Question to the Department for Science, Innovation & Technology:

To ask the Secretary of State for Science, Innovation and Technology, what assessment her Department has made of the effectiveness of the use of the N9M protocol; and if she will issue guidance on its vulnerabilities to foreign actors accessing any data processed using N9M.

This government remains committed to ensuring that new and existing technologies are safely deployed across the UK. Whilst the government does not routinely carry out assessments of software or products it is working with industry to support them in making independent assessments about the security of software and products. To this end, the National Cyber Security Centre has set up Cyber Resilience Test Facilities (CRTFs) that will deliver assurance for a wide range of internet connected products and services. This will also enable industry and government services to independently audit and assess products and services in a consistent way.

The N9M protocol is used within vehicles. Last year, the government laid the Road Vehicles (Type-Approval) (Amendment) (No. 3) Regulations 2025 that mandated internationally recognised requirements for vehicle cyber security. Vehicle manufacturers, including those that use N9M protocol, must assess and mitigate for cyber-security threats and vulnerabilities, as part of the whole vehicle evaluation for new vehicles required to obtain GB type-approval.