ENISA publishes a study on the "Cyber security and resilience of smart cars". The report identifies good practices and recommendations to ensure the security of smart cars against cyber threats.
Over the last few years, there have been many publications on attacks against smart cars, many of which have resulted in reputational damage for car manufacturers. The impact of attacks on a smart car has far-reaching consequences in terms of safety, while the cost of cyber security is becoming an issue for car manufacturers[1]. The risk to the driver, passengers and other users of roads makes it a matter of national and European interest.
This report lists the sensitive assets present in smart cars, as well as the corresponding threats, risks, attack scenarios, mitigation factors and possible security measures to implement. Smart cars subject matter experts were contacted to reflect the needs of Europe’s automotive cyber security stakeholders. The results are further aligned with the C-ITS Platform run by DG MOVE, to synergize efforts and the input from the ENISA Cars and Roads SECurity (CaRSEC) Expert Group to finalize the results.
The study suggests the following recommendations, to increase cyber security in smart cars in Europe:
- Improve information sharing amongst industry actors
- Achieve consensus on technical standards for good practices
- Clarify cyber security liability among industry actors
Prof. Udo Helmbrecht, Executive Director of ENISA, said: "We need to bring together all European automotive industry actors to secure smart cars today, for safer autonomous cars tomorrow."
ENISA’s future work in the field aims in enhancing the security and resilience of road transport in Europe together with all relevant key stakeholders and agencies. In the context of the NIS Directive and smart mobility, ENISA will assist Member States and the European Commission by providing expertise and advice, as well as developing and facilitating the exchange of good practices, with the ultimate goal to enable higher level of security for Europe’s road transport infrastructure.
To understand the cybersecurity challenges involved in the domains of Smart Cars and Intelligent Road Systems, ENISA created ENISA Cars and Roads SECurity (CaRSEC) Expert Group. To provide your expertise in the area, read the ToR and apply for the CaRSEC Expert Group.
Full report available online
For interviews and press enquiries please contact press@enisa.europa.eu Tel. +30 2814409576
[1] Anthony Foxx, Secretary, U S Department of Transportation and Mary Barra, the chairwomen and CEO of General Motors Company, stress the importance of these issues in a keynote talk at the Billington Cyber summit 2016 https://www.youtube.com/watch?v=F-sPC2qHkq8