Toyota, Nissan part of 90 firms to form new security alliance to protect connected cars from cyberattacks – paultan.org

As we move into the era of self-driving vehicles, companies are beginning to team up in order to protect connected cars from cyberattacks, Nikkei reports.

So far, a total of 90 companies including Nissan, Toyota and giant IT firms such as Microsoft Japan, Trend Micro, NTT Communications and Sompo Japan Insurance have joined the consortium. They will trawl their automotive softwares for potential vulnerabilities and share information such as cyberattack trends to prevent hijacking and data theft. Parts maker Denso and Panasonic are in on it, too.

In a connected vehicle, components such as the engine, electric motors, and brakes are predominantly electronically controlled. Data on their operational status gets sent over the internet, and if there’s a security flaw in the software that manages the data, it could be intercepted. Worse yet, the vehicle can be completely seized by a hacker.

Unfortunately, thousands of these software vulnerabilities are detected globally every month. Under this partnership, automotive software flaws will be extracted and updated on a weekly basis. Each company will routinely check to ensure the software they use has no security holes, and be shown examples of hacking methods used around the world.


Cost reduction is also among the benefits here. Usually, it costs automakers around 200 million (RM7.7 million) to 300 million yen (RM11.6 million) per annum to outsource software research. That’s a substantial outlay for small and medium-size parts manufacturers that don’t typically have software security specialists. The move will also improve the reliability of Japanese cars, the report said.

All this comes after the UN Economic Commission for Europe announced new guidelines that require manufacturers to improve security this year. The Japanese transport ministry has also aligned its Road Transport Vehicle Law as per the UN’s guideline.

That means new vehicles with the ability to have their software wirelessly updated won’t be approved for sale or road use unless they meet the guidelines, which kicks into force starting July 2022.

Source: Read Full Article