Proposal to amend UN R155 and UN R156 regarding approval authority requirements:
Add a refusal ground to para. 5.1.3. of UN R155 where the Certificate of Compliance for the Cyber Security Management System has not been issued by the same approval authority granting type approval
Insert new para. 5.4. into UN R156 to provide that approval authorities shall not grant any type approval if the Certificate of Compliance for the Software Update Management System has not been issued by the same approval authority granting type approval.
Proposal to amend UN R155 regarding cyber security assessment and approval procedures:
Amend para. 5.3.2. to require approval authorities to notify other approval authorities of methods and criteria used to assess measures taken in accordance with the Regulation
Insert new para. 8.2. to exclude equipment with negligible intrinsic cyber security risk from further assessment where installation does not impinge on the cyber security management system and is connected exclusively via an approved interface
Insert new para. 8.3. to exclude standard domestic, business or industrial equipment connected only for power from further assessment where the equipment is unmodified and complies with applicable regional and national cyber security requirements
Amend Annex 1 to include any equipment excluded from assessment pursuant to paras. 8.2. and 8.3.