Senate's Self-Driving Car Bill Encourages Bug Disclosure Program

An autonomous vehicle is driven by an engineer on a street through an industrial park, in Boston.

An autonomous vehicle is driven by an engineer on a street through an industrial park, in Boston. Steven Senne/AP

Featured eBooks
AI in the Workplace
Read Now

CX in Action

Read Now

Next Steps for CMMC

Read Now
Joseph Marks By Joseph Marks,
Senior Correspondent

By Joseph Marks

|

Unlike House legislation, the bill envisions a cyber vulnerability disclosure program for the self-driving car sector.

Makers of self-driving cars would have 18 months to develop plans to mitigate the cybersecurity risks facing those cars, under discussion draft legislation being floated by the Senate Commerce Committee.

The plans should include ways to isolate and segment the cars’ critical digital systems and methods to detect and respond to cyber vulnerabilities when they occur, according to the bill draft obtained by Nextgov.

The plans should also address ways to spread cybersecurity lessons and best practices throughout the automated vehicle community, according to the draft legislation.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

The bill also envisions the Secretary of Transportation working with industry to build a voluntary cyber vulnerability disclosure program.

That program would make it easier for cybersecurity researchers to share newfound vulnerabilities with self-driving car manufacturers before they’re exploited and make it easier for companies to share cyber vulnerability information with each other.

The House unanimously passed self-driving car legislation with a similar requirement for cybersecurity plans, but the House bill does not describe a vulnerability disclosure program.

The Senate bill would also require manufacturers to produce annual reports on safety components of their self-driving cars, including how they’re preventing software and hardware malfunctions, mitigating the risk when those malfunctions occur and protecting their cars’ systems against hacking.

The bill would direct the Transportation Department to review all current safety regulations and suggest alternate language, where necessary, so the regulations adequately cover self-driving cars.

It would also create a Highly Automated Vehicles Technical Safety Committee with members from industry, state and local governments, and the safety community, tasked with making safety recommendations for self-driving cars.

The committee would include a working group to tackle accessibility issues for self-driving car passengers with disabilities.  

NEXT STORY: Tony Scott signs on with law and lobby firm