SBI Term Loan: RLLR: 8.15 | 7.25% - 8.45%
Canara Bank: RLLR: 8 | 7.15% - 10%
ICICI Bank: RLLR: -- | 8.5% - 9.65%
Punjab & Sind Bank: RLLR: 7.3 | 7.3% - 10.7%
Bank of Baroda: RLLR: 7.9 | 7.2% - 8.95%
Federal Bank: RLLR: -- | 8.75% - 10%
IndusInd Bank: RLLR: -- | 7.5% - 9.75%
Bank of Maharashtra: RLLR: 8.05 | 7.1% - 9.15%
Yes Bank: RLLR: -- | 7.4% - 10.54%
Karur Vysya Bank: RLLR: 8.8 | 8.5% - 10.65%

MoRTH proposes mandatory vehicle cybersecurity norms to tackle rising digital threats

#Infrastructure News#Infrastructure#India
Synopsis

The Ministry of Road Transport and Highways (MoRTH) has proposed new regulations to make cybersecurity and software update management systems mandatory for technologically advanced vehicles, aiming to strengthen protection against cyberattacks as automobiles become increasingly software-driven. The draft rules, aligned with the AIS-189 standard, will be implemented in phases beginning with Level-3 and above automated vehicles from October 2026, before expanding to OTA-enabled and other software-equipped vehicles by 2029. The proposal seeks to align India's automotive cybersecurity framework with global best practices while inviting stakeholder feedback before final implementation.

The Ministry of Road Transport and Highways (MoRTH) has proposed a comprehensive regulatory framework that will make cybersecurity management systems (CSMS) and software update management systems (SUMS) mandatory for technologically advanced vehicles in India. The move comes as modern vehicles become increasingly connected and software-dependent, exposing them to a growing range of cyber threats, including malware attacks, unauthorised access and software vulnerabilities. 
According to the draft notification issued by the ministry, the proposed regulations will apply to passenger vehicles (Category M), goods carriers (Category N) and trailers (Category T) equipped with at least one electronic control unit (ECU), as well as L7-category vehicles featuring Level-3 automated driving capability. These vehicles will be required to comply with cybersecurity management requirements under the AIS-189 standard, which aligns India's regulatory framework with internationally accepted practices for vehicle cybersecurity and software lifecycle management. 
The implementation will follow a phased approach. For new models equipped with Level-3 automation and above, compliance with cybersecurity management systems will become mandatory from October 1, 2026, while existing models will have until April 1, 2027 to meet the new requirements. The next phase will extend the regulations to vehicles capable of receiving over-the-air (OTA) software updates, with compliance timelines beginning in 2028. From October 1, 2029, the framework will cover all OTA-enabled vehicles as well as vehicles supporting software updates even without OTA capability. 
The proposed rules are intended to ensure that manufacturers establish robust systems to identify, assess and mitigate cybersecurity risks throughout a vehicle's lifecycle. Software update management systems will require automakers to maintain secure procedures for validating, tracking and deploying software updates while ensuring traceability and protection against unauthorised modifications. These measures are expected to enhance the integrity of critical vehicle systems, including battery management, braking, steering and other electronically controlled functions. 
As vehicles increasingly rely on advanced software, connected services and autonomous driving technologies, cybersecurity has emerged as a critical component of road safety. Experts note that vulnerabilities in vehicle software could potentially allow malicious actors to interfere with essential systems or compromise user data. By introducing mandatory cybersecurity standards, the government aims to reduce such risks while improving consumer confidence in connected and intelligent mobility solutions. 
The proposal also reflects India's efforts to harmonise automotive regulations with evolving global standards. International markets, particularly in Europe and other advanced automotive economies, have already introduced stringent cybersecurity requirements for connected vehicles. Aligning with these standards is expected to enhance the global competitiveness of Indian vehicle manufacturers while facilitating exports to markets with stricter regulatory requirements. 
MoRTH has invited comments and objections from stakeholders within 30 days of issuing the draft notification before finalising the regulations. Automobile manufacturers, technology providers, industry bodies and cybersecurity experts are expected to provide feedback on implementation timelines, technical standards and compliance mechanisms. Once notified, the framework will establish cybersecurity and secure software management as mandatory components of vehicle approval in India. 
The proposed regulations represent a significant step towards preparing India's automotive industry for the next generation of connected and software-defined vehicles. By strengthening cybersecurity governance and software management practices, the government aims to improve vehicle safety, support technological innovation and ensure that India's rapidly evolving mobility ecosystem remains secure, reliable and globally competitive. 
Source- PTI

Discussion

Have something to say? Post your comment