News > Automakers commit to combatting connected car cybercrime

Automakers commit to combatting connected car cybercrime

 - 25/10/2017

The European Automobile Manufacturers' Association (ACEA) is making a firm commitment to consumers, data protection and cyber safety. It is this week publishing a set of six key principles for automotive cybersecurity that every one of its members -- from Audi and BMW to Mercedes and Land Rover -- fully endorse.

"The digital world offers unprecedented opportunities," said ACEA Secretary General, Erik Jonnaert. "Nevertheless, opportunity comes with risks, and one of these is the threat of a direct cyberattack on your car or indeed a whole fleet of vehicles."

The technological benefits and possibilities of greater automotive connectivity are already being very intelligently exploited by the automotive community.

The current-generation Mercedes E Class can wirelessly communicate with other E Class sedans and wagons on the road to warn about traffic jams and weather conditions.

In Sweden, Volvos are using a continuous 3G connection to the cloud to let local authorities know which sections of road are in the greatest need of snowploughing or gritting.

Ford has set out an ambitious plan to make 100% of all its new cars sold in the US connected as standard by 2020 and 90% of its cars sold in other countries.

On Star, General Motors' connected concierge service, has been optioned by 60% of car buyers since it launched on Vauxhall and Opel cars in 2016; and an integrated 4G/LTE wi-fi hotspot is fast becoming one of the must-have optional extras on all new cars sold in Europe and the US alongside compatibility with Apple CarPlay or Android Auto.

And this is just the start. By the beginning of the next decade, new cars will roll off the production line with integrated systems that allow them to be shared among a host of drivers using nothing more than a smartphone or a one-time password.

"Keeping cybersecurity risks for connected vehicles in check is therefore of crucial importance," Jonnaert said.

The ACEA is concerned that if cybersecurity best practices aren't laid down and religiously adhered to that the interfaces of connected cars could become vulnerable to exploitation -- be it stealing personal data, or in worst-case scenarios, taking remote control of the vehicle itself.

The European automotive community has already been taking various secure steps in this regard to ensure ‘firewalls' exist between different connected functions but now the association is coming together behind the same six shared principles:

1. Cultivating a cybersecurity culture;

2. Adopting a cybersecurity life cycle for vehicle development;

3. Assessing security functions through testing phases;

4. Managing a security update policy;

5. Providing incident response and recovery; and

6. Improving information sharing amongst industry actors

Furthermore, individual members will share findings and work together to improve existing best practices and to work in close cooperation with other local, national and international industry and governmental bodies.


Photo : © Adamo Di Loreto/