Text: H.R.701 — 115th Congress (2017-2018)All Information (Except Text)

There is one version of the bill.

Text available as:

Shown Here:
Introduced in House (01/24/2017)


115th CONGRESS
1st Session
H. R. 701


To direct the Administrator of the National Highway Traffic Safety Administration to conduct a study to determine appropriate cybersecurity standards for motor vehicles, and for other purposes.


IN THE HOUSE OF REPRESENTATIVES

January 24, 2017

Mr. Wilson of South Carolina (for himself and Mr. Ted Lieu of California) introduced the following bill; which was referred to the Committee on Energy and Commerce


A BILL

To direct the Administrator of the National Highway Traffic Safety Administration to conduct a study to determine appropriate cybersecurity standards for motor vehicles, and for other purposes.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,

SECTION 1. Short title.

This Act may be cited as the “Security and Privacy in Your Car Study Act of 2017” or the “SPY Car Study Act of 2017”.

SEC. 2. Study on cybersecurity standards for motor vehicles.

(a) Study required.—The Administrator of the National Highway Traffic Safety Administration, in consultation with the Federal Trade Commission, the Director of the National Institute of Standards and Technology, the Secretary of Defense, the Automotive Information Sharing and Analysis Center, SAE International, manufacturers of motor vehicles, manufacturers of original motor vehicle equipment, and relevant academic institutions, shall conduct a study to determine appropriate standards for the regulation of the cybersecurity of motor vehicles manufactured or imported for sale in the United States that should be adopted by the Administration and any other appropriate Federal agencies. The study shall include an identification of—

(1) the isolation measures that are necessary to separate critical software systems from other software systems;

(2) the measures that are necessary to detect and prevent or minimize in the software systems of motor vehicles anomalous codes associated with malicious behavior;

(3) the techniques that are necessary to detect and prevent, discourage, or mitigate intrusions into the software systems of motor vehicles and other cybersecurity risks in motor vehicles, such as continuous penetration testing and on-demand risk assessments;

(4) best practices to secure driving data collected by the electronic systems of motor vehicles while such data are stored onboard the vehicle, in transit from the vehicle to another location, in offboard storage, and in long-term storage (whether onboard or offboard the vehicle); and

(5) a timeline for implementing systems and software that reflect the measures, techniques, and best practices identified under paragraphs (1) through (4).

(b) Reports to Congress.—

(1) PRELIMINARY REPORT.—Not later than 1 year after the date of the enactment of this Act, the Administrator shall submit to the Committee on Energy and Commerce of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate a report containing the preliminary findings of the study conducted under subsection (a).

(2) FINAL REPORT.—Not later than 6 months after the submission of the report under paragraph (1), the Administrator shall submit to the committees described in such paragraph a report containing the complete findings of the study conducted under subsection (a), including recommended dates for the adoption and effectiveness of the standards determined to be appropriate in such study and recommendations for any legislation that may be necessary to authorize the adoption of such standards.

(3) FORM OF REPORT.—The report required by paragraph (2) shall be submitted in unclassified form but may contain a classified annex.

(c) Definitions.—In this section:

(1) ADMINISTRATOR.—The term “Administrator” means the Administrator of the National Highway Traffic Safety Administration.

(2) CRITICAL SOFTWARE SYSTEM.—The term “critical software system” means a software system of a motor vehicle that can affect the driver’s control of the movement of the vehicle.

(3) DRIVING DATA.—The term “driving data” includes any electronic information collected about—

(A) a vehicle’s status, including its location or speed; or

(B) any owner, lessee, driver, or passenger of a vehicle.


Share This