Cybersecurity and Data Privacy: Stakeholders’ Stand on Regulations and Standards

Abstract

AbstractAVENUE’s technological interest lies in those state-of-the-art technologies and solutions that either are already commercial or close to the market and are expected to reach commercialisation within the following years. For the successful implementation of the project activities, a wide range of technological as well as non-technological elements will be employed, adapted, integrated, and, where required, partially developed. The present chapter focuses on those connected automated vehicle (CAV) technologies from the perspective of cybersecurity, delving into questions on in-vehicle, back-end, and infrastructure, including the communications between vehicle to vehicle (V2V), vehicle to infrastructure (V2I), vehicle to cloud (V2C), vehicle to everything (V2X), software safety, as well as security and privacy by design principles for the development of connected devices. Furthermore, non-technological issues cover stakeholder and user acceptance, regulatory and legislative requirements, a new standardisation progress, ethical considerations, and vehicle and technology certifications and licensing. The purpose of this chapter is to present the project context and relating it to the potential cyber assaults and data privacy threats. It further delineates the conducted assessment and the provided recommendations which were built based on the key standards and regulations wrapping together CAVs, cybersecurity, and personal data protection pursuits.