This new miniseries of posts aims to introduce the recent UN R156 for software update management systems (SUMS) and its impact on vehicle type approvals. Several episodes will be published for clarifying and developing how vehicle manufacturers and their suppliers should handle SW updates. Following episodes to come:

 

Upcoming episode

  • EP.2 Focus on Software Update Management Systems (SUMS)
  • EP.3 Focus on Software update version numbers (RXSWIN)
  • EP.3 Focus on vehicle requirements (RXsWIN & VTA)
  • …Do not hesitate to contact us for new blog post ideas

This new UN R156 regulation forces vehicle manufacturers to demonstrate compliance with new requirements related to vehicle SW versions, and how to manage them. Like UN R155 for cyber security, vehicle manufacturers shall evidence the traceability of SW parts throughout vehicle lifecycle. Those new rules, legally enforced for any new vehicle type approval are also impacting suppliers and any other supply chain stakeholders. Indeed, any SW update to be deployed by a manufacturer on a vehicle, either developed in-house or provided by suppliers supervised by him, requires specific set of activities depending on their impact on vehicle type approved systems.

 

A non-conformity regarding this regulation can lead to a ban of sales through UN territory.

 

What is a Software Update in the context of UN R156 ?

The definition of SW updates in that context is voluntarily broad for addressing any SW parts which might (or even not) have an impact on vehicle type approved systems. This might include either infotainment related software updates, or any other component-targeted firmware / high-level applications. The procedure for deploying the SW update is also considered in that regulation, either over the air, OTA, or wired at a car dealer or a car repair center.

As an introduction to UN R156 requirements, below a flowgraph describing high-level procedure to be followed by manufacturers for applying and maintaining their compliance with UN R156 requirements:

 

 

What are the key requirements from UN R156 ?

Requirements are focused on the full lifecycle of an update, from the security and qualification of the update itself through the reliability of the delivery and deployment procedure. Required items are specified on two levels, following the same structure as UN R156 for cyber security:.

 

Organizational level: Software Update Management System (SUMS) compliance

Management system related statement aims to define how manufacturers have to assess criticality of updates, derive relevant activities to be performed for their development and track / store data all along their lifecycle. This might be considered as a definition of a new way-of-working regarding maintenance of approved vehicles powered by SW parts.

Requirements related to that part are specified in 7.1 clause from UN R156, and will be further developed in the upcoming EP.2 of this miniseries

 

Vehicle-type level: Specific update compliance

Those statements are mostly focused on the qualification of SW parts / update themselves, their security levels and identification numbers (RXSWIN, to be further developed in WP.3 of that miniseries). Some additions are specified for over-the-air deployment.

Requirements related to that part are specified in 7.2 clause from UN R156, and will be further developed in the upcoming EP.4 of this miniseries

 

Additional information related to type-approval procedure, markings etc are described through dedicated sections of UN R156 document. Those information will allow manufacturers to adjust their respective approval procedures depending on several factors, such as update’s impact on approved systems etc.

 

The ambition of UN R156 is to be as generic as possible, consider all cases requiring State-of-the-Art approaches. Based on that objective, a dedicated ISO working group is currently working on a new Standard describing those practices. This standard, ISO 24089, is currently at the FDIS stage and aims to be published between Q4-2022 & Q1-2023

 

ISO 24089 as a specification of State-of-the-Art practices for Software Update management

Requirements defined in UN R156 are redefined and translated into work packages by the ISO. Basing the SUMS and any other related software update procedures under the same standard has the advantage of standardizing expectations between the Vehicle Type Approval (VTA) authorities, OEMS, and the Tiers-X suppliers, which leads to better traceability and minimization of risks.

 

This standard is based on the same concept as ISO/SAE 21434:2021, road vehicles Cybersecurity engineering (developed and used as a reference for UN R155 compliance), with a split between the organization level and project level activities. Below an illustration of relationships between regulations & standard parts:

Organization level

A dedicated set of practices for handling SW updates must be set up. This new process framework might be identified as Software Update Management System (SUMS) It mainly specifies processes related to the management of the different updates and how to trace them. This management system also shares information regarding risk identification with other practices such as cyber security, and potential Cyber Security Management System (CSMS) in place for UN R155 compliance.

 

Project level:

Project level activities are split into 4 categories

 

  • Vehicle systems design, and development: Requirements related to the vehicle’s capability to manage the update from safety and IT perspectives.
  • Infrastructure, dedicated to software update, design and development: Same responsibility as the first one, but for the infrastructure side.
  • software update package development: Focus on the content of the software update package. From validation and verification, compatibilities , dependencies information, vehicle’s conditions to process the update, …
  • software update campaign This activity is again split in two phases. Preparation and execution.
    • The preparation part defines roles and responsibilities, update method, list of targets.
    • The execution part ensures that other clauses have been followed and all involved stakeholders (driver, skilled person to perform the update…) are informed of the update.

 

How can CertX support your roadmap for compliance

As a recognized certification body across the automotive industry, CertX can support your organization from different perspective, depending on your maturity and position across supply chains. Below a brief summary of services provided by our Team dedicated to cyber security & SW update team:

Educational support for engineers and managers

  • Awareness training: tailored sessions / workshops on SW update procedures & cyber security related activities and technics
  • Certifiable training: ISO/SAE 24089 Automotive Software Update Red Belt (A-SURB), ISO/SAE 21434 Automotive Cyber Security Red Belt (A-CSRB)

Gap Analysis and pre-assessment for identifying weak spots

  • Evaluation of current compliance with ISO 24089 and UN R156 and/or ISO/SAE 21434 and UN R155 R156 requirements, either on organizational level (SUMS/CSMS) or product level (product-specific artefacts)
    • For OEM to prepare compliance audit/assessment with homologation authorities
    • For suppliers’ readiness with upcoming requirements from OEM

Supporting services for SUMS/CSMS process design & implementation

  • Support for integrating new practices into organization systems, ensuring secure handover to operating teams knowledge transfer
    • Usually based on initial gap analysis results / findings

In the future: ISO 24089 – SUMS certifications

  • Independent and recognized evaluation of your SW update related process framework ISO/SAE 24089 supporting UN R156 negotiation

If you have any questions about the new regulatory situations around SW updates in the automotive industry, or any other open points about how the application of relevant standards and certification could be used for compliance, please do not hesitate to contact our experts