The automotive industry should follow the National Institute of Standards and Technology’s (NIST’s) documented Cybersecurity Framework, which is structured around the five principal functions, “Identify, Protect, Detect, Respond, and Recover,” to build a comprehensive and systematic approach to developing layered cybersecurity protections for vehicles.
Allocating dedicated resources within the organization focused on researching, investigating, implementing, testing, and validating product cybersecurity measures and vulnerabilities
Facilitating seamless and direct communication channels through organizational ranks related to product cybersecurity matters
Enabling an independent voice for vehicle cybersecurity-related considerations within the vehicle safety design process.
The automotive industry should follow a robust product development process based on a systems-engineering approach with the goal of designing systems free of unreasonable safety risks, including those from potential cybersecurity threats and vulnerabilities.
This process should include a cybersecurity risk assessment step that is appropriate and reflects mitigation of risk for the full lifecycle of the vehicle.
Safety of vehicle occupants and other road users should be of primary consideration when assessing risks.
Manufacturers should consider the risks associated with sensor vulnerabilities and potential sensor signal manipulation efforts such as GPS spoofing, road sign modification, Lidar/Radar jamming and spoofing, camera blinding, and excitation of machine learning false positives.
Any unreasonable risk to safety-critical systems should be removed or mitigated to acceptable levels through design, and any functionality that presents an unavoidable and unnecessary risk should be eliminated where possible.
For remaining functionality and underlying risks, layers of protection that are appropriate for the assessed risks should be designed and implemented.