Governments funds creation of document newly published by the BSI
Credit: Philip Toscano/PA Archive/PA Images
A set of cybersecurity standards for manufacturers of self-driving cars has been published today by the British Standards Institute.
The guidance document was developed by the BSI in conjunction with the National Cyber Security Centre, as well as a range of automotive industry firms, including Ford, Bentley, and Jaguar Land Rover. Funding for the project was provided by the Department for Transport.
The 56-page document is intended to set a benchmark for the cybersecurity requirements of autonomous vehicles. Adherence to the standards will allow manufacturers to demonstrate their security credentials, the government said.
- Ensuring cybersecurity is vital for a driverless future
- DfT survey lifts lid on widespread public fears over drones and autonomous vehicles
- Government to trial self-driving buses
The document took as its starting point a government publication which last year set out eight “key principles” for the security of driverless and internet-enabled vehicles. These principles are:
- Organisational security is owned, governed, and promoted at board level
- Security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain
- Organisations need product aftercare and incident response to ensure systems are secure over their lifetime
- All organisations, including sub-contractors, suppliers and potential third parties, work together to enhance the security of the system
- Systems are designed using a defence-in-depth approach
- The security of all software is managed throughout its lifetime
- The storage and transmission of data is secure and can be controlled
- The system is designed to be resilient to attacks and respond appropriately when its defences or sensors fail
Commenting on the publication of the new standard, future of mobility minister Jesse Norman said: “As vehicles get smarter, major opportunities for the future of mobility increase. But so too do the challenges posed by data theft and hacking. This cybersecurity standard should help to improve the resilience and readiness of the industry, and help keep the UK at the forefront of advancing transport technology.”