The automotive sector is undergoing a profound transformation with the digitalization of in-car systems that are necessary to deliver vehicle automation, connectivity and shared mobility. Today, cars contain up to 150 electronic control units and about 100 million lines of software code—4x more than a fighter jet—projected to rise to 300 million lines of code by 2030.
This comes with significant cybersecurity risks, as hackers seek to access electronic systems and data, threatening vehicle safety and consumer privacy.
Two new UN Regulations on Cybersecurity and Software Updates will help tackle these risks by establishing clear performance and audit requirements for car manufacturers. These are the first ever internationally harmonized and binding norms in this area.
The two new UN Regulations, adopted by UNECE’s World Forum for Harmonization of Vehicle Regulations, require that measures be implemented across 4 distinct disciplines:
- Managing vehicle cyber risks;
- Securing vehicles by design to mitigate risks along the value chain;
- Detecting and responding to security incidents across vehicle fleet;
- Providing safe and secure software updates and ensuring vehicle safety is not compromised, introducing a legal basis for so-called “Over-the-Air” (O.T.A.) updates to on-board vehicle software.
The regulations will apply to passenger cars, vans, trucks and buses. They will enter into force in January 2021.
Japan has indicated that it plans to apply these regulations upon entry into force.
The Republic of Korea has adopted a stepwise approach, introducing the provisions of the regulation on Cybersecurity in a national guideline in the second half of 2020, and proceeding with the implementation of the regulation in a second step.
In the European Union, the new regulation on cyber security will be mandatory for all new vehicle types from July 2022 and will become mandatory for all new vehicles produced from July 2024.
Together, the EU, the Republic of Korea and Japan accounted for some 32 million vehicles produced in 2018, representing just over one third of global production.
Given the widespread use of UN Regulations in the automotive sector around the world, the broad adoption of these regulations across the world is expected, among and beyond the 54 Contracting Parties to UNECE’s 1958 Agreement.
According to recent research, the need to strengthen automotive cybersecurity will trigger massive investments—increasing from 4.9 billion USD in 2020 to 9.7 billion USD in 2030. The framework offered by the new UN Regulations will spur significant innovation and new economic opportunities among suppliers, IT companies, specialist niche firms and start-ups, particularly in the software development and services market.
Republished courtesy of UN. Photo credit: UN.