Toronto, Ontario — The National Highway Traffic Safety Administration (NHTSA) has new guidelines promoting the need to balance the needs of cybersecurity and third-party access, in light of the right to repair movement and multiple cases of vehicles being stolen or compromised due to inadequate security systems.
Effectively an update of its 2016 predecessor, “Cybersecurity Best Practices for the Safety of Modern Vehicles” provides additional details relating to the right to repair movement.
The document lists best practices for various automotive organizations to minimize the vulnerability of different system components, describing “processes that can be maintained, refreshed and updated effectively over time” for “all individuals and organizations designing and manufacturing vehicle electronic systems and software.”
Given that the third-party access affects both repairers and criminals, OEMs must find the right balance. Make it too secure and your vehicles will be unrepairable by third parties, potentially heightening the potential for harm for all drivers on the road. Make it too accessible and the vehicle risks cyberattacks that might compromise shops, OEMs and anything else the vehicle’s software can access.
While these recommendations are largely intended for vehicle and equipment manufacturers, third-party repairers know that manufacturer data policies will directly impact vehicle diagnostics and whether your tools can access them in the first place.
To read the original document, click here.