The issues surrounding cybersecurity

The issues surrounding cybersecurity

Is cybersecurity being used by vehicle manufacturers to force the hand of the independent aftermarket? Recently, PMM’s Kieran Nee and UK AFCAR’s Neil Pattemore visited Tonbridge’s Nev’ll Fix It to meet up with workshop owner Neville Smith to discuss the issue.


Hi guys, could you introduce yourselves to our audience?

Neil Pattemore (NP): Hi, my name is Neil Pattemore. I’ve worked pretty much all my professional life in the aftermarket, and now I work for UK AFCAR as technical director, talking to the UK government about what automotive aftermarket legislation needs to be considered, addressed and updated here in the UK.

Neville Smith (NS): My name is Neville Smith. I’m the owner and director of Nev’ll Fix It, an independent repairs garage in Tonbridge, Kent. I started the business in 1985 and we’ve expanded to now house eight hoists. We have 10 staff in all and we’ve now become one of the leading independent repairers in this area.

Neil, could you explain some of the key pieces of regulation that are going to be relevant to our readers?

NP: There are two main pillars of legislation. One is competition law, which is represented by motor vehicle block exemption regulation (MVBER). For the aftermarket this is particularly important because it brings in non-discrimination between authorised repairers, main dealers as most people would know them, and independent repair workshops. In other words, both levels of workshop, both types of workshop, I should say, have the rights to access all of the tools and the replacement parts and the training and everything needed for that complete repair process. So motor vehicle block exemption is very important and it’s due to expire at the end of May next year. The Government currently is consulting about whether they will replace it. I think they probably will, but that’s yet to be decided and announced.

The other pillar is vehicle type approval, which contains repair and maintenance, and it’s a different legal basis, partly because it’s more technical in the type approval, partly because those technical requirements can be used to judge whether there are noncompliance issues in relation to access to data, access to technical documentation, wiring diagrams and repair processes and all the things that that means. And it can be challenged if there is a non-compliance through a vehicle type approval authority as opposed to competition law, which has to be done through a court.

Neville, how much of what Neil’s just been talking about were you aware of before today?

NS: Well, I was aware that the block exemption is coming to a close and that we need to do something with regards to extending that to keep us on a level playing field [with the main dealers], so that we have access to the data and the information and, of course, the parts that are required to repair the job. Without that information, we wouldn’t have a business. Primarily we need vehicle information to enable us to provide an effective, efficient repair and put the vehicle back to the same as it was when it left the factory. For that, we need the dealer data and obviously the supply of OE quality or OE parts to ensure that the vehicle is compliant.

Do you think you have a right to repair and access vehicles?

NS: Yes, I do. I feel that if the dealers were to exclude us from repairing vehicles, they would not cope. Already, we’re finding that with some vehicles, customers are getting upset because we can’t get logged in with a dealer for weeks on end, in some cases months.

NP: I would totally endorse what Neville has just said. Ultimately the aftermarket exists to provide choices to consumers. If they choose to use us, we have a business that’s in competition with the vehicle manufacturers.

So the VMs, through vehicle technology and things like the security gateway and the wider cybersecurity – which is coming imminently, all new cars by July 2024 – are getting into a position where they can much more effectively control who can access a vehicle and for what purpose. Some of the discussions we’re having with the UK Government’s departments is how we make sure the market is able to continue to offer those competitive choices and that vehicle manufacturers don’t just use security certificates to control the aftermarket, and that includes pricing because the cost of the certificates, the cost of coding that has a certificate, the cost of a replacement part that needs to be integrated into a vehicle can increasingly come with a cost. Those costs can make the aftermarket parts, which typically are cheaper, suddenly become more expensive – if indeed you’re allowed to fit an aftermarket part.

Neil, could you explain what you mean by “security gateway” and what ramifications that could have on the aftermarket?

NP: One of the threats, if I use that word in the sense of the control that cybersecurity will give to the vehicle manufacturer. Equally, the vehicle manufacturer has a responsibility to ensure that its product, the car, remains safe and secure. But in doing that, it’s too easy to define what’s known as the rights and roles to a certificate because that certificate controls what you can do. To access that certificate, you will need to register with the vehicle manufacturer and so on. But there is equally an increasing pressure to have more control over the type approval of replacement parts, the registration of independent workshops and the technicians. The key part is that the decision should be taken by and defined by a legislator to avoid an arbitrary decision from a vehicle manufacturer who says, I don’t like that guy and I’m just going to cut him out by accusing him of doing something and stopping him accessing my certificates. That’s an over-thetop description, but there are elements of that already happening.

NS: I think as Neil has rightly said, you don’t want the manufacturer, just because he got up on a Friday morning with the hump, suddenly cutting you off!

Neville, when you started in the industry, did you ever expect barriers could potentially be put in place between you and your work?

NS: I started my apprenticeship when I was 16 or so and I’m now 68. I absolutely love the job. I love the technology. I love what we do. Every day is different, particularly in this building, because we see a great many cars with different makes and I’m on the tools as much as I should be or could be. To have someone turn around and say, “you can’t do that job”, when I’ve been doing that for the last 30 odd years or more. You know, it’s a bit of a kick in the teeth.

Well, guys, before we wrap up, I’d like to ask: Are you feeling optimistic about the future of the independent aftermarket?

NP: The short answer is yes, and I won’t expand on that, and there’s a lot of work to be done still. But the government’s aware of that. I am, along with some other colleagues, working hard to do that, but yes I am optimistic.

NS: Yeah, I hope so – as long as we’ve got people like Neil looking after our interests and steering the ship, shall we say.

Many thanks to Neil and Neville for participating. You can listen to more of our conversation on the Professional Motor Mechanic podcast using the link below.


Want to know more? For more information, click here.
 

Related posts