TOKYO — Ninety companies, including Toyota Motor and Nissan Motor, will form a consortium to protect connected cars from cyberattacks, Nikkei has learned.
The companies will check their automotive software for security flaws and share information such as cyberattack trends to prevent hijacking and data theft. Companies are stepping up such efforts as self-driving cars come closer to reality.
Information technology companies such as Microsoft Japan, Trend Micro, NTT Communications and Sompo Japan Insurance will join a group of carmakers, including Toyota and Nissan, and parts manufacturers such as Denso and Panasonic.
In a connected car, parts such as the engine, motors and brakes are electronically controlled. Data on their operational status is sent over the internet. If there is a security hole in the software that manages the data, it could be intercepted or the car itself seized by an outside operator.
Thousands of software vulnerabilities are detected around the world every month. Under the partnership, automotive software flaws will be extracted and updated once a week. Each company will check to ensure the software they use is not among those with security holes. Members will also be provided examples of hacking methods reported around the world.
It typically costs companies in the automotive sector 200 million to 300 million yen ($1.8 million to $2.7 million) a year to outsource software research. The alliance will reduce the financial burden on small and medium-size parts manufacturers that lack specialists in software security. It will also improve the reliability of Japanese cars as a whole.
The U.N. Economic Commission for Europe has adopted guidelines requiring manufacturers to improve security this year. In Japan, the transport ministry revised the Road Transport Vehicle Law in January in line with the U.N. guidelines.
New model cars sold in Japan after July 2022 with the ability to update software wirelessly will not be approved for sale or road use unless they meet the guidelines.