Proposal for a new UN Regulation on uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system.
Regarding: |
Meeting(s): |
|
Document Title: Cybersecurity: Draft proposal for a new UN Regulation |
Document Reference Number: GRVA-06-19/Rev.1 |
Description: Proposal for a new UN Regulation as approved by GRVA during its 6th session for the type approval of vehicles with regard to their cybersecurity protection. |
Meeting Session: 6th GRVA session (3-4 Mar 2020) |
Document date: 04 Mar 20 (Posted 05 Mar 20) |
Document status: Superseded |
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports |
Working Party on Automated and Connected Vehicles | Session 6 | 3-4
Mar 2020
23. GRVA adopted GRVA-06-19-Rev.1 and requested the secretariat to submit it (without paras 5.3.1.-5.3.4.) as draft UN Regulation on Cyber Security and Cyber Security Management Systems to WP.29 and AC.1 for consideration and vote at their June 2020 session. |
Document Title: Cybersecurity: Proposal for a new UN Regulation |
Document Reference Number: GRVA/2020/2 |
Meeting Session: 5th GRVA session (10-14 Feb 2020) |
Document date: 02 Dec 19 (Posted 17 Dec 19) |
Document status: Superseded |
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports |
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start. 26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules. 27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration. 28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal. 29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5. 30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France. 31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks. 32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis. 33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues. 34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above).
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session. |
Document Title: Cybersecurity: Proposal for a new UN Regulation |
Document Reference Number: GRVA/2020/2 |
Meeting Session: 5th GRVA session (10-14 Feb 2020) |
Document date: 02 Dec 19 (Posted 17 Dec 19) |
Document status: Superseded |
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports |
Working Party on Automated and Connected Vehicles | Session 5 | 10-14
Feb 2020
25. The expert from the United Kingdom and Northern Ireland, Co-Chair of the Task Force (TF) on Cyber Security and Over-The-Air issues (CS/OTA), presented the outcome of the TF. He introduced the proposed draft UN Regulation on Cyber Security and Cyber Security Management System (ECE/TRANS/WP.29/GRVA/2020/2 (withdrawn), ECE/TRANS/WP.29/GRVA/2020/3 amended by GRVA-05-05). He mentioned that the revised proposal entailed a recent proposal from Germany and the European Commission (paragraphs 5.3.1.-5.3.3.) in square brackets. He recalled that the TF was planning to deliver further documents accompanying the UN Regulation: a resolution and an interpretation document. He stated that these documents would be further elaborated during the next session of the TF and would distillate the learnings of the test phase in 2019. He informed GRVA that the work on a UN Global Technical Regulation (GTR) had to start. 26. The expert from Japan introduced GRVA-05-20 proposing amendments to paragraph 7.3.8. on the use of cryptographic modules. 27. The expert from the European Commission introduced GRVA-05-22, aimed at clarifying the consequences of the Cyber Security Management System certificate expiration. 28. The expert from Japan introduced GRVA-05-13, expressing strong objections to the proposed paragraphs 5.3.1.-5.3.3. establishing prerequisites to the granting of type approvals not in line with the 1958 Agreement and posing a sovereignty risk. The expert from the Russian Federation expressed a similar position and proposed to draft an alternative proposal. 29. The expert from France introduced, GRVA-05-29 proposing an alternative to the proposed paragraphs 5.3.1.-5.3.3. as well as amendments proposal for paragraph 7.4 and Annex 5. 30. The expert from the European Commission introduced a compromise proposal (GRVA-05-42) for paragraphs 5.3.1.-5.3.3. aimed at addressing the proposals from Japan and France. 31. The expert from OICA introduced GRVA-05-33. He stated that the test phase’s general outcome was the confirmation of the applicability of the former draft. He explained their major concerns with the current text. He mentioned their concerns from the industry point of view regarding the major type approval procedure modifications introduced by paragraphs 5.3.1.-5.3.3. and the major delay associated risks. 32. He stated that insufficient considerations were given to existing vehicle architectures and requested the introduction of transitional provisions. He also stated that the reporting provisions were excessive. He called on GRVA to consider these concerns and to resolve them on a consensus basis. 33. The expert from FIGIEFA introduced GRVA-05-15, proposing a process flow for national/regional authorities to define objective minimum compliance criteria for the UNECE cybersecurity regulation and a way forward for aftermarket issues. 34. GRVA reviewed in detail GRVA-05-05, having in mind the presentations received (paragraphs 26-32 above).
35. The Secretary produced a consolidation of the draft Regulation based on the input received during the session (GRVA-05-05/Rev.1). GRVA agreed to use this consolidation as a basis for further work until the next GRVA session. |
Document Title: Transposition of UN R155 into technical guidelines |
Document Reference Number: TFCS-19-04 |
Description: Mark up of the draft UN Regulation on cyber security (WP.29/2020/79) towards transposition of technical requirements into an instrument under the 1998 Agreement. |
Meeting Session: 19th TFCS session (20-21 Oct 2020) |
Document date: 21 Oct 20 (Posted 21 Oct 20) |
This document concerns WP.29 Regulatory Project | Guidelines on Cyber Security Technical Requirements and UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Document Title: Framework document on automated/autonomous vehicles |
Document Reference Number: WP.29/2019/34/Rev.1 |
Meeting Session: 178th WP.29 session (24-28 Jun 2019) and 12th EDR-DSSAD session (2 Mar) |
Document date: 03 Sep 19 (Posted 03 Sep 19) |
Document status: Adopted by WP.29 |
This document concerns WP.29 Regulatory Project | Automated Driving Systems, UN Regulation No. 155 | Cyber Security and Cyber Security Management, WP.29 Regulatory Project | Data Storage Systems for Automated Driving, UN Regulation No. 160 | Event Data Recorders, WP.29 Regulatory Project | Guidelines of Software Update Technical Requirements, and UN Regulation No. 156 | Software Update Processes and Management Systems.
This submission is related to the following document(s):
|
Meeting Reports |
World Forum for the Harmonization of Vehicle Regulations | Session 178 | 24-28
Jun 2019
25. The representative of Japan introduced, on behalf of China, European Union, Japan and the United States of America, WP.29-178-10/Rev.2 containing amendments to ECE/TRANS/WP.29/2019/34 – Framework Document on Automated/autonomous Vehicles. He explained that the amendments included editorial amendments as well as a restructured Table 1 containing details on (i) current activities, (ii) expected future activities and (iii) references to the key safety principles mentioned in the document. 26. The representative of the Republic of Korea introduced WP.29-178-19, proposing additional amendments to ECE/TRANS/WP.29/2019/34. The representative of Sweden proposed to insert into Table 1 considerations related to para. 4 (j) regarding vehicle inspection. The representative of CITA supported the position of the representative of Sweden. 27. WP.29 adopted ECE/TRANS/WP.29/2019/34 as amended by WP.29-178-10/Rev.2 and requested the secretariat to issue it as a reference document with the symbol ECE/TRANS/WP.29/2019/34/Rev.1. 72. The Secretary of GRVA introduced ECE/TRANS/WP.29/2019/34/Rev.1, the framework document on automated/autonomous vehicles. He further informed GRSG on the establishment of new IWGs for functional requirements for automated vehicles, validation methods for automated driving, EDR/DSSAD and Cyber Security/OTA. 73. Following questions from delegates, GRSG noted that elements related to human-machine interface (HMI) and other activities than driving that were currently under discussion at the Global Forum for Road Safety (WP.1) would also be covered under IWG on functional requirements for automated vehicles, while elements for driver monitoring were still discussed by IWG on Automated Controlled Steering Functions (ACSF). |
Document Title: Cybersecurity: Proposal for amendments to ECE/TRANS/WP.29/2020/79 |
Document Reference Number: WP.29/2020/94 |
Description: Proposal for provisions regarding the extension, expiration, or withdrawal of a cybersecurity approval. |
Submitted by: EC |
Meeting Session: 181st WP.29 session (24 Jun 2020) |
Document date: 14 Apr 20 (Posted 20 Apr 20) |
Document status: Adopted text published |
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports |
Working Party on Automated and Connected Vehicles | Session 7 | 21-25
Sep 2020
28. The expert from the Netherlands, Chair of the IWG on Database for Exchange of Type Approval documentation (DETA), introduced GRVA-07-25 (aimed at clarifying DETA related provisions in ECE/TRANS/WP.29/2020/94). GRVA endorsed it, in principle, as a draft guidance for the Authorities on the way to use DETA, hosted by Germany, in line with the relevant provisions in UN Regulation No. [155]. GRVA noted that the document would be finalized prior to WP.29 in November 2020, so that it can be adopted together with the document above. 29. GRVA requested the secretariat to provide a specific place on its website for all cyber security and software updates related documents. |
Document Title: Cybersecurity: Proposal to amend document WP.29/2020/79 |
Document Reference Number: WP.29/2020/97 |
Description: Proposal agreed by interested Contracting Parties to resolve concerns regarding “peer review” of cybersecurity type approvals. |
Submitted by: EC, France, Germany, Italy, Japan, Russia, Spain, and UK |
Meeting Session: 181st WP.29 session (24 Jun 2020) |
Document date: 02 Apr 20 (Posted 20 Apr 20) |
Document status: Adopted text published |
This document concerns UN Regulation No. 155 | Cyber Security and Cyber Security Management.
This submission is related to the following document(s):
|
Meeting Reports |
Working Party on Automated and Connected Vehicles | Session 7 | 21-25
Sep 2020
27. The expert from the Russian Federation presented GRVA-07-08, proposing a clarification of para. 5.3.5. of UN Regulation No. [155]. The expert from Japan explained that the proposed clarification should be carefully reviewed as it could lead to restrictions to the rights of Contracting Parties according to the 1958 Agreement. The author agreed and mentioned that ECE/TRANS/WP.29/2020/97 already provided some clarifications. |