Cybersecurity measures announced by auto manufacturers
Brussels, 18 October 2017 – In order to mitigate the risks of cyberattacks that come with the ever-increasing connectivity of motor vehicles, the European Automobile Manufacturers’ Association (ACEA) today published six key principles of automobile cybersecurity, which all its members endorse.
“The digital world offers unprecedented opportunities,” stated ACEA Secretary General, Erik Jonnaert. “Nevertheless, opportunity comes with risks, and one of these is the threat of a direct cyberattack on your car or indeed a whole fleet of vehicles. Keeping cybersecurity risks for connected vehicles in check is therefore of crucial importance.”
Firstly, countering such risks requires the number of data interfaces within a vehicle to be limited. Secondly, interfaces that are needed for connectivity purposes should be protected with very high cybersecurity measures. Highly aware of this, the automobile industry has taken the lead in designing and producing safe and secure connected and automated vehicles, by following well-established safety and security principles.
If adequate cybersecurity mechanisms are not implemented and cybersecurity risks not dealt with appropriately, the interfaces of connected vehicles can present an opportunity for exploiting vulnerabilities. Attackers may for instance compromise the user’s personal data, threaten vehicle systems or endanger the safety of passengers.
ACEA welcomes the Commission’s Communication on cybersecurity published last month, which states that specific sectors, facing specific threats, should be encouraged to develop their own approach to cybersecurity in order to complement general cyberstrategies.
In this spirit, and demonstrating the industry’s commitment to continue to ensure user safety, ACEA and its 15 member companies today published a set of six key principles:
- Cultivating a cybersecurity culture
- Adopting a cybersecurity life cycle for vehicle development
- Assessing security functions through testing phases
- Managing a security update policy
- Providing incident response and recovery
- Improving information sharing amongst industry actors
All manufacturers agree to endorse these principles to enhance the protection of connected and automated vehicles against cyber threats.
Furthermore, ACEA and its members will continue to fully support ongoing regulatory and standardisation initiatives taking place in various fora, such as UN-ECE and SAE/ISO.
Notes for editors
The ‘ACEA Principles of Automobile Cybersecurity’ are available at http://www.acea.be/publications/article/acea-principles-of-automobile-cybersecurity.
- The European Automobile Manufacturers’ Association (ACEA) represents the 15 major Europe-based car, van, truck and bus makers: BMW Group, CNH Industrial, DAF Trucks, Daimler, Ferrari, Ford of Europe, Honda Motor Europe, Hyundai Motor Europe, Jaguar Land Rover, Renault Group, Stellantis, Toyota Motor Europe, Volkswagen Group, Volvo Cars, and Volvo Group.
- Visit www.acea.auto for more information about ACEA, and follow us on www.twitter.com/ACEA_auto or www.linkedin.com/company/ACEA/.
- Contact: Cara McLaughlin, Communications Director, firstname.lastname@example.org, +32 485 88 66 47.
Interested in ACEA press releases?
Receive them directly in your inbox!
About the EU automobile industry
- 14.6 million Europeans work in the auto industry (directly and indirectly), accounting for 6.7% of all EU jobs.
- 11.5% of EU manufacturing jobs – some 3.7 million – are in the automotive sector.
- Motor vehicles are responsible for €398.4 billion of tax revenue for governments across key European markets.
- The automobile industry generates a trade surplus of €74 billion for the EU.
- The turnover generated by the auto industry represents more than 8% of the EU’s GDP.
- Investing €62 billion in R&D annually, the automotive sector is Europe’s largest private contributor to innovation, accounting for 33% of total EU spending.