Proposal to amend UN R13, 13-H, 79, 89, 130, 131, 139, 140, 152, 155, 156, 157, 171, 175, and 178 by introducing provisions on software identification and software updates. Amendments add new paragraphs referring to Software Identification Number definitions in Consolidated Resolution R.E.3, require manufacturers to provide Technical Services with information on hardware and software influencing performance, permit vehicle manufacturers to apply for new approvals differentiating software versions for registered versus new vehicles while avoiding test duplication, and modify production discontinuation provisions to exclude cases where manufacturers seek approval extensions for software updates of registered vehicles.

The UN IWG on Cyber Security and OTA will meet April 21-22, 2026 via video conference. The agenda includes adoption of the provisional agenda and minutes from the previous session, proposals for amendments to UN R155 and its interpretation document regarding multistage vehicles and type approval authorities, review of cyber and software requirements in the ADS Regulation, discussion of RXSWIN application, renewal of the IWG mandate expiring November 2026, and confirmation of next steps.

Proposal to amend the Interpretation Document for UN R156. The document clarifies requirements in paragraph 7 and Annex 1 concerning software update and software update management systems to promote uniform assessments and align with the 01 series of amendments. The document provides non-mandatory guidance for demonstrating compliance with UN R156 requirements through documentation, presentation, and audit, with supporting reference to ISO 24089:2023. The proposal addresses processes for software updates after vehicle registration, including assessment of compliance impacts, documentation procedures, security measures, over-the-air update safeguards, and vehicle user notification requirements.

Proposal to amend UN R155 and UN R156 to require that Certificates of Compliance for Cyber Security Management Systems and Software Update Management Systems be issued by the same approval authority that grants type approval. Germany reported a case where different authorities issued the certificate and type approval, creating assessment and enforcement issues. The proposal aims to ensure holistic cyber security evaluation and align both regulations.

UN R156 requires administrative provisions under the 1958 Agreement to demonstrate that vehicles comply with its requirements at specific points in time, not solely at market placement. The action plan involves developing a numbering system for amending approval extensions to account for software updates, considering how updates impact existing type approvals, and reviewing related 1958 Agreement aspects.