Mise à jour des logiciels pour les véhicules routiers - Ep.2 - Focus sur les systèmes de gestion des mises à jour logicielles (SUMS)

by | Jan 23, 2023 | Automotive, Cybersecurity

LinkedIn

The first episode of this miniseries put an overview of the new UN ECE R156 regulation and related standard ISO 24089. This episode will focus on the management systems for the Software update required by them, so called SUMS (Software Update Management Systems). How is going to take place in every organization and its relationship with others management systems.

 

Miniseries history

  • EP.1 Overview of UN R156 and ISO:24089
  • EP.2 Focus sur les systèmes de gestion des mises à jour logicielles (SUMS)
  • EP.3 Focus sur les numéros de version des mises à jour logicielles (RXSWIN)
  • EP.4 Focus sur les considérations relatives à l'homologation des véhicules (VTA)
  • … and a lot more to come. Do not hesitate to contact us for new blog post ideas.

Vehicles and management systems a long story

 

The automotive industry should already comply with requirements related to multiples management systems. From Quality management: IATF 1649, ASPICE or ISO 9001, or even security specific: ISMS (ISO 27001). Added to these well know management systems two newcomers are requested by the authorities: CSMS, Cyber Security Management Systems for Road vehicles UN R155 (aligned with ISO/SAE 21434 practices) and the SUMS. The transversality and the dependence between each management systems are explained and showed in the Blogpost “[ISO/SAE 21434] A management story”. Thus, the focus in today’s blogpost is made on the SUMS.

Adding another management systems could be considered as more processes and superfluous documents to follow. But the reality is the opposite it allows to precisely specify requirements and processes linked to Software update to improve vehicles safety, security, and reliability.

SUMS suggested structure is based on both UN R156 and ISO 24089 (currently still in FDIS release) requirements illustrated in figure below, can be compared to the CSMS structure with three typical abstraction level. The suggested approach allows to define a concise and clear document structure.

The clause identifiers [Cl-X] references ISO 24089 sections for implementation guidance. Thus, they are subject to adjustments by the official release planned for mid 2023. Below the introduction to the three suggested documentation levels to be considered for SUMS establishment and operation

Governance level:

This category represents the top-level companies’ directives. These directives set companies foundations, visions as well as top management commitment. In the context of ISO 24089 and R156 the directive contains a high-level descriptions of SUMS processes at organization level and the proof that the company complies with ISO 24089 and/or UNECE R156

Niveau de l'organisation

At organization level, processes introduced on the directive are specified. These processes include but are not limited to:

  • Supporting processes (document management)
  • Privacy management (the companies must ensure the privacy of customer data)
  • Gestion de la configuration
  • Change management process

Project level

At project level, processes are split in five categories: Generic project processes, Infrastructure processes required for the SW update, Vehicle processes required for the SW update, Software update package processes and finally software update campaign processes. These categories allow to ensure that both the infrastructure pushing the update and the vehicle getting access and processing it are ready prior to the deployment.

Generic project processes: describes and ensure that the organization develop and maintain a plan for each software update projects. This includes:

  • Process that describes the Software update project plan
  • Tailoring activities process
  • Documentation of processes to preserve integrity of software metadata, …

Infrastructure processes: describes the infrastructure’s requirement to ensure a safe, secure, and reliable software update. This includes:

  • Managing cybersecurity risk
  • Managing vehicle configuration information
  • Performing software update campaigns
  • Processing software update packages

Vehicle and vehicle systems level describes the functionality required in and for vehicle or vehicle systems. This includes

  • Managing Safety and cybersecurity risk for software update in the vehicle (Reference to ISO 26262, ISO 21448, and ISO/SAE 21343)
  • Managing vehicle configuration item
  • Communicating to vehicle user the software update campaign information

Software update package development: describes how the software update package are verified and validates and which vehicle’s type or system will receive this update package. If all elements are conformed the software update package is approved for release. This includes

  • Documentation of verification and validation made
  • Documentation of targets, contents, and compatibility
  • Documentation of approval release

Software update campaign operations: describes the update procedure from the preparation to the completion of the campaign. This includes:

  • Listing Software update campaign preparation results
  • Listing Software update campaign execution results
  • Logging the purpose of the campaign (target vehicles, end date, …)

SUMS Certificate for OEM

Vehicles manufactures shall certify their SUMS by an Approval Authority. The certification is based on an assessment with the Approval Authority or the Technical Service that demonstrates they have all necessary processes to comply with the UN ECE R156 regulation. Passing this assessment gives a “Certificate of Compliance for SUMS. This certificate has a validity of 3 years. After that the Approval Authority or its Technical service shall proceed to a new assessment to renew or issue a new certificate.

SUMS continuous improvement / assessment

SUMS needs to be continuously improved, based on internal/external feedback. This improvement process allows to ensure that the management system correspond to the company needs and is correctly operated throughout company activities and projects.

The manufacturer shall inform the Approval Authority or its Technical service in case of modification/improvement of the management system that shall affect the relevance of the certificate of compliance.

Comment CertX peut-il soutenir votre feuille de route pour la conformité ?

En tant qu'organisme de certification reconnu dans l'industrie automobile, CertX peut soutenir votre organisation sous différents angles, en fonction de votre maturité et de votre position dans la chaîne d'approvisionnement. Vous trouverez ci-dessous un bref résumé des services fournis par notre équipe dédiée à la cybersécurité et à la mise à jour des logiciels :

Soutien pédagogique pour les ingénieurs et les gestionnaires

  • Formation de sensibilisation : sessions / ateliers sur mesure sur les procédures de mise à jour des logiciels et les activités et techniques liées à la cybersécurité.
  • Formation certifiable : ISO/SAE 24089 Ceinture rouge de mise à jour des logiciels automobiles (A-SURB), ISO/SAE 21434 Ceinture rouge de cybersécurité automobile (A-CSRB).

Analyse des lacunes et pré-évaluation pour identifier les points faibles

  • Évaluation de la conformité actuelle aux exigences de l'ISO 24089 et de l'UN R156 et/ou de l'ISO/SAE 21434 et de l'UN R155 R156, soit au niveau de l'organisation (SUMS/CSMS), soit au niveau du produit (artefacts spécifiques au produit).
    • Pour les OEM, afin de préparer l'audit/évaluation de conformité avec les autorités d'homologation.
    • Pour que les fournisseurs soient prêts à répondre aux exigences futures des OEM.

Services de soutien à la conception et à la mise en œuvre des processus SUMS/CSMS

  • Soutien à l'intégration de nouvelles pratiques dans les systèmes de l'organisation, en garantissant un transfert de connaissances sûr aux équipes opérationnelles.
    • Généralement basé sur les résultats / conclusions de l'analyse initiale des écarts

A l'avenir: ISO 24089 - Certifications SUMS

  • Évaluation indépendante et reconnue de votre processus de mise à jour des logiciels dans le cadre de l'ISO/SAE 24089 et de la négociation de l'UN R156.

If you have any questions about the new regulatory situations around SW updates in the automotive industry, or any other open points about how the application of relevant standards and certification could be used for compliance, please do not hesitate to contact our experts

Disclaimer: This article is subject to modification and improvement when ISO standardization committees will release the official version of ISO 24089.

This article is only a brief introduction to the SUMS requirements suggested by the UN R156 and the ISO 24089. At CertX, we can provide you with further support to integrate the Software update management Systems, SUMS, in your actual management systems.