Cyber ​​Compliance Concern in the Automotive Aftermarket Ecosystem

Cyber ​​Compliance Concern in the Automotive Aftermarket Ecosystem
Cyber ​​Compliance Concern in the Automotive Aftermarket Ecosystem

Anıl Yücetürk, Vice Chairman of the Automotive After-Sales Products and Services Association (OSS), made striking statements regarding the transformation process in the sector, as well as the discussions on related vehicles and cyber security. Yücetürk said, “Since the vehicle manufacturers will reject spare parts supplied from independent sources due to a 'security breach' with the cyber security strategy of vehicle manufacturers, it may become impossible to use them.” may have a negative impact on "The barriers to free competition in the automotive aftermarket can be further expanded under the 'cybersecurity' argument," he said.

Anıl Yücetürk, Vice Chairman of the Automotive After-Sales Products and Services Association (OSS), made evaluations about connected vehicles and cyber security issues that do not fall on the agenda after the change process in the sector. Referring to the subject of connected vehicles, Yücetürk said, “The closed technical design of the in-vehicle telematics systems of the manufacturers makes it impossible to access the in-vehicle data and resources. This is an obstacle to realizing the digital potential of our industry and the private transportation service sector… Independent service providers need the ability to provide competitive, digital services to their end users/enterprise customers independent of the vehicle manufacturer. "As manufacturers accelerate the distribution of systems that don't cooperate in this way, they narrow the scope of competition."

Innovation and effective competition barrier!

Explaining that the “Extended Vehicle” (ExVe) model provides all remote data communication through the manufacturer's proprietary backend server, Yücetürk stated that a limited part of the in-vehicle data and functions are made available to independent service providers depending on the manufacturer's business model. “This service enables vehicle manufacturers to decide on who, when and how access to data, functions and resources will be given,” Yücetürk said, adding, “Competitors become dependent on the manufacturer and cannot compete effectively. Thus, innovation and effective competition in the automotive industry are prevented.” Explaining that “the absence of independent competition deprives consumers and fleet operators of a real choice,” Yücetürk said, “Unregulated ExVe access is expected to result in additional costs of up to 2030 billion Euros for consumers and up to 32 billion Euros for independent service providers by 33. It is predicted that it will cause losses.”

Warning of FIGIEFA!

A few years ago, FIGIEFA, the umbrella federation of automotive aftermarket associations in Europe, declared the European Union (EU) institutions to be used against a solution that ensures fair competition with the ExVe model; Reminding that he warned about the risk of closure to the independent aftermarket market, Yücetürk stated that many industry representatives, SMEs and consumers initiated two jointly signed manifestos on the subject in 2018 and 2019. “FIGIEFA; This year, together with seven other associations representing the aftermarket and consumers, he presented a detailed explanation of the needs of the independent aftermarket and reported how they will be addressed”, Yücetürk said, “As a result of this advocacy work, which emphasizes the characteristics of the automotive aftermarket market and the need for a special legislation on the subject, the European Commission has included legislation on 'access to in-vehicle data' in its work programme.

With the increase of cyber attacks after connected and automated driving issues, the issue of cyber security is becoming more important. kazanYücetürk, explaining that there is a need for legal regulation, has arisen in parallel with this. Yücetürk said, “UNECE, the body of the United Nations (UN), which also deals with mobility issues, has finalized two legislations on the subject. The relevant regulations will be transposed into EU legislation from late 2021. These two regulations on cyber security and software updates; Once accepted in the EU, it can be applied to new type-approved vehicles from 2022 and to existing vehicle parks after 2024.

“Each vehicle manufacturer will create its own cybersecurity management system”

Pointing out that the UNECE Regulation provides vehicle manufacturers with the opportunity to create their own safety criteria and apply these criteria as part of vehicle type approval, Yücetürk said, “Each vehicle manufacturer has its own cybersecurity measures to regulate corporate processes and implement security/software update measures for each vehicle type. will create the security management system. "Manufacturers can consider any access and communication to the vehicle as a cyber threat, and they can implement access control mechanisms to address cybersecurity concerns," he said.

“Barriers can be further expanded under 'cybersecurity'”

Yücetürk, who stated that “UNECE Regulation does not contain any substance that will protect the rights of the automotive aftermarket market in its current form”, made the following statements: “With the proprietary cyber security strategy of vehicle manufacturers, the vehicle will reject spare parts supplied from independent sources due to 'security violations', their use. may become impossible. This type of separation can have a negative impact on all spare parts identified as 'cybersecurity related' and not available from original equipment suppliers. Barriers to free competition in the automotive aftermarket could be further widened under the 'cybersecurity' argument. The first examples to be given can be listed as follows; blocking access to the OBD port via security certificates of proprietary vehicle manufacturers, blocking access to manufacturer codes required for activating spare parts, or general blocking of remote communication with the vehicle and its data. These restrictions can now be broadly enforced within the legal requirements of cybersecurity protection.”

A risk concern in the aftermarket ecosystem!

“Therefore, FIGIEFA, together with other aftermarket, leasing/rental companies and consumer organizations organized under AFCAR (Alliance for the Freedom of Car Repairs), informs EU officials and member country representatives to raise awareness,” Yücetürk said. To ensure that the transposition of UNECE Regulations into the EU's legal framework is accompanied by sound enforcement provisions, ensuring that stakeholders continue to have the ability to operate in a non-discriminatory and competitive manner when addressing cybersecurity. “Without such measures, the aftermarket ecosystem will be at great risk.”

Similar Ads

Be the first to comment