ACEA Principles of Automobile Cybersecurity

Today’s vehicles are increasingly ‘connected’; there is wireless data exchange with servers, infrastructure and other vehicles. Nevertheless, opportunity comes with risks, and one of these is the threat of a direct cyberattack on vehicles or a whole vehicle fleet.

The European Automobile Manufacturers’ Association (ACEA) and its members are committed to mitigating these risks. To do so, ACEA and its members have identified a set of six key principles to enhance the protection of connected and automated vehicles against cyber threats.

  1. Cultivating a cybersecurity culture
  2. Adopting a cybersecurity life cycle for vehicle development
  3. Assessing security functions through testing phases: self-auditing & testing
  4. Managing a security update policy
  5. Providing incident response and recovery
  6. Improving information sharing amongst industry actors

This document provides an in-depth overview of these principles.