Review - HR 3262 Introduced – GUARD Act

Last month Rep Upton (R,MI) introduced HR 3262, the Guarding against Unauthorized Attacks Related to Driving (GUARD) Act. The bill would require DOT to submit to Congress a report on cybersecurity risks to motor vehicle safety.

Study and Report Required

Section 2 of the bill requires DOT to “conduct a study on the state of cybersecurity regarding motor vehicles”. In the process of conducting the study, DOT is required to address eight wide-ranging vehicle cybersecurity tasks, including:

• Identify each regulation, guideline, mandatory standard, voluntary standard, and other policy implemented by each Federal agency identified under this subsection and each guideline, mandatory standard, voluntary standard, and other policy implemented by industry-based and recognized international bodies,

• Review the technology, measures, guidelines, or practices used across the motor vehicle industry as of the date of the enactment of this Act to identify, protect, detect, respond to, or recover from cyber security incidents affecting the safety of a motor vehicle, focusing on the most advanced vehicle security solutions such as AI-driven vehicle security software,

• Identify existing cybersecurity resources to assist individuals in maintaining awareness of cybersecurity risks associated with motor vehicle safety and mechanisms for alerting a human driver or operator regarding cybersecurity vulnerabilities; and

• Identify means to protect vehicle occupants from cybersecurity incidents affecting safety that may arise while the motor vehicle is operating.

Moving Forward

Upton is a member of the House Energy and Commerce Committee to which this bill was assigned for consideration. This means that he likely has sufficient influence to see the bill considered in Committee.

I see nothing in the language of this bill that would engender any specific opposition. Given the importance that Congress is increasingly putting on cybersecurity issues, I suspect that this bill will receive significant bipartisan support, both in Committee and on the Floor of the House.

For a more detailed analysis of the provisions of the bill, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/hr-3262-introduced - subscription required.

Bills Introduced – 5-14-21

Yesterday, with just the House in session, there were 36 bills introduced. Two of those bills will receive additional coverage in this blog:

HR 3243 To codify the Transportation Security Administration's responsibility relating to securing pipelines against cybersecurity threats, acts of terrorism, and other nefarious acts that jeopardize the physical security or cybersecurity of pipelines, and for other purposes. Rep. Cleaver, Emanuel [D-MO-5]

HR 3262 To require the Secretary of Transportation to submit a report on cybersecurity risks to motor vehicle safety, and for other purposes. Rep. Upton, Fred [R-MI-6]

Looking at the list of cosponsors, HR 3243 may be as much about maintaining committee oversight of the pipeline security as it is about improving pipeline cybersecurity. We will have to wait to see what the actual language is in the bill.