Cybersecurity Best Practices for Modern Vehicles

Table of Contents

This document describes the National Highway Traffic Safety Administration’s non-binding guidance to the automotive industry for improving motor vehicle cybersecurity.

1 Purpose of This Document………………………………………………………………………………………………… 5

2 Scope………………………………………………………………………………………………………………………………. 5

3 Background……………………………………………………………………………………………………………………… 6

4 Definitions……………………………………………………………………………………………………………………….. 8

5 General Cybersecurity Guidance……………………………………………………………………………………….. 10

5.1 Layered Approach …………………………………………………………………………………………………………. 10

5.2 Information Technology Security Controls ………………………………………………………………………. 11

6 Automotive Industry Cybersecurity Guidance…………………………………………………………………….. 12

6.1 Vehicle Development Process With Explicit Cybersecurity Considerations…………………………. 12

6.2 Leadership Priority on Product Cybersecurity …………………………………………………………………. 12

6.3 Information Sharing ………………………………………………………………………………………………………. 13

6.4 Vulnerability Reporting/Disclosure Policy ……………………………………………………………………….. 14

6.5 Vulnerability / Exploit / Incident Response Process………………………………………………………….. 14

6.6 Self-Auditing ……………………………………………………………………………………………………………….. 15

6.6.1 Risk Assessment ……………………………………………………………………………………………………….. 15

6.6.2 Penetration Testing and Documentation ……………………………………………………………………… 16

6.6.3 Self-Review ………………………………………………………………………………………………………………. 16

6.7 Fundamental Vehicle Cybersecurity Protections …………………………………………………………….. 17

6.7.1 Limit Developer/Debugging Access in Production Devices ……………………………………………. 17

6.7.2 Control Keys …………………………………………………………………………………………………………….. 17

6.7.3 Control Vehicle Maintenance Diagnostic Access………………………………………………………….. 17

6.7.4 Control Access to Firmware ………………………………………………………………………………………. 18

6.7.5 Limit Ability to Modify Firmware …………………………………………………………………………………. 18

6.7.6 Control Proliferation of Network Ports, Protocols and Services …………………………………….. 19

6.7.7 Use Segmentation and Isolation Techniques in Vehicle Architecture

Design ……………………………………………………………………………………………………………………………… 19

6.7.8 Control Internal Vehicle Communications ……………………………………………………………………. 19

6.7.9 Log Events………………………………………………………………………………………………………………… 20

6.7.10 Control Communication to Back-End Servers…………………………………………………………….. 20

6.7.11 Control Wireless Interfaces……………………………………………………………………………………….. 20

7 Education ……………………………………………………………………………………………………………………… 20

8 Aftermarket Devices ……………………………………………………………………………………………………… 20

9 Serviceability ………………………………………………………………………………………………………………… 21

READ ONLINE

DOWNLOAD HERE

Download PDF

Engineering Drawing MCQ (Multiple Choice Questions) With Answers

Engineering Drawing and Design pdf by innovationdiscoveries

CLICK TO DOWNLOAD MORE PDF

Introduction to Internal Combustion Engines

Internal Combustion Engine Handbook: Basics | Components | Systems, and Perspectives

Engineering Fundamentals of the Internal Combustion Engine | PDF

The V6 Engine: Power Comparisons & Engine Basics

LEARN TECHNICAL TERMS OF AUTOMOBILE ENGINEERING

READ: IC ENGINE: COMPONENTS AND THEIR FUNCTIONS, TYPES, AND TERMINOLOGY

Advertisement

Visit Our Friendly Website

Ads by Adsterra