CA applauds the new U.S. Automated Vehicle Policy
The new Guidance represents polices and practices for which CA has long advocated.
Last week, the U.S. Department of Transportation released its Federal Automated Vehicles Policy. The policy recognizes the immense promise that automated vehicles hold for improving safety and efficiency in our nation’s transportation system.
Indeed, the policy document claims that the “development of advanced automated vehicle safety technologies, including fully self-driving cars, may prove to be the greatest personal transportation revolution since the popularization of the personal automobile nearly a century ago.”
However, the policy, which includes performance guidance for automated vehicles, also recognizes the significant risks inherent in this burgeoning technology, such as those associated privacy, system safety, crashworthiness and cybersecurity, among others.
Clearly, there are key roles for both government and industry to play in promoting the safe development and deployment of these new technologies.
With respect to cybersecurity considerations, CA applauds the DOT for its approach in developing this policy guidance. In many ways, this Guidance represents the culmination of a range of cybersecurity policies and practices for which CA has long advocated:
First, the Guidance embraces the promise of new automated vehicle technologies, which are a significant development of the application economy.
Second, the Guidance was developed with active stakeholder input, which helps ensure that the expertise and experience of those on the technology development front lines are incorporated.
Fourth, it calls for the use of secure development processes, which limit cybersecurity vulnerabilities in the development of software code. CA refers to this approach as DevSecOps, which incorporates security into the joint practices of development and operations.
Fifth, the Guidance promotes the use of international standards to improve both privacy and cybersecurity, recognizing the global context in which automated vehicles will be developed.
And finally, the Guidance calls for pro-active cyber threat information sharing within the automobile industry. CA recently testified before Congress on the important role cybersecurity information sharing plays in improving situational awareness, and preventing and mitigating attacks.
As automated vehicles will serve as a rich data target for cyber criminals, we believe it is important for the automobile industry to leverage automated real-time sharing mechanisms to the greatest extent possible.
CA looks forward to working with both the U.S. Department of Transportation and our automobile industry customers in continuing to develop and secure the automated vehicle technologies that will power a transportation revolution.
What are your thoughts on the new policy guidance? What recommendations do you have for the Department of Transportation as they continue to update the guidance?