As of my last knowledge update in September 2021, automotive cybersecurity standards and regulations were still evolving, and it’s possible that new developments have emerged since then. Here are some key considerations for automotive cybersecurity compliances in the context of Electric Vehicles (EVs) in India:

  1. ISO/SAE 21434: This is an international standard that provides a framework for automotive cybersecurity engineering. It outlines processes and requirements for the integration of cybersecurity into the development lifecycle of road vehicles.

  2. BS ISO/IEC 27001: Although not specific to automotive, ISO/IEC 27001 is a widely recognized international standard for information security management systems. Many organizations in the automotive sector use this as a foundation for their cybersecurity management.

  3. Indian Automotive Industry Standards (AIS): The Indian government, through the Automotive Industry Standards Committee (AISC), may establish specific standards for automotive cybersecurity. These standards would be mandatory for manufacturers operating in India.

  4. Government Regulations and Policies: Keep an eye on announcements from relevant Indian government authorities, such as the Ministry of Road Transport and Highways (MoRTH), the Automotive Research Association of India (ARAI), and the Bureau of Indian Standards (BIS), as they may introduce specific cybersecurity requirements.

  5. Global Standards and Best Practices: Apart from India-specific standards, it’s essential to be aware of and comply with international standards and best practices in automotive cybersecurity. This includes standards like the UNECE WP.29 regulations.

  6. CERT-In Guidelines: The Indian Computer Emergency Response Team (CERT-In) provides guidelines and advisories on various aspects of cybersecurity. While not specific to automobiles, they may issue guidance that’s applicable.

  7. Collaboration and Certification: Engage with industry organizations, forums, and groups that focus on automotive cybersecurity. These entities may offer valuable insights, best practices, and certification programs.

  8. Third-party Audits and Certification: Consider engaging with cybersecurity firms or auditors that specialize in automotive cybersecurity. They can conduct assessments and issue certifications attesting to your compliance with industry standards.

  9. Data Privacy Regulations: Depending on the data your EVs collect and process, you might need to comply with data privacy regulations like India’s Personal Data Protection Bill (PDPB) or the General Data Protection Regulation (GDPR) if you’re handling data of EU citizens.

  10. Incident Response and Reporting: Establish robust incident response plans and mechanisms for reporting security incidents. Compliance might require prompt reporting of any cybersecurity breaches.

Remember that regulatory landscapes can change, so it’s crucial to stay updated with the latest developments from relevant authorities. Engaging with cybersecurity experts and legal counsel who specialize in the automotive industry can also provide valuable guidance.