campion bmw-a1 nat_auto woodford_ origo-2 finol autoparts-2 serfac270514a

Thatcham welcomes 5StarS’ vehicle cybersecurity assurance framework


A proposed assurance framework launched by 5StarS on connected and autonomous vehicle cybersecurity has been welcomed by Thatcham Research.

The consortium, an Innovate UK project which brings together key research bodies (Horiba Mira, Ricardo, Roke, Axillium Research and Thatcham Research) to address the increased cybersecurity threat around connected and autonomous vehicles, has released the framework to give confidence to consumers and insurers.

The assurance framework sets out to build trust in the ability of manufacturers to mitigate against cyber threats and be resilient to attacks, as well as being able to demonstrate that they will respond quickly and effectively to attacks or vulnerabilities.

It will also enable manufacturers to gain assurance in the capabilities of their products, use resilience as a market differentiator and establish meaningful ways of communicating cybersecurity risk to consumers.

Richard Billyeald, Chief Technical Officer, Thatcham Research, said: “Through our research and evidence gathered to develop the framework, we are confident that it is a workable and positive response to the issues posed by new technology, and increases peace of mind for consumers. The framework will allow vehicle manufacturers and others to deal with the risks but also consider the clear opportunities on offer.”

The proposed timings for adoption and implementation of the framework are laid out in the roadmap, enabling assurance to be increased over time.

The 5StarS framework will provide a roadmap to increasing assurance, which starts by providing practical guidance and support for vehicle manufacturers to meet the demands of the emerging regulations and standards, such as ISO/SAE 21434, while introducing independent vehicle vulnerability assessments.

The framework also proposes a consumer-facing risk rating system to reassure consumers about their choice of vehicle. The system will reflect the level of cybersecurity assurance of any new vehicle, provide underwriters with information to help assess a vehicle’s cyber risk, address the evolving threat landscape – including international differences, and include consideration for ongoing maintenance/technical inspection.

Paul Wooderson, Cybersecurity Principal Engineer at Horiba Mira and 5StarS project lead, added: “The 5StarS project has delivered a novel and scalable way for vehicle manufacturers to increase confidence in the cybersecurity of their products, from the design stage through the vehicle lifecycle, and demonstrate that to consumers and insurers.”