Brief: Nowadays, smart cars are changing towards connected and automated vehicles. By equipping vehicles with on-board sensors, controllers, actuators, and integrating modern communication and network technologies, information exchange and sharing between vehicles, roads, people, and clouds are realized. Smart vehicles are capable of achieving complex environment perception, intelligent decision-making, collaborative control and other functions.This comes with significant cybersecurity risks, as hackers seek to access electronic systems and data, threatening vehicle safety and consumer privacy. WP.29 issued two new UN Regulations on Cybersecurity and Software Updates which help tackle these risks by establishing clear performance and audit requirements for car manufacturers.
1. This Regulation applies to vehicles, with regard to cyber security, of the Categories M and N.
2. This Regulation also applies to vehicles of Category O if fitted with at least one electronic control unit.
3. This Regulation also applies to vehicles of the Categories L6 and L7 if equipped with automated driving functionalities from level 3 onwards.
The application for approval of a vehicle type concerning cybersecurity shall be submitted by the vehicle manufacturer or by their duly accredited representative. When applying for approval, the applicant should obtain the Certificate of Compliance for CSMS issued by the approval authority.
This regulation will enter into force in January 2021. In the European Union, cybersecurity will be mandatory for all new vehicle types from July 2022 and will become mandatory for all new vehicles registered from July 2024.
ATIC together with European partner CETOC to establish an international cybersecurity team to provide compliance and homologation service for Chinese OEMs, service modules including:
1. Gap Analysis
2. Definition and documentation of cybersecurity management processes
3. Support for the implementation of cybersecurity management processes
4. Integration of cybersecurity management processes into the company's Quality Management System (ISO 9001 / IATF 16949)
5. Support for the development of products according to cybersecurity standards
5.1 Verification (with penetration tests performed by specialists)5.2 Integration of cybersecurity measures into functional safety architecture
REFERENCE STANDARDS COVERAGE5. ECE/TRANS/WP.29/78/Rev.6 - Consolidated Resolution on the Construction of Vehicles (R.E.3) (Annex 6)6. UN R 155 - Vehicles cyber security and cyber security management system7. UN R 156 - Software updatingVEHICLE CYBERSECURITY TEAMATIC and CETOC create an international vehicle cybersecurity compliance team