Cyber-Security & Software update
The UN Regulations 155 (Cyber-Security) and 156 (Software update) introduce new requirements for manufacturers and technical services: in addition to the initial assessment of the manufacturer and the product testing by the technical service, the demonstration of implemented and effective dedicated management systems for cyber-security and software updates is also required in order to obtain Type Approval.
Responsibilities in the approval process in accordance with UN-R155/R156
Software is becoming increasingly important in the road vehicle sector. The software contained in the vehicles needs to be updated to allow new functionalities or to correct faults. Due to the many different situations in which software-updates in vehicles are already being carried out today, it is necessary to classify them in the existing Type Approval processes. Although the reference is made below to vehicles under Regulation (EU) 2018/858, this guide also applies analog to vehicles under Regulations (EU) 167/2013 and 168/2013.
The following cases of software-updates were defined on the basis that
- harmonized law is considered;
- vehicle manufacturers only change their own software;
- the vehicles are already registered;
- the implementation of the software-update is technologically neutral;
- there is no need for hardware changes to the vehicles concerned in order to carry out software-updates;
- the documentation, testing and successful implementation of the software-update is the responsibility of the vehicle manufacturer, which follows the principles of UN Regulation No. 156 or similar regulations and includes, where necessary, the Type Approval authority;
- software-updates can in principle be checked as part of Market Surveillance.
Im Folgenden finden Sie einige Hinweise zu Fragestellungen. Diese Hinweise werden entsprechend der weiteren Erfahrungen und Entwicklungen nach Konsultationen mit den betroffenen Stellen überarbeitet.