The 5StarS consortium – which brings together key research bodies Ricardo, Roke, HORIBA MIRA, Thatcham Research and Axillium Research to address the cybersecurity threat – has today launched its proposed assurance framework for connected and autonomous vehicle cybersecurity from design to end of life, following a two-year research project funded by Innovate UK.
As increased connectivity of vehicle systems – such as in-car entertainment – increases exposure to cyber threats, consumers and insurers need to be able to have confidence that vehicle manufacturers are managing cybersecurity appropriately. The 5StarS assurance framework sets out to build trust in the ability of manufacturers to mitigate against cyber threats and be resilient to attacks. The framework will allow them to demonstrate that they will respond quickly and effectively to attacks or vulnerabilities.
The Roadmap to Resilience framework will enable manufacturers to gain assurance in the capabilities of their products, use resilience as a market differentiator and establish meaningful ways of communicating cyber derived risk to consumers.
Key benefits for vehicle manufacturers implementing the framework include building consumer trust in the overall safety of vehicles; highlighting vehicle countermeasures against – and resilience to – cyber attacks; cyber risk being reflected in insurance premiums, and the ability to monetize good practice in cybersecurity through a rating that differentiates their products from the competition in consumers’ eyes.
Jerry Williams, Managing Director for the Roke and Ricardo Digital Resilience partnership, said: “We established the Roke-Ricardo partnership to bring together the best of both organizations in developing effective solutions to the evolving cyber threat. As members of the 5StarS project since its inception, we bring a full understanding of the difficulties associated with assessing cybersecurity as current and emerging threats change over time. We have used this basis of understanding to build an effective vehicle testbed.”
“We’re now using our newly established, dedicated facility to assess a number of vehicles, using a methodology that is consistent with the 5StarS approach, to get a detailed understanding of how different manufacturers have approached cybersecurity. This allows us to identify modifications that would improve future vehicles’ resilience to cyber attack.”
Nick Tebbutt, Ricardo Business Manager for cybersecurity, said, “For many years now, consumers have been able to make their new vehicle purchasing decisions informed by clear and easy-to-understand crash safety ratings. Ricardo is pleased to have played an active role in this project in identifying a methodology through which cyber resilience standards can be consistently assessed. We very much welcome the publication of the 5StarS consultation paper that has been announced by the consortium today.”
Pete Lockhart, Head of Commercial Technology for Roke, said: “With major automotive manufacturers’ vision for higher levels of autonomy vehicles edging closer to fruition, the focus on security and building trust in connected vehicles dominates the sector. It’s time to make cybersecurity as much of a consumer-led requirement as safety has been via the existing EuroNCap rating. A digitally resilient car should become an expectation, just as much as you’d expect to see seatbelts.”