This group of automotive cyber experts analyze, share and track cyber threats and spot potential weaknesses in vehicle electronics, and they are now developing best practices for the auto sector. Visit the Auto-ISAC website for more information.
Auto engineers are incorporating security solutions into vehicles from the first stages of design and production, and their security testing never stops.
As cars and other forms of transportation increasingly incorporate in-vehicle computer systems to help with everything from safety to navigation, cyber-security is among the industry’s top priorities and the auto industry is working continuously to enhance vehicle security features.
- Vehicle hardware has built-in security features that help protect safety critical systems, and auto control systems are isolated from communications-based functions like navigation and satellite radio.
- Automakers use proven security techniques to help prevent unauthorized access to software, and software updates require special codes.
- Like many industries, auto engineers use “threat modeling” and simulated attacks with the latest methods to test security and to help design controls to enhance data integrity.
To stay ahead of cyber threats, in 2015 the auto industry established an Automotive Information Sharing and Analysis Center (Auto-ISAC).
Automotive collaboration and partnerships are sharing solutions, seeking fresh approaches and monitoring new developments.
Automakers have long engaged with third-party security technologists, non-profit organizations, government programs and working groups, universities, and Science Technology Engineering and Mathematics (STEM) initiatives. These relationships help automakers develop vehicle-specific security technologies and practices. Some industry activities and partnerships include:
Auto-specific hackathons such as the annual Battelle-SAE International CyberAuto Challenge, as well as other cybersecurity events such as the DEF CON and Black Hat Conferences
The SAE Vehicle Electrical System Security Committee, which was created to help ensure electronic control system safety
The Cyber-Physical Systems Task Force formed by auto researchers and engineers through the U.S. Council for Automotive Research (USCAR) as a means of providing the National Science Foundation’s cyber-physical systems initiative with insight into automotive security solutions
The Automotive Consortium for Embedded Security (ACES), organized and operated by the Southwest Research Institute
The National Telecommunications and Information Administration’s (NTIA) Multi-stakeholder Collaboration on Vulnerability Research Disclosure, which aims to improve coordination between industry cybersecurity stakeholders and the valuable work being done by security researchers