MoRTH proposes phased rollout of cybersecurity management systems for vehicles

Business To Business, New Delhi, 26^th June, 2026:   The Ministry of Road Transport and Highways has proposed a phased implementation of cybersecurity and cybersecurity management systems to enhance the safety and security of automobiles manufactured in the country.
In a draft notification issued on June 22, the ministry said the proposed regulations would apply to vehicle categories M (passenger vehicles), N (goods carriers) and T (trailers).
Under the draft framework, all motor vehicles in categories M, N and T equipped with at least one Electronic Control Unit (ECU), as well as category L7 vehicles with Level 3 automation, will be required to comply with cybersecurity and Cybersecurity Management System (CSMS) requirements specified under the AIS-189 standard.
The proposed norms are aimed at strengthening protection against cyber threats targeting increasingly connected and software-driven vehicles. Manufacturers will be required to implement appropriate cybersecurity measures throughout a vehicle's lifecycle to safeguard electronic systems from unauthorised access and potential cyberattacks.
The ministry said the phased rollout is intended to align India's automotive safety standards with evolving global practices, while ensuring that connected and automated vehicles are equipped with robust cybersecurity safeguards.
Once finalised, the regulations are expected to improve the resilience of vehicle electronic systems and enhance overall road safety as the automotive industry adopts advanced digital and connected technologies.