cyber threats.
The International Standards Organization and SAE International have issued a joint standard for automotive cybersecurity engineering, which outlines a systematic process to integrate cybersecurity into the vehicle design.
The United Nations Economic Commission for Europe has enacted new cybersecurity regulations for vehicles, mandating manufacturers to get a Certificate of Compliance for the cyber security management system.
Cybersecurity compliance is a key theme for automotive manufacturers looking to implement new processes and technologies into their fleet but also helps ensure that their vehicles are secure from cyber threats.
Vehicles are made of components from various vendors, who may have different security standards and practices across different regions and cultures.
The biggest automotive cybersecurity challenges for the next two years are connected vehicles, over-the-air software updates, and vehicle-to-vehicle communication.
The regulations cover four aspects: cyber risk management, vehicle security by design, detection and response capabilities, and secure software updates without compromising vehicle safety.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Mon, 22 Jan 2024 05:43:05 +0000