ACEA principles of automobile cybersecurity

Today’s vehicles are increasingly ‘connected’; there is wireless data exchange with servers, infrastructure and other vehicles. Nevertheless, opportunity comes with risks, and one of these is the threat of a direct cyberattack on vehicles or a whole vehicle fleet.

The European Automobile Manufacturers’ Association (ACEA) and its members are committed to mitigating these risks. To do so, ACEA and its members have identified a set of six key principles to enhance the protection of connected and automated vehicles against cyber threats.

  1. Cultivating a cybersecurity culture
  2. Adopting a cybersecurity life cycle for vehicle development
  3. Assessing security functions through testing phases: self-auditing & testing
  4. Managing a security update policy
  5. Providing incident response and recovery
  6. Improving information sharing amongst industry actors

This document provides an in-depth overview of these principles.


Reproduction of the content of this document is not permitted without the prior written consent of ACEA. Whenever reproduction is permitted, ACEA shall be referred to as source of the information. Quoting or referring to this document is permitted provided ACEA is referred to as the source of the information. 

Content type Publication
Vehicle types All vehicles
back to topback to top