The U.S. Department of Commerce’s Bureau of Industry and Security is proposing a rule to prohibit transactions involving connected vehicle technology manufactured by China or other “foreign adversaries.”
A notice of proposed rulemaking scheduled to be published in the Federal Register on Thursday, Sept. 26 is aimed at addressing “undue or unacceptable” risks to national security in regard to communication technology.
Once the proposal is published, the public will have 30 days to comment.
“(The) Bureau of Industry and Security solicits comment on a proposed rule to prohibit transactions involving Vehicle Connectivity System hardware and covered software designed, developed, manufactured or supplied by persons owned by, controlled by or subject to the jurisdiction or direction of the People’s Republic of China, including the Hong Kong Special Administrative Region or the Russian Federation,” the agency wrote in the notice.
The proposal
The agency is proposing regulations that would:
- Prohibit Vehicle Connectivity System hardware importers from knowingly importing into the United States certain hardware for connected vehicles
- Prohibit connected vehicle manufacturers from knowingly importing into the United States completed connected vehicles incorporating certain software
- Prohibit connected vehicle manufacturers from knowingly selling within the United States completed connected vehicles that incorporate covered software
- Prohibit connected vehicle manufacturers who are owned by, controlled by or subject to the jurisdiction of China or Russia from knowingly selling in the United States completed vehicles that incorporate covered hardware or software
“Today’s vehicles contain a myriad of connected components that provide greater convenience for consumers and increase road safety for both drivers and pedestrians,” the agency wrote. “However, the incorporation of progressively more complex hardware and software systems that facilitate these features has also increased the attack surfaces through which malign actors may exploit vulnerabilities to gain access to a vehicle.”
Connected vehicle technology
In August, the U.S. Department of Transportation introduced its National V2X Deployment Plan. V2X technology is a suite of technologies that allows vehicles to send and receive information in real time.
Although there is hope this type of technology will improve roadway safety, there also have been concerns about cybersecurity risks.
In March, the Department of Commerce issued an advance notice of proposed rulemaking seeking information about the security of connected vehicles.
“It doesn’t take a lot of imagination to think of how foreign government with access to connected vehicles could pose a serious risk to both our national security and the personal privacy of U.S. citizens,” U.S. Secretary of Commerce Gina Raimondo said in a statement.
How to comment
The public can comment on the notice of proposed rulemaking by going to Regulations.gov and entering BIS-2024-0005. LL
Credit: Source link
