Title: The Key Principles of Cyber Security for Connected and Automated Vehicles
Organisation: Department for Transport
Date uploaded: 22nd August 2017
Date published/launched: August 2017
The measures to be put before Parliament are designed to ensure that modern vehicles provide protection for consumers if technologies fail. The new guidance was accompanied by a call for manufacturers to help combat the threat posed by would-be hackers.
The Government says smart vehicles – which allow drivers to access maps, travel information and new digital radio services from the driving seat - are increasingly becoming the norm.
However, there are fears that would-be hackers could target these vehicles to access personal data, steal cars, or even take control of technology for ‘malicious reasons’.
The new guidance encourages engineers developing smart vehicles to ‘toughen up’ cyber protection. For example, manufacturers will need to design out cyber security threats as part of their development work.
The guidance is centred around eight key principles, including:
- Organisations involved in developing smart vehicles need to build in product aftercare and incident response to ensure systems are secure over their lifetime
- All organisations, including sub-contractors, suppliers and potential 3rd parties, should work together to enhance the security of the system
- Systems should be designed using a ‘defence-in-depth’ approach
- The storage and transmission of data must be secure and controlled
- Systems must be designed to be resilient to attacks, and able to respond appropriately when defences or sensors fail
For more information contact: