ACIC is a voluntary, technology-oriented partnership among automotive OEMs that is supported by the Department of Homeland Security Science and Technology Directorate (DHS S&T), the Department of Transportation Volpe National Transportation Systems Center (DOT Volpe Center), and nonprofit research center SRI International. The consortium identifies, prioritizes and conducts pre-competitive research projects that address critical cybersecurity challenges in automobiles. The consortium engages subject matter experts, consultants and researchers who provide the best-possible technical support for the project. Different projects require different skillsets and ACIC allows the flexibility to choose the best resources. The consortium promotes the interests of the automotive sector while maintaining impartiality, independence of the participants, and vendor neutrality. A “hub” organization, Bucciero & Associates, oversees the day-to-day operations of the ACIC, acquisition of technical resources based on project requirements, and administers all business issues among ACIC members and with project performers.
ACIC’s primary goal is to conduct proactive research to address critical automotive cybersecurity gaps and solutions. The research projects identified and selected by consortium members provide mutual benefit to all members and the nation by reducing the threat of cybersecurity risks in automobiles. The combined resources of the consortium members and the federal government increases both the capacity and quality of the research results. Members also benefit from DHS S&T and DOT Volpe Center broad access to government-funded research and researchers throughout the cybersecurity community. ACIC is focused on technology research and development, which does not have regulatory constraints and issues.
ACIC focuses on technology research, which complements other automotive industry efforts such as the Automotive Information Sharing and Analysis Center (Auto-ISAC), created to enhance cybersecurity awareness and share best practices, and SAE International, a global professional association and standards development organization for engineering professionals in various industries, including automotive.
Current Status and Next Steps
ACIC is in its seventh year and has completed research projects on tools and testing, threat assessment, testing frameworks, automotive ethernet security, vehicle security operations centers, tuner motivations and techniques, and an automotive cybersecurity adoption survey. In addition, it engaged the DOT Volpe Center on projects in telematics device cybersecurity testing and ECU cybersecurity mitigations. The consortium has initiated a new survey of emerging automotive threats. It will continue to execute on these projects, as well as identify, prioritize and conduct future research projects to improve cybersecurity in automobiles.
Gloria Bucciero
President, Bucciero & Associates, P.C.
gbucciero@buccierocpa.com
Alex Karr
Program Manager, DHS S&T
alex.karr@hq.dhs.gov