AUTOS

Coming soon: Cybersecurity guidelines for automakers

U.S. Department of Transportation Secretary Anthony Foxx urges automakers to share information about cybersecurity to ensure future vehicles are safe

Brent Snavely
Detroit Free Press
U.S. Department of Transportation Secretary Anthony Foxx speaking in Detroit at Cobo Center in January as he outlined a set of policies today designed to speed up the development, testing and deployment of self-driving cars.

U.S. Transportation Secretary Anthony Foxx said on Friday the U.S. government plans to release a set of guidelines on cybersecurity best practices for the automotive industry in coming weeks.

Foxx made the announcement at the Billington Cybersecurity Summit in Detroit where automakers, security experts, cybersecurity companies and government officials discussed the importance of industry collaboration aimed at keeping cars safe from being hacked.

“There is no one company that can do on its own what all companies can accomplish together," Foxx said.

Foxx said the government's guidelines will encourage the industry to collaborate and share information about how to design software and to also learn from other industries.

Experts: Future auto hackers will want your money, data

"For better or worse, government has a reputation for moving slowly … but we hope that our guidance, when it is released, will break new ground," Foxx said.

Even though there has never been a documented case of a car being hacked remotely in a real world situation, the issue of cybersecurity has been rapidly gaining traction in the auto industry.

Cars have become increasingly connected to outside systems such as navigation and mapping. Stakes will continue to rise as automakers develop  technology related to self-driving cars, which will be even more connected to each other and other electronic systems.

"We cannot underestimate the risk," said Mark Reuss, GM's executive vice president of global product development.

Reuss said automakers are working closely with the U.S. Department of Transportation and the National Highway Traffic Safety Administration to develop the guidelines.

Thomas Kirchmaier, vice president of military contractor General Dynamics, said the defense industry has been collaborating on cybersecurity best practices for about eight years.

"Given the importance of our national security, we really do not have a choice (when it comes to collaboration), and I think the auto industry is at that point as well," Kirchmaier said. "Defeat the bad actors for the sake of your industry, your company and your country."

Casey Ellis, CEO of Bugcrowd, said the automotive industry deserves credit for making a lot of progress in a short time.

FBI, NHTSA warn about car hacking

Ellis, whose firm hires hackers to try to find security weaknesses for corporate clients, said the auto industry is moving "surprisingly fast" to develop security protocols to prevent malicious hacking.

"Automakers are very focused on the security of their products," Ellis said.

Contact Brent Snavely: 313-222-6512 or bsnavely@freepress.com. Follow him on Twitter @BrentSnavely. Free Press auto critic Mark Phelan contributed to this report.