Measures for Automaker's Legal Risks from Security Threats in Connected Car Development Lifecycle

Abstract

To improve passenger convenience and safety, today's vehicle is evolving into a "connected vehicle," which mounts various sensors, electronic control devices, and wired/wireless communication devices. However, as the number of connections to external networks via the various electronic devices of connected vehicles increases and the internal structures of vehicles become more complex, there is an increasing chance of encountering issues such as malfunctions due to various functional defects and hacking. Recalls and indemnifications due to such hacking or defects, which may occur as vehicles evolve into connected vehicles, are becoming a new risk for automakers, causing devastating financial losses. Therefore, automakers need to make voluntary efforts to comply with security ethics and strengthen their responsibilities. In this study, we investigated potential security issues that may occur under a connected vehicle environment (vehicle-to-vehicle, vehicle-to-infrastructure, and internal communication). Furthermore, we analyzed several case studies related to automaker's legal risks and responsibilities and identified the security requirements and necessary roles to be played by each player in the automobile development process (design, manufacturing, sales, and post-sales management) to enhance their responsibility, along with measures to manage their legal risks.