binarypublish
New European Union rules regarding the cyber security of cars come into effect in July 2024 and are causing a number of manufacturers to discontinue popular models. Porsche announced that sales of combustion-engined Porsche Macan models will end in EU countries early in 2024, despite remaining on sale elsewhere in the world until the end of 2025. The Volkswagen e-Up and Renault Zoe are also being discontinued. Known as UNECE WP.29, the measures are part of the wider General Safety Regulations 2 package that comes into force on 1 July 2024. It requires that all new cars sold in the EU – and the UK – be fitted with 20 safety technologies including automatic emergency braking, speed limit recognition and an emergency lane keeping system.
The regulations stipulate that all cars sold in the EU must be hardened against 70 potential cyber security risks – a number likely to increase over time. Those threats can be roughly grouped into hacking and physical system breaches, both intentional and accidental. They cover the entire life of a car as well, from the design office to the scrap yard.
The concerns around third-party devices accessing a car’s systems could a knock-on effect in car maintenance. Garages may have to shown that they have their own cyber security measures in place to be allowed to work on hardened cars, and there could be issues around having the right diagnostic equipment.
Manufacturers remain responsible for their car’s protection from cyber security threats in what’s called the post-production phase. That’s from the day production a model ends until the day the very last example is scrapped. While most cars become very rare in the decades after they’re discontinued, there are very few that become completely extinct throughout the world.
Having said all that, we won’t know for sure how meeting the WP.29 regulations will work in practice until they come into force on 1 July 2024. And even then, the long-term implications won’t become clear for some years yet.
