10 March 2021. The Spanish Association for Standardization (UNE), has published the Standardisation Report on Cybersecurity for Connected and Automated Mobility of vehicles and their environment, prepared with the collaboration of the participating organisations of the Specific Group CTN320/GT CAV "Cybersecurity in the Vehicle Environment" of UNE's CTN 320.
This report aims to anticipate the expected development in cooperative smart transport systems and advances in vehicle connectivity with the environment. In addition, it was created to prepare the environment for technical standards that, on the one hand, offer the necessary interoperability of all the elements of these large transport systems; and, on the other hand, to standardize the security and privacy requirements necessary to provide sufficient guarantees for these particularly critical systems.
It analyzes the advances that are currently being developed in the field of standards and regulations, both at the governmental level and at the level of the different industry stakeholders. The technical standardization bodies, and the most relevant initiatives and standards are identified, related to Cybersecurity and Privacy, in the general field of the Connected and Automated Mobility (CAM) sector and in the particular case of Connected and Autonomous Vehicles (CAVs), Intelligent Transportation Systems (ITS) and the communication and connectivity technologies involved.
The report highlights the need for new technical standards in the field of the Connected and Automated Mobility sector to address the inherent cybersecurity and privacy risks associated with technological advances in this field.
Consequently, UNE has decided to publish this report to be used as the basis for developing future initiatives in the field of standardization in cybersecurity and privacy of smart mobility and connected vehicles, combining and agreeing on the efforts of the experts and the most important companies in the sector.
From a standardization point of view, much work remains to be done in terms of security and privacy within the scope of the connected and automated mobility sector. And it is a major challenge to design and agree on technical standards to create a trusted environment as respects both cybersecurity and privacy risks.
In particular, new artificial intelligence technologies and autonomous systems are a new field for cybersecurity and privacy, and pose an exciting challenge for standardization. Furthermore, the interoperability of standards in a particularly wide-ranging ecosystem and the need for a global scope will give the challenge new levels of complexity.
This report has been coordinated by the Official College of Telecommunication Engineers (COITT), with the idea of offering society and industry tools that ensure ICT professionals are prepared, to advance in the world of connected and autonomous mobility; the importance of which in the near future will take on even more economic and social relevance. And it is considered a must-read for all professionals who want to enter the connected and autonomous vehicle sector, since it will serve as a starting point and reference for continuing their professional development.
Relevant public bodies, associations, universities and companies in the telecommunications and cybersecurity sector have participated in drawing up this report with experts who regularly collaborate on developing national and international technical standards. Including: Abertis Autopistas España, AENOR, Alter Technology Tuv Nord, AMETIC (Association of Electronics, Information Technologies, Telecommunications and Digital Content Companies), COIT (Official College of Telecommunication Engineers), DEKRA Testing and Certification, ECIX Group; Enigmedia, FORLOPD Data Privacy and Security, Fundación Tecnalia Research & In, GMV Soluciones Globales Internet, Grupo CFI, jtsec Beyond IT Security, Knowledge Development for POF, LGAI Technological Center Applus+ Laboratories, MAPFRE, RENIC - National Network of Excellence in Cybersecurity Research, Renfe Operadora, SIA - Sistemas Informáticos Abiertos, TELEFÓNICA, Vicomtech - Centre for Visual Interaction and Communication Technologies, UC3M (Universidad Carlos III de Madrid), University of Navarra, the National Distance Education University and Rey Juan Carlos University.