1 2 3 4 5 6 7 8 9 10
Document Title Cybersecurity/Software Updates: Proposal to amend GRVA/2019/2 and GRVA/2019/3
Reference Number GRVA-04-25
Date
22 Sep 2019
Summary Proposal to temporarily remove Category L vehicles from the scope of the draft cyber-security and software update processes UN Regulations.
Source(s) IMMA
Rulemaking Area(s) UN R155 Cybersecurity and UN R156 SW Updates
Proposal Status Informal GR review
Meeting(s)
Related Documents
GRVA/2019/2 Proposal for a Recommendation on Cyber Security
GRVA/2019/3 Recommendation on Software Updates
TFCS-15-34 Cybersecurity: Draft Recommendations and UN Regulation
TFCS-15-36 Software update processes: Draft recommendations and UN Regulation proposal
Downloads
UNECE server .pdf format .docx format
Excerpts from session reports related to this document
GRVA | Session 4 | 24-27 Sep 2019

21. The expert from the United Kingdom, Co-Chair of the Task Force on Cyber Security and Over-The-Air software updates (TF CS/OTA) reported on the activities of the group since June 2019. (Details are provided in GRVA-04-45.) He explained the activities of the test phase and reported that it was positive. He stated that the draft proposal (ECE/TRANS/WP.29/GRVA/2019/2 as amended) worked and provided value. He mentioned that the experience gathered during this phase would be reflected in an interpretation document and that the documents under development would be improved for consideration at the next session of GRVA.

22. The expert from IMMA introduced GRVA-04-25, proposing amendments to the scope of the draft regulation. GRVA referred the proposal to the Task Force.

23. The expert from Germany provided comments in GRVA-04-22. GRVA agreed to refer them to the Task Force.

24. The expert from the European Commission recalled that a report would have to be prepared for review at the next session of WP.29. He presented a proposal to clarify the scope of the draft UN Regulation on cyber security (GRVA-04-32). He noted that the challenges of the group were similar to those that the IWG on VMAD would face, when working on audits.

25. The expert from the USA commended the Task Force for its work. But she requested that the technical requirements be prepared (as previously agreed) in a document that could serve the 1998 Agreement as well.

26. The expert from Sweden informed that his country had now established a Cyber Security authority. GRVA welcomed the participation of Cyber Security authorities at the Task Force meetings.

27. The expert from FIGIEFA introduced GRVA-04-04 proposing amendments to the scope as well as new proposals related to access to data by authorized parties. She announced that she would support the alternative proposal concerning the scope presented in
GRVA-04-32. The expert from OICA also supported amendments to the scope but not the other amendments proposed in GRVA-04-32. The expert from EC stated the importance to remain vigilant concerning the access to data in vehicles. GRVA transmitted the amendment proposals to the task force.

28. The expert from FIA introduced GRVA-04-40 proposing to clarify the lifecycle and lifetime definitions. He suggested that the lifetime definition should also include the time after a vehicle is deregistered and until it is scrapped. GRVA did not conclude on this item and transmitted the document to the Task Force.

29. GRVA invited the Task Force to prepare the proposal for a new UN Regulation on cyber security, a draft guidance document, a draft resolution with recommendations together with draft requirements in a document that can serve the 1998 Agreement and a report on the test phase.

30. GRVA agreed to request an extension of the mandate of the Task Force for two years.