Self-driving cars given cybersecurity standard
Governments funds creation of document newly published by the BSI
Credit: Philip Toscano/PA Archive/PA Images
A set of cybersecurity standards for manufacturers of self-driving cars has been published today by the British Standards Institute.
The guidance document was developed by the BSI in conjunction with the National Cyber Security Centre, as well as a range of automotive industry firms, including Ford, Bentley, and Jaguar Land Rover. Funding for the project was provided by the Department for Transport.
The 56-page document is intended to set a benchmark for the cybersecurity requirements of autonomous vehicles. Adherence to the standards will allow manufacturers to demonstrate their security credentials, the government said.
- Ensuring cybersecurity is vital for a driverless future
- DfT survey lifts lid on widespread public fears over drones and autonomous vehicles
- Government to trial self-driving buses
The document took as its starting point a government publication which last year set out eight “key principles” for the security of driverless and internet-enabled vehicles. These principles are:
- Organisational security is owned, governed, and promoted at board level
- Security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain
- Organisations need product aftercare and incident response to ensure systems are secure over their lifetime
- All organisations, including sub-contractors, suppliers and potential third parties, work together to enhance the security of the system
- Systems are designed using a defence-in-depth approach
- The security of all software is managed throughout its lifetime
- The storage and transmission of data is secure and can be controlled
- The system is designed to be resilient to attacks and respond appropriately when its defences or sensors fail
Commenting on the publication of the new standard, future of mobility minister Jesse Norman said: “As vehicles get smarter, major opportunities for the future of mobility increase. But so too do the challenges posed by data theft and hacking. This cybersecurity standard should help to improve the resilience and readiness of the industry, and help keep the UK at the forefront of advancing transport technology.”
A major government-commissioned study found that about half of UK organisations are lacking basic security skills. PublicTechnology talks to the researchers behind it to find out where...
For governments and armed forces around the world, the digital domain has become a potential battlefield. But this new realm of warfare brings with it many ethical and legal complications....
We are approaching the fourth anniversary of the foundation of the NCSC and the threats it was created to respond to loom larger than ever. PublicTechnology examines the growth of the UK’...
Dominic Cummings’ ambitions realised as prime minister’s office seeks to recruit crack squad of data scientists for No. 10 skunkworks
PublicTechnology talks to Rich Turner about why organisations need to adopt a ‘risk-based approach’ to security – but first make sure they get the basics right
HPE shows why organisations are increasingly seeking to understand and consider the environmental impacts of their IT purchasing decisions