Deep Dive into the Connected and Automated Mobility (CAM) Ecosystem: New Report

Back to News

The European Union Agency for Cybersecurity issues a comprehensive report of the CAM cybersecurity ecosystem. It aims at supporting the efforts of the European Commission and Member States competent authorities in deciding how to transpose the relevant United Nations regulations into the EU policy context.

The Connected and Automated Mobility (CAM) sector is a whole ecosystem of services, operations and infrastructures formed by a wide variety of actors and stakeholders. This ecosystem not only generates transformation in the industries but also considers how to meet the needs of the citizens for safer, cyber secure, increased sustainability, and for easier transportation.

CAM has the potential to change the way society perceives transportation. This sector is meant to highly benefit from digitalisation allowing vehicles to be connected with their surroundings and the drivers. Solving congestion, reducing pollution, decreasing the number of road accidents, and improving access to mobility are the substantial advantages society is intended to enjoy.

In order to achieve such results, however, cybersecurity plays a crucial role in the evolution of the CAM ecosystem.

The increase in connectivity and automation of vehicles and surrounding infrastructures is taking cybersecurity challenges, threats, and risks to a higher level.

The CAM ecosystem requires stakeholders to ensure compliance with cybersecurity standards and the implementation of cybersecurity measures for the safe functioning of the infrastructures involved and for the secure monitoring and delivery of services.

How the EU policy framework comes into play today

In the light of such developments, the European Commission and Member States competent authorities are about to transpose into EU policy the provisions of the regulations of cybersecurity and software updates of the United Nations adopted by the World Forum of Harmonisation of Vehicle Regulations (WP.29) of the UN Economic Commission for Europe (UNECE). Such provisions take into account the needs of all CAM stakeholders. The regulation requires all car manufacturers in the EU to secure connected vehicles against cyberattacks. This regulation is expected to enter into force in Europe from July 2022 and will be mandatory for all new types of vehicle.

What is the report focused on

The report published today provides an in-depth mapping of the key stakeholders and relevant bodies and organisations in the EU. It includes an overview of the relevant critical services, systems and infrastructures part of the CAM cybersecurity ecosystem.

The findings complement the key cybersecurity challenges of the CAM stakeholders already identified in the Recommendations for the Security of Connected and Automated Mobility report to be published soon by ENISA.

ENISA Report - Cybersecurity Stocktaking in the CAM

Target audience

The report is intended to support the work of the European Commission and the Member States competent authorities in the transposition of the UN cybersecurity regulation into EU policy.

Decision-makers who are responsible for the protection of security and resilience of the CAM ecosystem at EU level will find in the report the relevant cybersecurity measures and key issues they need to consider to draft their cybersecurity baseline.

The report is also expected to be of particular interest to Operators of Intelligent Transport Systems (OITS), Original Equipment Manufacturers (OEMs), Road Authorities (RA), Smart City Operators and standardisation bodies among others.

Further Information

ENISA is already engaged in the cybersecurity of smart cars and intelligent transport systems and issued publications of existing standardisation, legislative and policy initiatives, as well as good practices and security measures to ensure the security of smart cars against cyber threats.

ENISA Report - Cybersecurity Stocktaking in the CAM

ENISA Tool - Good practices for IoT and Smart Infrastructures - Smart Cars

ENISA Report - Good Pactices for Security of Smart Cars

ENISA Report - Cyber Security and Resilience of Smart Cars

Press Contact

For questions related to the press and interviews, please contact press (at) enisa.europa.eu.