4. Cyber security and (over-the-air) software updates

GRVA will review a proposal for provisions regarding cyber security and (over-the-air) software updates.

GRVA-05-05/Rev.1 | Cybersecurity: Proposal for amendments to the draft UN Regulation Draft text for a new UN Regulation on the certification of cybersecurity management systems and the approval of vehicles with regarding to cybersecurity. This draft will be considered during the 6th GRVA session.
GRVA-06-03 | Cybersecurity and Software Updates: Proposal for amendments to GRVA/2020/3 and GRVA/2020/4 Proposal to exclude vehicles of categories R, S and T from the initial scope of the draft UN Regulations.
GRVA-06-04 | Cybersecurity: Proposal for amendments to GRVA/2020/3 and GRVA-05-05-Rev.1 Proposal to require vehicle manufacturers to provide relevant cybersecurity information (cybersecurity goals, specifications, requirements) to authorised replacement-part manufacturers.
GRVA-06-05 | Note from the Small Working Group on the Cyber Security paper GRVA-05-05/Rev1 Update on the status of discussions aiming to resolve open items in the draft UN Regulation on cybersecurity following the 5th GRVA session.
GRVA-06-07 | Cybersecurity: Suggestion for amendments to GRVA-05-05-Rev.1 Proposals to clarify the draft text.
GRVA-06-08/Rev.1 | Cybersecurity: Explanations for the suggested amendments to GRVA-05-05-Rev.1
GRVA-06-15 | Cybersecurity: Proposal for amendments to document GRVA-05-05-Rev.1 The proposal replaces the protection of critical elements with the protection of the vehicle type in general to ensure that a critical element can be secured by security mechanisms in other elements of the vehicle type. This clarifies that secure gateways can be used to shield parts of an E/E architecture which contain critical elements. Further, the proposal introduces a transitional period for the obligation to implement the mitigation measures of Annex 5, Part B and C. During this transitional period, the manufacturer can introduce alternative appropriate mitigation measures on the basis of technical feasibility.
GRVA-06-17 | Cybersecurity: Proposal for amendments to the draft UN Regulation Proposal to clarify provisions regarding<ul><li>skills and procedures required of the Approval Authority and its Technical Service(s),</li><li>mandatory peer review of the Approval Authority’s skills, procedures and assessment methods and pass/fail criteria,</li><li>notification of intended type approvals and availability of documentation for inspection,</li><li>minimizing the risk of expiry of the CSMS Certificate before issuance of a new Certificate, and </li><li>exemptions for approvals granted before 1 July 2024. </li></ul>
GRVA-06-03
Cybersecurity and Software Updates: Proposal for amendments to GRVA/2020/3 and GRVA/2020/4 (CEMA)
02 Mar 2020 Working Party Informal Documents Cyber Security and Cyber Security Management Cybersecurity Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system Software Update Processes and Management Systems SW Updates Uniform provisions concerning the approval of vehicles with regards to software update and software update management system Proposal to exclude vehicles of categories R, S and T from the initial scope of the draft UN Regulations. GRVA-06-0003
Documents
Agenda | Informal | Report |