UK issues stricter security guidelines for connected cars
Nervous about the thought of your connected car falling victim to hacks, especially when self-driving cars hit the streets in earnest? So is the British government — it just issued tougher guidelines for the security of networked vehicles. It wants security to be part of the design process across every partner involved, even at the board of directors’ level, and for companies to keep cars updated throughout their lifespans. UK officials also call for a “defence-in-depth” strategy that minimizes vulnerabilities (such as by walling off systems to limit the damage of a hack), and very limited use of personal data that gives you control over what the car transmits.
The government has also reiterated its hopes to build a “new framework” for self-driving car insurance, making it clear who pays when an autonomous vehicle crashes.
This doesn’t guarantee that British cars will be significantly safer, or that manufacturers will take the spirit of the guidelines to heart. Between this and advice from American regulators, though, it won’t be surprising if automakers use official recommendations as a starting point. And to some extent, companies already do. Tesla, for instance, encourages researchers to report vulnerabilities and has isolated systems like the brakes and powertrain. In that sense, the UK is merely codifying principles that have already existed for a while.