India proposes mandatory cybersecurity rules for software-defined vehicles

Post Thumbnail

KATHMANDU: India’s Ministry of Road Transport and Highways has proposed mandatory cybersecurity and software update management rules for software-defined and highly automated vehicles. The move marks the country’s first regulatory framework to address cyber risks in connected vehicles, according to ET.

Under the draft rules, new passenger vehicles, commercial vehicles, and tractors equipped with at least one electronic control unit (ECU) supporting Level-3 or higher automated driving must comply with the new cybersecurity standards from October 2026. Existing models will be required to comply from April 2027.

The regulations will be expanded to vehicles capable of receiving over-the-air (OTA) software updates between April and October 2028. All other vehicles with software update capability will come under the rules from October 2029.

The proposal aims to protect connected vehicles from cyber threats, secure OTA software updates, and strengthen battery management system security. The government is also working on measures to prevent unauthorized remote access to batteries and electric vehicles.

According to the draft, automakers will be required to adopt secure software development practices and implement cybersecurity management systems to improve vehicle safety as software becomes an increasingly important part of modern vehicles.

India proposes mandatory cybersecurity rules for software-defined vehicles

Denza Z Track Edition, packing 1,582 HP, spotted…

Previous article
India proposes mandatory cybersecurity rules for software-defined vehicles

Tank 300 off-roader gets Hi4-Z powertrain, set to…

Next article