30 Jan 2019 GRVA work priorities - Proposal for a Draft Structure (Germany) GRVA-02-31 2019-01-30 Germany
31 May 2019 Proposal for an Informal Working Group on Cyber Security and (Over-the-Air) Software-Updates (Germany) GRVA-03-13 2019-05-31 This document is based upon a CS/OTA task force document (TFCS-03-04) and is also available with tracked changes against this original task force draft in <a href="https://www.unece.org/fileadmin/DAM/trans/doc/2019/wp29grva/GRVA-03-13TRe.pdf" target="_blank">pdf format</a> and <a href="https://www.unece.org/fileadmin/DAM/trans/doc/2019/wp29grva/GRVA-03-13TRe.docx" target="_blank">docx format</a>. Germany
22 Sep 2019 Cybersecurity: Proposal to amend document GRVA/2019/2 (Germany) GRVA-04-22 2019-09-22 Proposal from Germany to introduce additional definitions, clarify the management system certification process, enable the withdrawal (revocation) of a vehicle type approval, to require the vehicle manufacturer to maintain an Information Security Operations Centre (ISOC) to handle servicing of its vehicle fleet, and to improve the processes for identification of risks and threats and their mitigation. Germany
3 Mar 2020 Cybersecurity: Proposal for amendments to document GRVA-05-05-Rev.1 (Germany) GRVA-06-15 2020-03-03 The proposal replaces the protection of critical elements with the protection of the vehicle type in general to ensure that a critical element can be secured by security mechanisms in other elements of the vehicle type. This clarifies that secure gateways can be used to shield parts of an E/E architecture which contain critical elements. Further, the proposal introduces a transitional period for the obligation to implement the mitigation measures of Annex 5, Part B and C. During this transitional period, the manufacturer can introduce alternative appropriate mitigation measures on the basis of technical feasibility. Germany
19 May 2023 Comparison between UN R155 and the EU Cyber-Resilience Act with regard to CSS requirements on agricultural and forestry vehicles (Germany) GRVA-16-26 2023-05-19 Germany
4 May UN R155 and R156: Proposal for amendments (France, Germany, Luxembourg, Netherlands, and UK) GRVA-25-07 2026-05-04 Proposal to amend UN R155 and UN R156 regarding approval authority requirements:<ul><li>Add a refusal ground to para. 5.1.3. of UN R155 where the Certificate of Compliance for the Cyber Security Management System has not been issued by the same approval authority granting type approval</li><li>Insert new para. 5.4. into UN R156 to provide that approval authorities shall not grant any type approval if the Certificate of Compliance for the Software Update Management System has not been issued by the same approval authority granting type approval.</li></ul> France Germany Luxembourg Netherlands UK
21 May Request for guidance on vehicle compliance after the end of production (Germany) GRVA-25-48 2026-05-21 The document requests guidance on the legal basis for provisions within UN Regulations extending beyond the End-of-Production date and which authority such provisions address. Examples include UN R171 requirements for manufacturers to demonstrate safety management systems to the Type Approval Authority every three years and report annually on Driven Coded Auxiliary System operation until production is discontinued, and UN R155 requirements for Cyber Security Management Systems to apply to the post-production phase when vehicles remain operational but are no longer produced. The document poses an additional question regarding vehicle safety when manufacturers cease operations and cannot fulfill post-deployment safety provisions. Germany
6 Jul Proposal to amend UN R155 and UN R156 (France, Germany, Luxembourg, Netherlands, and UK) GRVA/2026/30 2026-07-06 Proposal to amend UN R155 by inserting new para. 5.1.3.(e) establishing that the Certificate of Compliance for the Cyber Security Management System shall not be issued by a different Approval Authority than the one granting type approval, and amend UN R156 by inserting new para. 5.4. establishing that Approval Authorities shall not grant type approval if the Certificate of Compliance for the Software Update Management System has not been issued by the same Approval Authority granting type approval. Justification includes ensuring holistic cybersecurity assessment, clarifying reporting obligations under para. 7.2.2.2.(g), addressing unharmonized mutual recognition of management system certificates, maintaining consistency between regulations, and upholding the fundamental principle that approval authorities retain responsibility for all aspects of type approval. France Germany Luxembourg Netherlands UK
12 Nov 2016 Revised draft guideline on cyber security and data protection (Japan and Germany) ITS/AD-10-03 2016-11-12 Japan Germany
12 Mar 2018 Automated Driving: Proposal for guidance for GRs concerning automated driving technology (Germany) ITS/AD-14-05 2018-03-12 Germany
12 May 2020 Views of Germany on UN R116 and innovative vehicle alarm systems/anti-theft systems (Germany) R116Key-01-05 2020-05-12 Germany
11 May 2017 Reference Architecture Model Automotive (RAMA) (Germany) TFCS-05-13 2017-05-11 Germany
2 Jun 2017 Software updates and type approval discussion paper (Germany and KBA) TFCS-06-03 2017-06-02 Germany's type-approval authority (KBA) input on monitoring and assessing changes to vehicle software applications that impact criteria used in the type approval of vehicles and component systems. The presentation discusses the possibilities for type approval of software applications and for the use of periodic technical inspections to detect significant anomalies. Germany KBA
4 Oct 2017 Reference Architecture Model Automotive (RAMA) (Germany) TFCS-08-05 2017-10-04 RAMA is a graphical representation to model vehicular information and communication technology of (connected) vehicles. It models the integration of vehicles in their environment as well as the whole vehicular life cycle from the beginning of the development till scrapping. RAMA is an adaptation of the Reference Architectural Model Industrie 4.0 (RAMI 4.0) of the VDI, VDE and ZVEI for the automotive domain [1]. Germany
18 Nov 2018 Germany comments on the TFCS (CS/OTA) task force recommendations (Germany) TFCS-14-07/Rev.1 2018-11-18 Germany
20 Jan 2020 Cybersecurity: Proposal for amendments to the draft UN Regulation (EC and Germany) TFCS-17-14/Rev.1 2020-01-20 EC Germany
12 Oct 2022 UN R155: Proposal for amendments based on workshop discussions (Germany) TFCS-23-02 2022-10-12 Germany
18 Oct 2022 UN R155: Proposal for amendments to the interpretation document (France, Germany, and Japan) TFCS-23-04 2022-10-18 France Germany Japan
27 Aug 2025 Cyber Security: Issuance of Certificates of Compliance by Authorities (Germany) TFCS-35-04 2025-08-27 Proposal to prohibit the issuance of certificates by any entity other than the authority that granted the approval under UN R155. Germany
12 Mar Proposal to amend UN R155 and UN R156 (Germany) TFCS-37-02 2026-03-12 Proposal to amend UN R155 and UN R156 to require that Certificates of Compliance for Cyber Security Management Systems and Software Update Management Systems be issued by the same approval authority that grants type approval. Germany reported a case where different authorities issued the certificate and type approval, creating assessment and enforcement issues. The proposal aims to ensure holistic cyber security evaluation and align both regulations. Germany
19 Feb 2019 Comments on the draft cybersecurity regulation interpretation document (Germany) TFCS-TPCM-01-05 2019-02-19 Germany
24 Jul 2019 CS/OTA: Experiences during the test phase with the draft regulations (Germany and KBA) TFCS-TPCM-02-05 2019-07-24 Germany KBA
25 Mar 2019 Germany comments on the draft Cybersecurity interpretation document (Germany) TFCS-TPahCS1-03 2019-03-25 Germany
20 Apr 2020 Cybersecurity: Proposal to amend document WP.29/2020/79 (UK, Spain, Russia, Japan, Germany, France, EC, and Italy) WP.29/2020/97 2020-04-20 Proposal agreed by interested Contracting Parties to resolve concerns regarding "peer review" of cybersecurity type approvals. UK Spain Russia Japan Germany France EC Italy