10 Aug Government issues connected car guidelines to boost security
In a bid to prevent hacking, the government has issued guidelines to connected car manufacturers on improving cyber security.
The guidelines from the British government arrive following a series of vehicle hacks – including a Tesla last month. They have been issued due to concerns a malicious hacker could access travel information, unlock keyless entry systems, or even take control of vehicle functions.
Security is often an afterthought to features when building IoT products, which is why botnets have become so prevalent. The guidelines require engineers to ‘design out’ cybersecurity threats as new vehicles are developed.
“Whether we’re turning vehicles into wifi-connected hotspots or equipping them with millions of lines of code to become fully automated, it is important that they are protected against cyber-attacks,” says Martin Callanan, a minister in the Department for Transport.
“Our key principles give advice on what organizations should do, from the board level down, as well as technical design and development considerations.”
Systems powering connected cars must be able to withstand being sent malicious commands which can exploit the vehicle. Users, meanwhile, are required to have the option to delete their personal data from their cars.
Connected car insurance and the responsibility question
Plans for ongoing support for new vehicles must be created to ensure they continue receiving important security patches. If a connected car is compromised, full responsibility will be held at a board level.
The question over responsibility for self-driving vehicles and how they will be insured has been up for much debate. In today’s release of the guidelines, the government said it will soon be releasing legislation clarifying its position.
“Measures to be put before parliament mean that insuring modern vehicles will provide protection for consumers if technologies fail,” the government said in a statement.