Action
Notice of federal guidelines.
Summary
On January 12, 2021, NHTSA released its draft Cybersecurity Best Practices for the Safety of Modern Vehicles guidance ("Draft Best Practices" or "guidance") in an effort to support industry-led efforts to improve the industry's cybersecurity posture as well as provide NHTSA's views on how the automotive industry can develop and apply sound, risk-based cybersecurity management processes during the vehicle's entire lifecycle. These guidelines are intended to be applicable to all individuals and organizations involved in the design, development, manufacture and assembly of a motor vehicle and its electronic systems and software. These entities include, but are not limited to, small and large-volume motor vehicle and motor vehicle equipment designers, suppliers, manufacturers, and modifiers. This document summarizes comments received in response to the draft guidance, responds to those comments, and describes changes made to the draft guidance in response to those comments. This document also announces the issuance of the final version of the Cybersecurity Best Practices for the Safety of Modern Vehicles guidance. While this is the final version of this iteration of the Best Practices, NHTSA routinely assesses cybersecurity risks as well as emerging best practices and will consider future updates as motor vehicles and their cybersecurity evolve.