Tempting the Fate of the furious: cyber security and autonomous cars

Abstract

The United Nations Economic Commission for Europe (UN ECE) has developed new aspects of its WP.29 agreement for harmonising vehicle regulations, focusing on the regulation of vehicle manufacturers’ approaches to ensuring vehicle cyber security by requiring implementation of an approved cyber security management system (CSMS). This paper investigates the background, framework and content of WP.29’s cyber security regulation. We provide an overall description of the processes required to become certified, discuss key gaps, issues and the impacts of implementation on stakeholders, and provide recommendations for manufacturers and the authorities who will oversee the operation. Putting the discussion into a broader theoretical framework on risk certification, we explore to the role of non-academic sources to shape public risk perception and to drive, for better or worse, legislative responses.