NE Times
Technology

Connected Car Rules: India Plans Vehicle Software Update Norms

With cars increasingly run by software, the government is reportedly preparing update and security norms aimed at preventing vehicle hijacking and governing how connected cars in India are patched and protected.

The NE Times Technology Desk

Commentary & Analysis ·

4 min read
A modern connected car on an Indian highway with a glowing digital dashboard and software update icons overlaid on the windscreen.

India's government is planning norms for vehicle software updates as cars grow steadily more connected, according to a Times of India report on July 5. The move, which reportedly includes measures to thwart digital hijacking of vehicles, signals a new phase in Indian auto regulation — one where the code inside a car matters as much as the machinery.

Cars are becoming rolling computers

Connected vehicles are no longer a luxury niche in India. Software now runs infotainment, safety systems, diagnostics, navigation and increasingly sophisticated driver-assistance features. Many models already receive over-the-air updates, meaning a car's behaviour can change overnight without a visit to the workshop.

That capability cuts both ways. Well-governed updates can fix defects quickly and improve safety at scale. Poorly secured connected systems, on the other hand, could expose owners to data theft or even operational interference — the hijacking scenario regulators are reportedly keen to shut down.

What the norms may need to cover

The core policy question is how India should regulate security, accountability and update quality for vehicles that talk to external systems. Automakers may face clearer standards on update logs, user consent, vulnerability disclosure and emergency fixes. The next concrete milestone to watch is the release of draft norms or a public consultation from the government.

The NE Times View

This is regulation catching up with reality, and it is overdue. Indian buyers are adopting connected cars faster than the rulebook has evolved, leaving questions of liability, data ownership and patch quality to fine print written by manufacturers. Done well, these norms could become a template: mandatory update logs and vulnerability reporting would give consumers real protection without stifling innovation. Done clumsily, they could bury smaller automakers and startups in compliance while the biggest players absorb the cost. The government should consult widely and set outcome-based standards — because a car that can be updated remotely is a car that can, in the wrong hands, be attacked remotely.

This article is original commentary and analysis by The NE Times. Background facts were referenced from Times of India.

Share

You may also like to read

Cybersecurity warning on a screen inside an industrial manufacturing facility, illustrating a ransomware attack
Technology

Bajaj Auto Says Ransomware Attack Hit Company Systems

Bajaj Auto has disclosed that a ransomware attack affected systems at the company and its subsidiary Bajaj Auto Technology, intensifying concern over cyber risk across India's increasingly digital manufacturing sector.

The NE Times Technology Desk 3 min read

More from this section

More