Study: IT security for electric cars in China

New survey of Chinese cybersecurity and data protection regulations for the electric and connected car industry published by Fraunhofer SIT and Fraunhofer Singapore

Darmstadt/Singapore - The world's largest automotive market, China, is experiencing high growth rates for electric cars. In order to successfully compete in China, international automakers must comply with Chinese cybersecurity, cryptography and data security regulations. Fraunhofer SIT and Fraunhofer Singapore have summarized these in a joint study: It contains an overview of laws and regulations, including the responsible institutions in China, since 2015. The study also addresses research and development facilities as well as standardization authorities. The study is available for download free of charge at www.sit.fraunhofer.de/NEVChinaSurvey.

In the first eight months of 2021, 1.64 million electric vehicles were sold in China, 222% more than in the same period in 2020. Experts expect the deliveries to jump up to 6.6 million units by 2025 (according to a forecast of the Swiss bank UBS). The associated infrastructure, i.e. the network of electric charging stations, is developing accordingly. Electric cars and networked vehicles connected to a charging infrastructure require a high level of IT security and data protection, as this can create points of attack on the entire energy network and thus affect critical infrastructures.

Orientation in the regulatory framework
In China, corresponding laws, regulations and standards for cyber security are developed in parallel with the enormous market growth in electric mobility. The Fraunhofer study "China Electric Vehicle and Connected Vehicle Security and Privacy" gives a clear overview of these rules. The authors offer guidance by naming the most important points of contact responsible for electric car security in China, such as state authorities, standardization bodies, and non-governmental institutions. The overview takes into account all important developments from 2015 to June 2021.

Overview for the automotive industry
Besides the automotive industry, manufacturers, suppliers and technology providers, the Fraunhofer study also addresses standardization bodies and interested parties from research and development. The authors of the study provide an overview of the three main pillars for automotive cybersecurity in China: the 2017 Cybersecurity and Cryptography Law, national policies, and regulations of the Chinese electromobility industry, and international standards and market regulations that are also applied in China. Many laws and standards in China are based on international standards, which makes it easier for international manufacturers to enter the market - and vice versa, it also makes it easier for Chinese electric car manufacturers to enter the international markets. The study also provides an outlook on the future of electromobility security in China.

Background to the study
The study was prepared in cooperation with automotive experts and researchers in China and Singapore. It encompassed a large-scale research and analysis of relevant publications from government, industry and NGOs in China. It is available for download free of charge at www.sit.fraunhofer.de/NEVChinaSurvey.