Automotive Cybersecurity Regulations


Why there is a need for Automotive Cybersecurity?

Cybersecurity is the way to protect our automotive electronic systems, software, data and users from unauthorized access by another party, living or artificial. Due to our ever-advancing technology, the threat of hacking is always present.

What is the main princeples of the UNECE WP.29 regulation?

According to the UNECE, the automotive industry must take precautionary measures in these areas: managing vehicular cyber risks, design security measures, detecting and responding to security risks while en route, and keeping the software updated, including safety measures.

The regulation applies to the European Union, Japan and Korea. To date, the manufacturers of vehicles (OEMs) in the US are not required to have these cybersecurity measures mandatory until July 2024.

How is United States complying with the UNECE WP.29 regulation?

As the WP.29 regulation is not yet mandatory in the US, and North America, car manufacturers are not yet required to comply with this regulation. However, if their vehicles are sold in the countries involved, they must comply with the regulation. By July 2024, those companies must be compliant with all automotive cybersecurity regulations if they sell in the EU, Japan or Korea.

Despite the fact that the WP.29 regulation isn’t mandatory in the US (yet), automotive cybersecurity standards and regulation are taking a lot of focus. The more advanced vehicles are, a detailed approach is needed for:

  • Good communication and assessment of threats by onboard systems
  • Good countermeasures and recovery
  • Protection for accessible entry points on vehicles
  • Programs to entrap would-be hackers of vehicle systems, and
  • Search for other threats and neutralize them.
  • Record the threats onboard for the technician to find and review.
  • Maintain the safety of the users of the vehicle while in a dangerous situation.

The parameters set in place in America are based not only on WP29, but on parameters set by a group of men and women selected for it who work in the field. They make vehicles safer.

What does the bill in front of The House do?

It delineates the work to be done by a committee of people to maintain the safety of operators and passengers (users) of highly automated vehicles using interconnected artificial and computerized systems to operate their cars and prevent car hacking.

WP29 vs. H.R. Bill 3388

WP29 regulates how car manufacturers (in regulated countries) should protect their vehicles components, data and user privacy and safety. The bill sets up the same idea and gives parameters that must be followed. Specifically, the House of Representatives bill says:

  • Identify, assess and protect against known and unknown threats
  • Diagnostic Tests to show the abilities of the system
  • Lists contact persons in the event an intrusion happens on the road

More Responsibilities under HR Bill

The bill discusses the vulnerable points of entry and how to protect the vehicle and inform the public about the systems and protective actions taken. While it isn’t the WP29 of UNECE, its purpose is the same.