More options

China

(China) Proposal for Vehicle Cyber Security

Languages and translations
English

Proposal for Vehicle Cyber Security

1

Informal document GRVA-13-31

13th GRVA, 23 - 27 May 2022 Provisional agenda item 5(a)

Submitted by the expert from China

UNECE R155 regulation 5.3.1 requires certification authorities and technical service units to follow a uniform assessment procedure when conducting certification and testing, but does not specify the rules in the regulation. Harmonization among the parties of the 1958 Agreement countries is achieved by uploading specific implementation methods and guidelines in the "DETA" database.

However, this does not apply to the case of China, and other non-1958 Agreement countries will face the same problem when developing their own standards with reference to UNECE R155.

Some issues raised at the 12th GRVA Meeting

The process of solving problems after the GRVA's 12th meeting

After GRVA's 12th meetings, as recommended by the chairman, we went to the DETA working group to seek a solution, but no conclusion was reached.

After understanding the progress of DETA working group, we found it difficult to support our actual demands after analysis.

1. Background introduction——Progress after GRVA's 12th meeting

"DETA" database has its specific role, we believe that it is not appropriate to open the evaluation method of cybersecurtiy to China, China's main demand is to ensure that the implementation of cybersecurtiy, evaluation in accordance with the international unified evaluation procedures,not participating in or changing the scope of DETA.

So it is not recommended to solve this problem by opening up the DETA database.

2. Background introduction——Progress after GRVA's 12th meeting

Conclusion

3. Brief introduction of China's vehicle cybersecurity assessment methods

Brief introduction

At present, China is formulating the mandatory national standard "Technical Requirements for Vehicle cybersecurity". During the development process, vehicle manufacturers are recruited to carry out vehicle network security assessment, test and verification work, and the verification models cover M and N categories.

Evaluation of CSMS

Evaluation of vehicle

Vehicle r&d process review

Vehicle product test and verification (79 items)

Implementation plan

China has formed a vehicle security audit evaluation and evaluation program, which has been generally recognized by enterprises participating in the verification activities, but there are differences in the implementation of different testing institutions, the follow-up needs to continue to improve and unify.

Conclusion

The program includes Evaluation of CSMS and VTA:

Evaluation of CSMS scheme mainly refers to ISO 21434 and ISO 5112 ; then, based on the review of the r&d process, validation tests are carried out from technical requirements listed in the standard.

4. Concerns about the consistency of vehicle cybersecurity assessment methods

CSMS audit

Evaluation of vehicle product development process

Vehicle product security testing and validation

Test evaluation implementation rules

China has carried out vehicle cyber security assessments based on the method described above, and has formulated the corresponding implementation rules of tests and assessments. However, this scheme has not been compared with the current internal implementation plans of contracting countries of 1958 Agreement.

Therefore, products developed by OEM under the programs implemented by the contract countries of 1958 Agreement may differ from the requirements of China.

5

5. Suggestions on coordination of the implementation of R 155

Plan 1: China, and other countries that are not part of the contracting countries of 1958 Agreement, should formulate their own plans and not participate in coordination of the implementation.

Problems: The independently formulated scheme may differ from the scheme adopted by 1958 Agreement, OEM need to formulate multiple sets of schemes to meet the requirements of standards and regulations in different regions.

6. Suggestions on coordination of the implementation of R 155

Plan 2 (Recommended):

Set up a small working group under CS/OTA working group to be responsible for coordination of methods. The working group does not involve specific data sharing, but only carries out exchange of methods and typical cases .

Thank you for your attention!

Proposal for Vehicle

Cyber Security

1

Informal document GRVA-13-31 13th GRVA, 23 - 27 May 2022 Provisional agenda item 5(a)

Submitted by the expert from China

UNECE R155 regulation 5.3.1 requires certification authorities and technical service units to follow a uniform

assessment procedure when conducting certification and testing, but does not specify the rules in the

regulation. Harmonization among the parties of the 1958 Agreement countries is achieved by uploading

specific implementation methods and guidelines in the "DETA" database.

However, this does not apply to the case of China, and other non-1958 Agreement countries will face the

same problem when developing their own standards with reference to UNECE R155.

Some issues raised at the 12th GRVA Meeting

The process of solving problems after the GRVA's 12th meeting

After GRVA's 12th meetings, as recommended by the chairman, we went to the DETA working group to seek a

solution, but no conclusion was reached.

After understanding the progress of DETA working group, we found it difficult to support our actual demands

after analysis.

1. Background introduction——Progress after GRVA's 12th meeting

"DETA" database has its specific role, we believe that it is not appropriate to open the evaluation method of

cybersecurtiy to China, China's main demand is to ensure that the implementation of cybersecurtiy,

evaluation in accordance with the international unified evaluation procedures,not participating in or changing

the scope of DETA.

So it is not recommended to solve this problem by opening up the DETA database.

2. Background introduction——Progress after GRVA's 12th meeting

Conclusion

3. Brief introduction of China's vehicle cybersecurity assessment methods

Brief introduction

At present, China is formulating the mandatory national standard "Technical Requirements for Vehicle

cybersecurity". During the development process, vehicle manufacturers are recruited to carry out vehicle network

security assessment, test and verification work, and the verification models cover M and N categories.

Evaluation of CSMS

Evaluation of vehicle

Vehicle r&d process review

Vehicle product test and verification (79 items)

Implementation plan

• China has formed a vehicle security audit evaluation and evaluation program, which has been generally

recognized by enterprises participating in the verification activities, but there are differences in the

implementation of different testing institutions, the follow-up needs to continue to improve and unify.

Conclusion

The program includes Evaluation of CSMS and VTA:

Evaluation of CSMS scheme mainly refers to ISO 21434 and ISO 5112 ; then, based on the review of the r&d

process, validation tests are carried out from technical requirements listed in the standard.

4. Concerns about the consistency of vehicle cybersecurity assessment methods

CSMS audit

Evaluation of vehicle product development

process

Vehicle product security testing and validation

Test evaluation implementation rules

• China has carried out vehicle cyber security assessments

based on the method described above, and has

formulated the corresponding implementation rules of

tests and assessments. However, this scheme has not

been compared with the current internal

implementation plans of contracting countries of 1958

Agreement.

• Therefore, products developed by OEM under the

programs implemented by the contract countries of

1958 Agreement may differ from the requirements of

China.

5. Suggestions on coordination of the implementation of R 155

Plan 1: China, and other countries that are not part of the contracting

countries of 1958 Agreement, should formulate their own plans and not

participate in coordination of the implementation.

Problems: The independently formulated scheme may differ from the

scheme adopted by 1958 Agreement, OEM need to formulate multiple

sets of schemes to meet the requirements of standards and regulations

in different regions.

6. Suggestions on coordination of the implementation of R 155

Plan 2 (Recommended): Set up a small working group under CS/OTA working group to be

responsible for coordination of methods. The working group does not

involve specific data sharing, but only carries out exchange of methods

and typical cases .

Thank you for your attention!

  • Proposal for Vehicle �Cyber Security
  • Slide Number 2
  • Slide Number 3
  • Slide Number 4
  • Slide Number 5
  • Slide Number 6
  • Slide Number 7

Forest Product Conversion Factors

Forest products conversion factors provides ratios of raw material input to the output of wood-based forest products for 37 countries of the world. Analysts, policymakers, forest practitioners and forest-based manufacturers often have a need for this information for understanding the drivers of efficiency, feasibility and economics of the sector.

Forest Product Conversion Factors

Forest products conversion factors provides ratios of raw material input to the output of wood-based forest products for 37 countries of the world. Analysts, policymakers, forest practitioners and forest-based manufacturers often have a need for this information for understanding the drivers of efficiency, feasibility and economics of the sector.
© United Nations Economic Commission for Europe | Terms and Conditions of Use | Privacy Notice
Contact us