American cars are being rapidly reengineered from the inside out as regulators move to cut Chinese software and electronics out of the nation’s vehicle fleet. What started as a quiet reliance on low cost code and components has become a high speed effort to rewrite the digital guts of everything from family SUVs to luxury EVs. The result is a scramble that will shape how secure, how expensive and how innovative the next generation of cars will be.
Modern vehicles, including EVs, are essentially computers on wheels, and the software that runs them is now treated as critical infrastructure rather than a commodity. As Washington tightens rules on who can write that code or supply those chips, automakers are racing to prove they can build connected cars without leaning on Chinese suppliers that once seemed indispensable.
The new rules that flipped the table
The turning point came when the Commerce Department moved from warning about foreign risks to writing hard bans into regulation. Under a sweeping policy shift, the Commerce Department plans to prohibit key Chinese software and hardware in connected vehicles, treating the digital brains of cars as potential tools for espionage or disruption rather than just consumer tech. Officials have framed the risk in stark terms, warning that compromised systems could be used to track drivers, harvest sensitive data or even interfere with traffic by causing crashes or blocking roads, a concern laid out in detail as the United States weighed how to handle Chinese software.
That policy direction hardened into a concrete timetable when a New US rule, known as DoC 791D, finalized a phased ban on Chinese and Russian Connected Vehicles. The regulation, categorized under Connected Vehicles and cybersecurity, bars new imports tied to those suppliers and then extends to vehicles built for the 2030 model year, effectively forcing the industry to redesign its electronics architecture on a tight schedule. The New US DoC 791D Rule Finalizes Ban on Chinese and Russian Connected Vehicles by linking compliance to model year 2030 vehicles, turning what had been a geopolitical talking point into a binding engineering deadline for every major automaker that sells into the American market, as detailed in the New US rule.
Why Chinese code became a national security flashpoint
For years, Chinese suppliers quietly became the default choice for the cellular modules and software that connect cars to the internet, cloud services and emergency systems. By the time Washington fully woke up to the implications, Chinese companies controlled 87% of cellular modules in connected vehicles, a figure that illustrates just how concentrated the supply chain had become. That dominance is now seen as a strategic vulnerability, since the same connectivity that lets a driver stream music or receive over the air updates could, in a worst case scenario, be exploited to monitor movements or interfere with critical infrastructure, a risk spelled out in the Commerce Department’s decision to ban Chinese car software by 2027 and hardware by 2030, including the statistic that Chinese companies control 87% of those modules.
Mounting national security concerns pushed the Commerce Depart to act not only against Chinese suppliers but also Russian technology in vehicles, treating both as potential vectors for surveillance or disruption. Officials have warned that software and hardware tied to foreign adversaries could be used for remote tracking, data theft or even coordinated disruption of transportation networks, and those warnings now underpin the broader crackdown on Chinese and Russian vehicle tech. The shift reflects a view that the line between civilian and strategic technology has blurred, and that connected vehicles sit squarely in the middle of that overlap, a point underscored when US moves to prohibit Chinese, Russian vehicle tech were justified by Mounting national security concerns that the Commerce Depart said could lead to large scale disruption.
Inside the automakers’ scramble to rebuild their software stacks
Once the rules were clear, Carmakers had little choice but to launch an all out effort to identify and replace Chinese code buried deep in their vehicles. That means combing through software that controls everything from infotainment screens to advanced driver assistance, then finding or building alternatives that satisfy US regulators. Carmakers will need to attest to the U.S. government that, as of March 17, core elements of their products do not contain code that could be controlled by foreign adversaries, a requirement that turns software provenance into a legal and financial risk for every brand that sells connected cars in America, as laid out in the expectation that Carmakers will need to attest to the U.S. government that their systems are free of such code by March.
US automakers are now racing to replace Chinese tech in vehicles, a process that goes far beyond swapping a few chips. Engineers are rewriting firmware, renegotiating supplier contracts and, in some cases, redesigning entire electronic control units so they can certify that no critical function depends on Chinese software. The effort is so intense that it has become a defining project for many engineering teams, with executives warning that any misstep could leave them unable to sell certain models or features in their home market. The urgency is captured in reports that US carmakers are racing to replace Chinese code used to run key systems, a shift that has turned what was once a quiet reliance on low cost suppliers into a high profile effort to rebuild the digital foundations of their fleets, as described in coverage of US automakers that are racing to replace Chinese tech.
Foreign brands, from Geely to Stellantis, face the same gauntlet
The new rules do not just hit Detroit. Any foreign automaker that wants to sell connected vehicles in the United States now has to prove that its software stack is free of risky Chinese components. The challenge for Geely is that any Chinese company selling cars in the US must certify that all software for autonomous driving, connectivity and other core systems does not introduce unacceptable national security risk, a requirement that forces Geely to rethink how it sources and develops code for brands like Volvo that rely heavily on advanced driver assistance and over the air updates. That means Geely, despite its global footprint, must navigate the same gauntlet as its American rivals, ensuring that its Chinese roots do not become a regulatory liability in a market that is increasingly wary of foreign control over critical vehicle functions, a dilemma spelled out in the description of how the challenge for Geely is tied to restrictions on Chinese companies.
European conglomerates are also being forced to adjust. Stellantis, for example, has already been grappling with a massive write off tied to its electric vehicle strategy, and now faces a parallel challenge in purging Chinese code from its platforms. Industry watchers describe a race to purge Chinese code ahead of a March ban, with automakers scrambling to map out every line of software that touches connectivity, telematics or driver assistance. THE RACE TO PURGE CHINESE CODE has become shorthand for a broader restructuring of supply chains and engineering priorities, as companies like Stellantis try to align their global platforms with US rules without derailing product plans in other regions, a dynamic captured in reports that highlight THE RACE TO PURGE CHINESE CODE as automakers scramble ahead of a looming March ban.
Cars as rolling data centers, and what comes after the purge
More From The Daily Overview
*This article was researched with the help of AI, with human editors creating the final content.
Grant Mercer covers market dynamics, business trends, and the economic forces driving growth across industries. His analysis connects macro movements with real-world implications for investors, entrepreneurs, and professionals. Through his work at The Daily Overview, Grant helps readers understand how markets function and where opportunities may emerge.
