4. Cyber security and (over-the-air) software updates

GRVA will review a proposal for provisions regarding cyber security and (over-the-air) software updates.

GRVA-05-05/Rev.1 | Cybersecurity: Proposal for amendments to the draft UN Regulation Draft text for a new UN Regulation on the certification of cybersecurity management systems and the approval of vehicles with regarding to cybersecurity. This draft will be considered during the 6th GRVA session.
GRVA-06-03 | Cybersecurity and Software Updates: Proposal for amendments to GRVA/2020/3 and GRVA/2020/4 Proposal to exclude vehicles of categories R, S and T from the initial scope of the draft UN Regulations.
GRVA-06-04 | Cybersecurity: Proposal for amendments to GRVA/2020/3 and GRVA-05-05-Rev.1 Proposal to require vehicle manufacturers to provide relevant cybersecurity information (cybersecurity goals, specifications, requirements) to authorised replacement-part manufacturers.
GRVA-06-05 | Note from the Small Working Group on the Cyber Security paper GRVA-05-05/Rev1 Update on the status of discussions aiming to resolve open items in the draft UN Regulation on cybersecurity following the 5th GRVA session.
GRVA-06-07 | Cybersecurity: Suggestion for amendments to GRVA-05-05-Rev.1 Proposals to clarify the draft text.
GRVA-06-08/Rev.1 | Cybersecurity: Explanations for the suggested amendments to GRVA-05-05-Rev.1
GRVA-06-15 | Cybersecurity: Proposal for amendments to document GRVA-05-05-Rev.1 The proposal replaces the protection of critical elements with the protection of the vehicle type in general to ensure that a critical element can be secured by security mechanisms in other elements of the vehicle type. This clarifies that secure gateways can be used to shield parts of an E/E architecture which contain critical elements. Further, the proposal introduces a transitional period for the obligation to implement the mitigation measures of Annex 5, Part B and C. During this transitional period, the manufacturer can introduce alternative appropriate mitigation measures on the basis of technical feasibility.
GRVA-06-17 | Cybersecurity: Proposal for amendments to the draft UN Regulation Proposal to clarify provisions regarding<ul><li>skills and procedures required of the Approval Authority and its Technical Service(s),</li><li>mandatory peer review of the Approval Authority’s skills, procedures and assessment methods and pass/fail criteria,</li><li>notification of intended type approvals and availability of documentation for inspection,</li><li>minimizing the risk of expiry of the CSMS Certificate before issuance of a new Certificate, and </li><li>exemptions for approvals granted before 1 July 2024. </li></ul>
GRVA-05-05/Rev.1
Cybersecurity: Proposal for amendments to the draft UN Regulation
14 Feb 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system Draft text for a new UN Regulation on the certification of cybersecurity management systems and the approval of vehicles with regarding to cybersecurity. This draft will be considered during the 6th GRVA session. GRVA-05-0005/Rev.1
GRVA-06-03
Cybersecurity and Software Updates: Proposal for amendments to GRVA/2020/3 and GRVA/2020/4 (CEMA)
02 Mar 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system Software Update Processes and Management Systems SW Updates Uniform provisions concerning the approval of vehicles with regards to software update and software update management system Proposal to exclude vehicles of categories R, S and T from the initial scope of the draft UN Regulations. GRVA-06-0003
GRVA-06-04
Cybersecurity: Proposal for amendments to GRVA/2020/3 and GRVA-05-05-Rev.1 (FIGIEFA)
02 Mar 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system Proposal to require vehicle manufacturers to provide relevant cybersecurity information (cybersecurity goals, specifications, requirements) to authorised replacement-part manufacturers. GRVA-06-0004
GRVA-06-05
Note from the Small Working Group on the Cyber Security paper GRVA-05-05/Rev1
02 Mar 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system Update on the status of discussions aiming to resolve open items in the draft UN Regulation on cybersecurity following the 5th GRVA session. GRVA-06-0005
GRVA-06-07
Cybersecurity: Suggestion for amendments to GRVA-05-05-Rev.1 (CLEPA and OICA)
02 Mar 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system Proposals to clarify the draft text. GRVA-06-0007
GRVA-06-08/Rev.1
Cybersecurity: Explanations for the suggested amendments to GRVA-05-05-Rev.1 (CLEPA and OICA)
04 Mar 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system GRVA-06-0008/Rev.1
GRVA-06-15
Cybersecurity: Proposal for amendments to document GRVA-05-05-Rev.1 (Germany)
03 Mar 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system The proposal replaces the protection of critical elements with the protection of the vehicle type in general to ensure that a critical element can be secured by security mechanisms in other elements of the vehicle type. This clarifies that secure gateways can be used to shield parts of an E/E architecture which contain critical elements. Further, the proposal introduces a transitional period for the obligation to implement the mitigation measures of Annex 5, Part B and C. During this transitional period, the manufacturer can introduce alternative appropriate mitigation measures on the basis of technical feasibility. GRVA-06-0015
GRVA-06-17
Cybersecurity: Proposal for amendments to the draft UN Regulation (EC)
03 Mar 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system Proposal to clarify provisions regarding<ul><li>skills and procedures required of the Approval Authority and its Technical Service(s),</li><li>mandatory peer review of the Approval Authority’s skills, procedures and assessment methods and pass/fail criteria,</li><li>notification of intended type approvals and availability of documentation for inspection,</li><li>minimizing the risk of expiry of the CSMS Certificate before issuance of a new Certificate, and </li><li>exemptions for approvals granted before 1 July 2024. </li></ul> GRVA-06-0017
GRVA-06-17/Rev.1
Cybersecurity: Proposal for amendments to GRVA-05-05-Rev.1 (EC)
03 Mar 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system Proposal to clarify provisions regarding<ul><li>skills and procedures required of the Approval Authority and its Technical Service(s),</li><li>mandatory peer review of the Approval Authority’s skills, procedures and assessment methods and pass/fail criteria,</li><li>notification of intended type approvals and availability of documentation for inspection,</li><li>minimizing the risk of expiry of the CSMS Certificate before issuance of a new Certificate, and </li><li>exemptions for approvals granted before 1 July 2024. </li></ul> GRVA-06-0017/Rev.1
GRVA-06-18
Cybersecurity: Proposal for amendments to GRVA-05-05/Rev.1 (Spain)
04 Mar 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system Proposal to require the definition of security requirements for the vehicle type. GRVA-06-0018
GRVA-06-19/Rev.1
Cybersecurity: Draft proposal for a new UN Regulation
05 Mar 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system Proposal for a new UN Regulation as approved by GRVA during its 6th session for the type approval of vehicles with regard to their cybersecurity protection. GRVA-06-0019/Rev.1
Documents
Agenda | Informal | Report |