Centre Tightens Cybersecurity Oversight for Connected Vehicles; Automakers to Audit Software and Devices

The420.in Staff
3 Min Read

The Central government has advised automobile manufacturers (OEMs) and auto component makers to conduct comprehensive security audits of software, electronic devices and cybersecurity systems used in connected cars, electric vehicles (EVs) and commercial vehicles. The move comes amid growing concerns over potential hacking risks targeting electric vehicle systems.

According to sources, the Ministry of Heavy Industries has issued an advisory to the Society of Indian Automobile Manufacturers (SIAM) and the Automotive Component Manufacturers Association of India (ACMA), urging companies to review their cybersecurity preparedness. However, no specific deadline has been set for completing the audits so far.

Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference

The advisory comes shortly after the government directed Apple and Google to remove three mobile applications over concerns related to EV cybersecurity. Authorities suspected that these applications could potentially create risks of unauthorised access or manipulation of electric vehicle systems.

Under the advisory, automobile companies have been asked to examine the security of battery communication interfaces, Battery Management Systems (BMS), connected vehicle software and over-the-air (OTA) update mechanisms. Companies have also been advised to eliminate insecure default settings, weak authentication systems and unprotected OTA communication channels.

The government believes that modern connected vehicles are increasingly dependent on internet connectivity and cloud-based services. Any vulnerability in vehicle software or communication systems could allow cyber attackers to remotely target critical vehicle functions, potentially affecting user safety and data privacy.

Industry experts said that with the rapid adoption of digital technologies and internet-based features in automobiles, cybersecurity has moved beyond being an IT concern and has become directly linked to passenger safety. Vehicle manufacturers are required to implement strong cybersecurity practices throughout the software development, testing and update lifecycle.

A researcher at Algoritha Security said that cybersecurity for connected vehicles must be integrated from the initial design stage itself. According to the researcher, regular security audits, timely software updates, strong authentication mechanisms and secure OTA update systems can significantly reduce the risk of cyberattacks targeting connected vehicle platforms.

The government advisory is currently consultative in nature and does not specify any regulatory deadline or penalty provisions. However, industry experts believe that cybersecurity standards for connected and electric vehicles could become more stringent in the future as vehicle technologies continue to evolve.

Stay Connected