The Alliance of Automobile Manufacturers and the Association of Global Automakers to establish a center to counter vehicle-related cybersecurity threats.

WASHINGTON (Sputnik) — The Alliance of Automobile Manufacturers and the Association of Global Automakers are leading an industry-wide effort to form a center to counter vehicle-related cybersecurity threats, according to a letter issued by both organizations obtained by Sputnik.

“The Alliance and Global Automakers agree to establish… a joint work group comprised of industry stakeholders to lead the research,” to establish an industry information sharing and analysis centre to address “cyber-related threats and vulnerabilities in motor vehicle electronics or associated in-vehicle networks,” the letter said.

The first step will be to develop a project management plan outlining a series of strategic objectives and milestones, while pointing out steps forward in the process and deadlines to meet, according to the letter.

The two organizations said they will then organize a series of industry work sessions focusing on issues related to antitrust, Freedom of Information Act, and Federal Advisory Committee Act laws.

“These sessions are important for potential industry participants, including manufacturers and suppliers, so that they can clearly understand the various ways an ISAC [Information Sharing and Analysis Center] could function in the auto sector, where there currently is no industry owned or operated critical infrastructure, and be able to evaluate the value of membership in such an organization,” the letter said.

The next step would be reaching a non-binding “statement of interest” prepared by the two organizations for auto manufacturers — or companies interested in continuing further with the process — to sign.

“The Auto-ISAC would be a separate non-profit corporate entity that exists outside of the Alliance and Global Automakers,” the letter said. “Therefore, it may be appropriate to develop a Request for Proposal (RFP) seeking a third party that would work with interested industry stakeholders to developed Auto-ISAC.”

Third-party activities might include the development of operational rules and procedures, antitrust and confidentiality policies, scope and functionality, membership criteria, and analysis of the total cost of operations with the Auto Alliance and Global Automakers providing administrative assistance to support the process wherever appropriate, the letter revealed.

As a final step, the Alliance and the Global Automakers said they will provide periodic status report to the National Highway and Traffic Safety Administration on the progress in working towards establishing an Auto-ISAC.

While the collection and sharing center will help the industry, General Motors is already taking steps to protect their consumers, General Motors Engineering and Safety Communications Manager Jennifer Ecclestone told Sputnik earlier.

“We are taking a layered approach to in-vehicle cybersecurity, and are designing many vehicle systems, so that they can be updated with enhanced security measures as potential threats evolve,” Ecclestone said.

Ford Motor Company also has a cybersecurity team in place as it seeks to invest in further cybersecurity solutions for its customers, Ford spokeswoman, Christin Baker told Sputnik.

“The company [Ford] has a cybersecurity team that continuously monitors the environment, and is capable of responding to reports of malicious activities,” Baker said. “The team investigates and addresses concerns, and works to mitigate future threats.”

Earlier this week US Senator Edward Markey released the report titled «Tracking & Hacking: Security and Privacy Gaps Put American Drivers at Risk," revealing how 16 major automobile manufacturers responded to his 2014 questions about vehicles that may be vulnerable to hackers and how driver information is collected and presented. The report showed that nearly 100 percent of vehicles on the market include wireless tech that could pose vulnerabilities to hacking or privacy intrusions.

There's been no documented cyberattacks on automobiles in the United States, but increased reliance on automation, software and technology enhancements to run basic car functions have exposed those systems to potential safety risk when under cyberattack.