Brief: On January 22, 2021, the software update regulation UN R156 entered into force, and on June 28, 2021, the EU Automotive Expert Group submitted the draft revised regulations Regulation (EU) 2018/858 and Regulation (EU) 2019/2144 on software updates.
INTRODUCTION TO REGULATION UPDATE
In Regulation (EU) 2019/2144, the UN R156 software update regulation, together with the UN R155 cybersecurity regulation, becomes the D4 technical regulation for protection against cyber attacks on vehicles, which will come into force in July 2022. -The draft amendment to Regulation (EU) 2018/858 adds a new paragraph 5 to COP procedure, requiring manufacturers' software update management systems SUMS and vehicle types to comply with UN R156.
SUMS TECHNICAL REQUIREMENT
Scope: applies to vehicles of Categories1 M, N, O, R, S and T that permit software updates
1. Process requirements
- A process whereby information relevant to this Regulation is documented and securely held at the vehicle manufacturer and can be made available to an Approval Authority or its Technical Service upon request.
- A process whereby information regarding all initial and updated software versions, including integrity validation data, and relevant hardware components of a type approved system can be uniquely identified.
- A process whereby, for a vehicle type that has an RXSWIN, information regarding the RXSWIN of the vehicle type before and after an update can be accessed and updated. This shall include the ability to update information regarding the software versions and their integrity validation data of all relevant software for each RXSWIN.
- A process whereby, for a vehicle type that has an RXSWIN, the vehicle manufacturer can verify that the software version(s) present on a component of a type approved system are consistent with those defined by the relevant RXSWIN.
- A process whereby any interdependencies of the updated system with other systems can be identified.
- A process whereby the vehicle manufacturer is able to identify target vehicles for a software update.
- A process to confirm the compatibility of a software update with the target vehicle(s) configuration before it is issued. This shall include an assessment of the last known software/hardware configuration of the target vehicle(s) for compatibility with the update before it is issued.
- A process to assess, identify and record whether a software update will affect any type approved systems. This shall consider whether the update will impact or alter any of the parameters used to define the systems the update may affect or whether it may change any of the parameters used to type approve those system (as defined in the relevant legislation).
- A process to assess, identify and record whether a software update will add, alter or enable any functions that were not present, or enabled, when the vehicle was type approved or alter or disable any other parameters or functions that are defined within legislation.
- A process to assess, identify and record if a software update will affect any other system required for the safe and continued operation of the vehicle or if the update will add or alter functionality of the vehicle compared to when it was registered;
- A process whereby the vehicle user is able to be informed about updates.
- A process whereby the vehicle manufacturer shall be able to make the information according to paragraph 188.8.131.52. and 184.108.40.206. available to responsible Authorities or the Technical Services. This may be for the purpose of type approval, conformity of production, market surveillance, recalls and Periodic Technical Inspection (PTI).
- Documentation describing the processes used by the vehicle manufacturer for software updates and any relevant standards used to demonstrate their compliance.
- Documentation describing the configuration of any relevant type approved systems before and after an update, this shall include unique identification for the type approved system’s hardware and software (including software versions) and any relevant vehicle or system parameters.
- For every RXSWIN, there shall be an auditable register describing all the software relevant to the RXSWIN of the vehicle type before and after an update. This shall include information of the software versions and their integrity validation data for all relevant software for each RXSWIN.
- Documentation listing target vehicles for the update and confirmation of the compatibility of the last known configuration of those vehicles with the update.
- Documentation for all software updates for that vehicle type describing.
Evidence should be provided by demonstrating the processes used to record the information. If the processes have already been used then the output of the processes (the resultant documentation) could be shown to demonstrate them.
3. Additional requirements for OTA
- The vehicle manufacturer shall demonstrate the processes and procedures they will use to assess that over the air updates will not impact safety, if conducted during driving.
- The vehicle manufacturer shall demonstrate the processes and procedures they will use to ensure that, when an over the air update requires a specific skilled or complex action, for example recalibrate a sensor post-programming, in order to complete the update process, the update can only proceed when a person skilled to do that action is present or is in control of the process.
ATIC GLOBAL REGULATION RESEARCH AND VEHICLE HOMOLOGATION PRODUCT LINE
ATIC Automotive Regulation Research Department and Vehicle Homologation Product Line is dedicated to global automotive regulation research and whole vehicle type approval service. Based on self-developed digital platform ATIC also provides regulatory compliance service and regulation database subscription service.
UN R156 CERTIFICATION PLEASE CONTACT