5. (a)
|
Cyber security and data protection as well as software updates
GRVA agreed to consider proposals for recommendation prepared by the Task Force on Cyber Security and Over-The-Air issues, if any.
GRVA-05-26 | Status of the cyber security and software update process recommendations
|
|
GRVA will consider a proposal from the Task Force for a new UN Regulation on uniform provisions concerning the approval of vehicles with regard to cyber security and of their cyber security management systems as well as a draft 01 series of amendments to this UN Regulation.
GRVA-05-05 | Cybersecurity: Proposal for amendments to the draft UN Regulation
|
|
Document Title: Cybersecurity: Proposal for amendments to the draft UN Regulation
|
Document Reference Number: GRVA-05-05
|
Description: The amendment proposal by TF CS/OTA to improve the text (ECE/TRANS/WP.29/GRVA/2020/3) with respect to the Approval Authorities and granting of type approvals
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 03 Feb 20 (Posted 06 Feb 20)
|
Document status: Superseded
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA-05-05/Rev.1 | Cybersecurity: Proposal for amendments to the draft UN Regulation
|
|
Document Title: Cybersecurity: Proposal for amendments to the draft UN Regulation
|
Document Reference Number: GRVA-05-05/Rev.1
|
Description: Draft text for a new UN Regulation on the certification of cybersecurity management systems and the approval of vehicles with regarding to cybersecurity. This draft will be considered during the 6th GRVA session.
|
Meeting Session: 5th GRVA session (10-14
Feb 2020) and 6th GRVA session (3-4
Mar 2020)
|
Document date: 13 Feb 20 (Posted 14 Feb 20)
|
Document status: Superseded
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
Working Party on Automated and Connected Vehicles | Session 6 | 3-4
Mar 2020
16. GRVA worked on the basis of GRVA-05-05-Rev.1 prepared by the Secretary at the end of the fifth session of GRVA.
|
GRVA-05-13 | Cybersecurity: Proposal to amend the draft UN Regulation
|
|
Document Title: Cybersecurity: Proposal to amend the draft UN Regulation
|
Document Reference Number: GRVA-05-13
|
Description: Text submitted by the expert from Japan proposing an amendment to document GRVA-05-05 from TF CS/OTA
|
Submitted by: Japan
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 05 Feb 20 (Posted 06 Feb 20)
|
Document status: Superseded
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA-05-15 | Cybersecurity: Explanatory document
|
|
Document Title: Cybersecurity: Explanatory document
|
Document Reference Number: GRVA-05-15
|
Description: Explanatory document submitted by the expert from FIGIEFA to be read in conjunction with the UN Regulation on Cybersecurity (ECE/TRANS/WP.29/GRVA/2020/2). This document describes process flow for national/regional authorities to define objective minimum compliance criteria.
|
Submitted by: FIGIEFA
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 05 Feb 20 (Posted 06 Feb 20)
|
Document status: Informal GR review
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA-05-16 | Cybersecurity: Proposal for amendments to the draft UN Regulation
|
|
Document Title: Cybersecurity: Proposal for amendments to the draft UN Regulation
|
Document Reference Number: GRVA-05-16
|
Description: Text submitted by the experts from EGEA, FIA, FIGIEFA and ETRMA for amendments and modifications to ECE/TRANS/WP29/GRVA/2020/2 & ECE/TRANS/WP29/GRVA/2020/3
|
Submitted by: EGEA, ETRMA, FIA Foundation, and FIGIEFA
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 05 Feb 20 (Posted 06 Feb 20)
|
Document status: Informal GR review
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA-05-17 | Cybersecurity and Software updates: Proposals for amendments to the draft UN Regulations
|
|
GRVA-05-20 | Cybersecurity : Proposal for amendments to GRVA-05-05
|
|
Document Title: Cybersecurity : Proposal for amendments to GRVA-05-05
|
Document Reference Number: GRVA-05-20
|
Description: Proposal to delete limitations regarding the choice of cryptographic modules.
|
Submitted by: Japan
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 05 Feb 20 (Posted 06 Feb 20)
|
Document status: Informal GR review
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA-05-22 | Cybersecurity: Proposal for amendments to document GRVA-05-05
|
|
Document Title: Cybersecurity: Proposal for amendments to document GRVA-05-05
|
Document Reference Number: GRVA-05-22
|
Description: Proposal to define the absence of a Cyber Security Management System certificate (e.g., expiration or withdrawal) as a modification affecting vehicle technical performance (and therefore, the type approval of the vehicle).
|
Submitted by: EC
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 07 Feb 20 (Posted 08 Feb 20)
|
Document status: Informal GR review
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA-05-27 | Cybersecurity: Proposal of amendments to document GRVA-05-05
|
|
Document Title: Cybersecurity: Proposal of amendments to document GRVA-05-05
|
Document Reference Number: GRVA-05-27
|
Description: Proposal from the GRVA secretariat to align the text of the draft UN Regulation on cybersecurity with the text of Schedule 6 of the 1958 Agreement.
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 07 Feb 20 (Posted 08 Feb 20)
|
Document status: Informal GR review
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
GRVA-05-29 | Cybersecurity: Proposal of amendments to document GRVA-05-05
|
|
Document Title: Cybersecurity: Proposal of amendments to document GRVA-05-05
|
Document Reference Number: GRVA-05-29
|
Description: Proposal from France to delete provisions allowing a “cross check” of cybersecurity management certifications among approval authorities in favor of defined requirements for technical services.
|
Submitted by: France
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 07 Feb 20 (Posted 08 Feb 20)
|
Document status: Informal GR review
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA-05-33 | Cybersecurity: Comments to GRVA-05-05
|
|
Document Title: Cybersecurity: Comments to GRVA-05-05
|
Document Reference Number: GRVA-05-33
|
Submitted by: CLEPA and OICA
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 07 Feb 20 (Posted 08 Feb 20)
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA-05-42 | Cybersecurity: Proposal for amendments to document GRVA-05-05
|
|
Document Title: Cybersecurity: Proposal for amendments to document GRVA-05-05
|
Document Reference Number: GRVA-05-42
|
Description: Proposal to delete the phrase “actively seek guidance” regarding Type Approval Authority consultations, shortening the period during which authorities can express reservations regarding a draft approval from 30 days to 14 days, and clarifications to the text.
|
Submitted by: EC
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 11 Feb 20 (Posted 11 Feb 20)
|
Document status: Informal GR review
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA-05-51 | UN R79: Proposal for amendments to GRVA-05-05
|
|
Document Title: UN R79: Proposal for amendments to GRVA-05-05
|
Document Reference Number: GRVA-05-51
|
Description: Russia-coordinated effort to reconcile divergent views on the concept for type authority review of other type approval authority decisions on cybersecurity management system certification.
|
Submitted by: Russia
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 12 Feb 20 (Posted 12 Feb 20)
|
Document status: Informal GR review
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA-05-54 | Cybersecurity: Proposal for amendments to the draft Regulation
|
|
Document Title: Cybersecurity: Proposal for amendments to the draft Regulation
|
Document Reference Number: GRVA-05-54
|
Description: Proposal to insert the provision, “This regulation is without prejudice to national or regional regulations dealing with the development and replacement of parts and systems, physical and digital, with regards to ensure their compatibility with cybersecurity.”
|
Submitted by: FIGIEFA
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 12 Feb 20 (Posted 12 Feb 20)
|
Document status: Informal GR review
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
|
GRVA/2020/2 | Cybersecurity: Proposal for a new UN Regulation
|
|
Document Title: Cybersecurity: Proposal for a new UN Regulation
|
Document Reference Number: GRVA/2020/2
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 02 Dec 19 (Posted 17 Dec 19)
|
Document status: Superseded
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA/2020/3 | Cybersecurity: Proposal for the 01 series of amendments
|
|
Document Title: Cybersecurity: Proposal for the 01 series of amendments
|
Document Reference Number: GRVA/2020/3
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 02 Dec 19 (Posted 17 Dec 19)
|
Document status: Superseded
|
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start.
26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules.
27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration.
28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal.
29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5.
30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France.
31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks.
32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis.
33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues.
34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above). - GRVA discussed the scope of the draft Regulation (keeping vehicles of Categories S, R, T, O in square brackets).
- GRVA discussed GRVA-05-17 and agreed to keep the proposed paragraph 1.4.
- GRVA agreed that the Regulation and the 1958 Agreement would not be prescribing the mutual recognition, among Contracting Parties, of CSMS (and Software Update Management System) certificates.
- The expert from Singapore requested clarifications concerning the reporting obligations according to the draft Regulation and wondered whether any reporting would only be shared among the Contracting Parties of the 1958 Agreement. The Co-Chair of the TF explained that the current draft did not impose reporting on existing cyber security threats. He explained that there were already information sharing platforms such as Automotive Information Sharing and Analysis Center (AutoISAC) in the United States of America. GRVA invited the TF to address the question raised.
- GRVA resumed discussion on the paragraphs 5.3.1.-5.3.3. The expert from the Russian Federation explained that provisions regarding the competencies of Technical Services should be introduced in Schedule 2 to the 1958 Agreement. He added that GRVA-05-42 was not enough and that not trusting Approval Authorities was not a good idea, as it would be time consuming and expensive. He stated that the Database for Exchange of Type Approval documentation (DETA) could have a useful role to play, that the TF could be entitled to learn from type approvals and propose relevant Regulation amendments to GRVA, as necessary, and he proposed the corresponding regulatory wording (GRVA-05-51). The expert from the Republic of Korea stated that these paragraphs could be misused. The expert from CEN proposed an alternative procedure based on the so-called common criteria approach and referred to WP.29-179-28 and WP.29-179-29. The TF Co-Chair noted that the common criteria approach was not complete. The expert from FIA introduced GRVA-05-16. GRVA requested the TF to provide comments on this document. GRVA noted to availability of GRVA-05-02 reproducing ISO/SAE DIS 21434 addressing aspects of the draft Regulation but not the mutual recognition aspect.
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session.
|
GRVA will consider a proposal for a new UN Regulation on uniform provisions concerning the approval of software update processes as well as a template for amending existing UN Regulations to introduce provisions on Software Identification Numbers (SWIN).
GRVA-05-04 | Software Update Processes: Proposals for amendments to the draft UN Regulation
|
|
Document Title: Software Update Processes: Proposals for amendments to the draft UN Regulation
|
Document Reference Number: GRVA-05-04
|
Description: The proposed amendments by TF CS/OTA is to improve the existing text (ECE/TRANS/WP.29/GRVA/2020/4 ) and to add clarity for its application.
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 03 Feb 20 (Posted 06 Feb 20)
|
Document status: Informal GR review
|
This document concerns UN Regulation No. 156 | Software Update Processes and Management Systems.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
36. The expert from the United Kingdom and Northern Ireland, Co-Chair of the group introduced a proposal for a new UN Regulation on Software Updates and Software Updates Management System (ECE/TRANS/WP.29/GRVA/2020/4 amended by GRVA-05-04 and reproduced in GRVA-05-06 in a consolidated version). He explained that the group would prepare an interpretation document but that no resolution would be necessary.
37. GRVA adopted ECE/TRANS/WP.29/GRVA/2020/4 amended by Annex III of the GRVA session report and requested the secretariat to submit it (without square brackets) to WP.29 and the Administrative Committee AC.1 for consideration and vote at their June 2020 sessions.
38. The expert from the United Kingdom and Northern Ireland introduced ECE/TRANS/WP.29/GRVA/2020/5, proposing provisions for software identification numbers. GRVA adopted the proposal and requested the secretariat to consult WP.29 on the best way to implement these provisions in existing regulations.
39. GRVA noted the report of the test phase prepared by the TF (ECE/TRANS/WP.29/GRVA/2020/6) and discussed that the TF on CS/OTA should be renamed IWG on CS/OTA.
|
GRVA-05-06 | Software Update Processes: Consolidated proposal for amendments to the draft UN Regulation
|
|
Document Title: Software Update Processes: Consolidated proposal for amendments to the draft UN Regulation
|
Document Reference Number: GRVA-05-06
|
Description: Consolidated text by TF CS/OTA for the proposal of amendments to ECE/TRANS/WP.29/GRVA/2020/4
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 03 Feb 20 (Posted 06 Feb 20)
|
Document status: Informal GR review
|
This document concerns UN Regulation No. 156 | Software Update Processes and Management Systems.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
36. The expert from the United Kingdom and Northern Ireland, Co-Chair of the group introduced a proposal for a new UN Regulation on Software Updates and Software Updates Management System (ECE/TRANS/WP.29/GRVA/2020/4 amended by GRVA-05-04 and reproduced in GRVA-05-06 in a consolidated version). He explained that the group would prepare an interpretation document but that no resolution would be necessary.
37. GRVA adopted ECE/TRANS/WP.29/GRVA/2020/4 amended by Annex III of the GRVA session report and requested the secretariat to submit it (without square brackets) to WP.29 and the Administrative Committee AC.1 for consideration and vote at their June 2020 sessions.
38. The expert from the United Kingdom and Northern Ireland introduced ECE/TRANS/WP.29/GRVA/2020/5, proposing provisions for software identification numbers. GRVA adopted the proposal and requested the secretariat to consult WP.29 on the best way to implement these provisions in existing regulations.
39. GRVA noted the report of the test phase prepared by the TF (ECE/TRANS/WP.29/GRVA/2020/6) and discussed that the TF on CS/OTA should be renamed IWG on CS/OTA.
|
GRVA-05-17 | Cybersecurity and Software updates: Proposals for amendments to the draft UN Regulations
|
|
GRVA/2020/4 | Software Update Processes: Proposal for a new UN Regulation
|
|
Document Title: Software Update Processes: Proposal for a new UN Regulation
|
Document Reference Number: GRVA/2020/4
|
Meeting Session: 5th GRVA session (10-14
Feb 2020) and 17th TFCS session (21-23
Jan 2020)
|
Document date: 29 Nov 19 (Posted 17 Dec 19)
|
Document status: Superseded
|
This document concerns UN Regulation No. 156 | Software Update Processes and Management Systems.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
36. The expert from the United Kingdom and Northern Ireland, Co-Chair of the group introduced a proposal for a new UN Regulation on Software Updates and Software Updates Management System (ECE/TRANS/WP.29/GRVA/2020/4 amended by GRVA-05-04 and reproduced in GRVA-05-06 in a consolidated version). He explained that the group would prepare an interpretation document but that no resolution would be necessary.
37. GRVA adopted ECE/TRANS/WP.29/GRVA/2020/4 amended by Annex III of the GRVA session report and requested the secretariat to submit it (without square brackets) to WP.29 and the Administrative Committee AC.1 for consideration and vote at their June 2020 sessions.
38. The expert from the United Kingdom and Northern Ireland introduced ECE/TRANS/WP.29/GRVA/2020/5, proposing provisions for software identification numbers. GRVA adopted the proposal and requested the secretariat to consult WP.29 on the best way to implement these provisions in existing regulations.
39. GRVA noted the report of the test phase prepared by the TF (ECE/TRANS/WP.29/GRVA/2020/6) and discussed that the TF on CS/OTA should be renamed IWG on CS/OTA.
|
GRVA/2020/5 | Software Identification: Draft proposal to amend UN Regulations to introduce software identification numbers (RXSWIN)
|
|
Document Title: Software Identification: Draft proposal to amend UN Regulations to introduce software identification numbers (RXSWIN)
|
Document Reference Number: GRVA/2020/5
|
Description: Proposal to introduce software control numbers into relevant UN Regulations.
|
Meeting Session: 5th GRVA session (10-14
Feb 2020)
|
Document date: 29 Nov 19 (Posted 17 Dec 19)
|
Document status: Superseded
|
This document concerns UN Regulation No. 156 | Software Update Processes and Management Systems and United Nations Agreement | RE3 Construction of Vehicles.
This submission is related to the following document(s):
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
36. The expert from the United Kingdom and Northern Ireland, Co-Chair of the group introduced a proposal for a new UN Regulation on Software Updates and Software Updates Management System (ECE/TRANS/WP.29/GRVA/2020/4 amended by GRVA-05-04 and reproduced in GRVA-05-06 in a consolidated version). He explained that the group would prepare an interpretation document but that no resolution would be necessary.
37. GRVA adopted ECE/TRANS/WP.29/GRVA/2020/4 amended by Annex III of the GRVA session report and requested the secretariat to submit it (without square brackets) to WP.29 and the Administrative Committee AC.1 for consideration and vote at their June 2020 sessions.
38. The expert from the United Kingdom and Northern Ireland introduced ECE/TRANS/WP.29/GRVA/2020/5, proposing provisions for software identification numbers. GRVA adopted the proposal and requested the secretariat to consult WP.29 on the best way to implement these provisions in existing regulations.
39. GRVA noted the report of the test phase prepared by the TF (ECE/TRANS/WP.29/GRVA/2020/6) and discussed that the TF on CS/OTA should be renamed IWG on CS/OTA.
|
GRVA may wish to take note of the submission of a report on the test phase produced by the task force and submitted to WP.29 at its November 2019 session.
GRVA/2020/6 | Software Update Processes: Report on the validation test phase
|
|
Document Title: Software Update Processes: Report on the validation test phase
|
Document Reference Number: GRVA/2020/6
|
Meeting Session: 5th GRVA session (10-14
Feb 2020) and 17th TFCS session (21-23
Jan 2020)
|
Document date: 29 Nov 19 (Posted 17 Dec 19)
|
This document concerns UN Regulation No. 156 | Software Update Processes and Management Systems.
|
Meeting Reports
|
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
36. The expert from the United Kingdom and Northern Ireland, Co-Chair of the group introduced a proposal for a new UN Regulation on Software Updates and Software Updates Management System (ECE/TRANS/WP.29/GRVA/2020/4 amended by GRVA-05-04 and reproduced in GRVA-05-06 in a consolidated version). He explained that the group would prepare an interpretation document but that no resolution would be necessary.
37. GRVA adopted ECE/TRANS/WP.29/GRVA/2020/4 amended by Annex III of the GRVA session report and requested the secretariat to submit it (without square brackets) to WP.29 and the Administrative Committee AC.1 for consideration and vote at their June 2020 sessions.
38. The expert from the United Kingdom and Northern Ireland introduced ECE/TRANS/WP.29/GRVA/2020/5, proposing provisions for software identification numbers. GRVA adopted the proposal and requested the secretariat to consult WP.29 on the best way to implement these provisions in existing regulations.
39. GRVA noted the report of the test phase prepared by the TF (ECE/TRANS/WP.29/GRVA/2020/6) and discussed that the TF on CS/OTA should be renamed IWG on CS/OTA.
|
|
|
|