Guidance covers cybersecurity best practices for all motor vehicles, individuals and organizations manufacturing and designing vehicle systems and software
WASHINGTON – The U.S. Department of Transportation's National Highway Traffic Safety Administration (NHTSA) is taking a proactive safety approach to protect vehicles from malicious cyber-attacks and unauthorized access by releasing proposed guidance for improving motor vehicle cybersecurity.
- "Cybersecurity is a safety issue, and a top priority at the Department," said U.S. Transportation Secretary Anthony Foxx. "Our intention with today's guidance is to provide best practices to help protect against breaches and other security failures that can put motor vehicle safety at risk."
This guidance also highlights the importance of making cybersecurity a top leadership priority for the automotive industry, and suggests that companies should demonstrate it by allocating appropriate and dedicated resources, and enabling seamless and direct communication channels though organizational ranks related to vehicle cybersecurity matters.
- "In the constantly changing environment of technology and cybersecurity, no single or static approach is sufficient," said NHTSA Administrator Dr. Mark Rosekind. "Everyone involved must keep moving, adapting, and improving to stay ahead of the bad guys."
The best practices guidance released today is based on public feedback gathered by NHTSA, as well as
- National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity.
The proposed guidance follows actions by other entities on motor vehicle cybersecurity, including
- SAE J3061 Recommended Best Practice: Cybersecurity Guidebook for Cyber-Physical Vehicle Systems and the
- executive summary to the Automotive Cybersecurity Best Practices issued by the Auto-ISAC in, collaboration with the motor vehicle trade associations, in July 2016. NHTSA's guidance also suggests that organizations should consider and adopt all applicable industry best practices.