"Highway Safety Agency Wants Car Makers to Know What's in Their Software"

The National Highway Traffic Safety Administration (NHTSA) released a new draft of voluntary cybersecurity best practices with a focus on secure software use in vehicles. The updated draft incorporates comments gathered from a 2016 best practices document that the highway safety agency issued in response to the growing connectivity of modern vehicles as well as the continued addition of new electronics to these vehicles. These advancements introduce new opportunities for malicious hackers to launch attacks against modern vehicles, posing a significant threat to drivers' safety. For example, a hacker can remotely turn a car's automatic emergency braking innovation against its driver. In addition to the comments on the 2016 document, the updated draft reflects industry standards and research conducted by the agency on over-the-air updates, encryption techniques, cybersecurity penetration testing, and diagnostics. The revised best practices also bring further attention to the importance of considering cybersecurity throughout the software supply chain and the lifecycle management processes of developing, implementing, and updating software-enabled systems. This article continues to discuss NHTSA's revised draft of cybersecurity best practices document for the safety of modern vehicles and the importance of a secure software development process in the automotive sector. 

NextGov reports "Highway Safety Agency Wants Car Makers to Know What's in Their Software"