Lawmakers often struggle to keep up with new and emerging technologies. It can be hard to predict how they will affect our lives, and to foresee what new policies they will demand. When it comes to connected and autonomous vehicles, though, the Government is at least making a good effort.
In a recent post, we detailed some of the ways British politicians are preparing the ground for autonomous motoring: offering grants to firms developing the tech, amending insurance rules, and authorising trials on public roads. And over the summer, the Department for Transport took another important step, issuing guidance on how to prevent the cars of the future from being hacked.
The document, entitled ‘The Key Principles of Cyber Security for Connected and Automated Vehicles’ does not contain anything that’s particularly detailed or revolutionary. Instead, it sets out eight ‘key principles’ that automotive firms and their suppliers should adhere to. These are:
1. Organisational security is owned, governed and promoted at board level.
2. Security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain.
3. Organisations need product aftercare and incident response to ensure systems are secure over their lifetime.
4. All organisations, including sub-contractors, suppliers and potential third parties, work together to enhance the security of the system.
5. Systems are designed using a defence-in-depth approach.
6. The security of all software is managed throughout its lifetime.
7. The storage and transmission of data is secure and can be controlled.
8. The system is designed to be resilient to attacks and respond appropriately when its defences or sensors fail.
Of course, publishing these principles does not solve the issue overnight. Significant investments in cyber security systems and infrastructure will be needed, both from Government and from businesses.
But it is nevertheless a welcome development. It’s vital that, as well as exploring the potential benefits of autonomous cars – such as shorter journey times – policymakers also consider the risks that they bring, and take steps to alleviate them. These new guidelines show that, when it comes to the danger of vehicles being hacked, that work is underway.