In memoriam 1961-2018
US regulators have urged car manufacturers to prioritize cybersecurity in the design of their vehicles, in a new voluntary set of guidelines.

The National Highway Traffic Safety Administration (NHTSA) released on Monday Cybersecurity Best Practices for Modern Vehicles – what it claimed to be “a solid foundation for developing a risk-based approach and important processes” to ensure systems are properly secured.

It continued:

“NHTSA believes that it important for the automotive industry to make vehicle cybersecurity an organizational priority. This includes proactively adopting and using available guidance such as this document and existing standards and best practices. Prioritizing vehicle cybersecurity also means establishing other internal processes and strategies to ensure that systems will be reasonably safe under expected realworld conditions, including those that may arise due to potential vehicle cybersecurity vulnerabilities.”

The document sets out best practice advice including information sharing via the Auto ISAC; following established standards such as ISO; pen testing; and creating a new industry-specific vulnerability reporting program.

The guidance is certainly needed, given the rapid pace of development in the connected car industry and headline research which has highlighted potentially life-threatening flaws in systems.

This was most famously spear-headed by Miller and Valasek in 2015 research which showed how a Jeep Cherokee could be remotely controlled by hackers.

However, the NHTSA’s guidance is voluntary, which simply isn’t good enough, according to Democrat senators and members of the Commerce, Science and Transportation Committee, Edward Markey and Richard Blumenthal.

“If modern day cars are computers on wheels, we need mandatory standards, not voluntary guidance, to ensure that our vehicles cannot be hacked and lives and information put in danger,” they argued in a prepared statement.

“In this new Internet of Things era, we cannot let safety, cybersecurity, and privacy be an afterthought. We must pass our legislation, the SPY Car Act, that puts the protections in place to ensure auto safety and security in the 21st century.”

Read More. US Lawmakers Slam Opt-in Car Cybersecurity Guidance


Level 12
This makes me think of the movie Minority Report! As everything is starting to become computerized and slowly we are losing our privacy with companies shifting more and more to telemetry. Will anything be hackproof? Dad's Boss car got stolen, it was one of those without a key, just a chip or card on your wallet, Last I heard, it hasn't been recovered yet.


Level 85
I think better implement little by little, consider first the security and privacy.

Remember that it can be life threatening too once some of the operation in computer system caused trouble. The problem for manufacturers where security is not an utmost priority, hence easily to hacked and produced security holes.