The National Highway Traffic Safety Administration is seeking comments from the public on its publication “Cybersecurity Best Practices for the Safety of Modern Vehicles” submitted to the Federal Register on Friday.
The publication is an update to the existing best practices document published in 2016 and provides nonbinding guidance on vehicle cybersecurity to the automotive industry.
“Vehicle cybersecurity has high stakes,” said NHTSA Deputy Administrator James Owens. “The safety and security of everyone on our roads depend on it. We have learned a great deal in the past four years, and I encourage feedback on the 2020 edition.”
The update builds on agency research, industry progress, public comments on the previous version and motor vehicle cybersecurity issues discovered over the past four years. The new guidance leverages emerging industry standards and industry best practice guides developed by the Automotive Information Sharing and Analysis Center through its members.
NHTSA will continue to update and refine the draft document based on public comments, the agency said.
Additionally, the agency announced Friday that it is launching a project with the Automotive Information Sharing and Analysis Center (Auto-ISAC) to develop a new training curriculum for cybersecurity professionals in the automotive industry. NHTSA’s best practices found that workforce development and continuous education are crucial steps in improving cybersecurity in vehicles. Auto-ISAC has determined this is a top goal for the organization and its members.
Comments on the guidance will be accepted until 60 days after publication, or March 9.