Until five years ago, carmakers were hesitant to introduce cybersecurity measures in vehicles despite being aware of their necessity due to cost issues.
However, when the European Union introduced cybersecurity regulations in 2022, it became virtually impossible to enter the European market without meeting the new standards. The change has made cybersecurity an essential element to ensure the survival of carmakers.
The advancements in vehicle software, diversification of vehicles’ functions and increase in communication have made software-defined vehicles a hot topic for the car industry, and cybersecurity is the final element in building SDVs.
The fact that United Nations Economic Commission for Europe World Forum for Harmonization of Vehicle Regulations adopted UN Regulation No. 155, No. 156 in June 2020 to lay the foundations for the cybersecurity ecosystem is widely known.
This final article in our series on automotive cybersecurity focuses on the last stage of the strategic approach to cybersecurity regulations. It specifically addresses the concept of Software Update Management System, exploring associated challenges and the strategies to effectively manage them.
1. Software updates and SUMS
As the automotive industry shifts toward SDVs, demand is on the rise for post-production software updates. These updates are key to improving vehicle features and extending customer service. Polestar Korea's response to a dashboard speed display issue last year is a case in point. The company promptly addressed the discrepancy of 1 to 3 kilometers per hour through a voluntary recall and free over-the-air updates, enhancing customer convenience and trust.
The significance of software updates further aligns with the global regulatory focus. In June 2020, the aforementioned global forum on motor vehicle regulations adopted UN Regulation No. 156 to ensure safe software update policies and procedures. Compliance with this regulation requires automakers to obtain Software Update Management System certification and Vehicle Type Approval. Encompassing a wide range of products from passenger vehicles to agricultural machinery, Regulation No. 156 places particular emphasis on Article 7 ("general specifications") for automakers, detailing requirements for SUMS and vehicle types.
2. Requirements for SUMS
The establishment of SUMS requires adherence to Article 7, Section 1 subparagraph 1, focusing on the initial assessment process. This involves secure documentation of all software versions and the management of Regulation X Software Identification Number, which is crucial for identifying and managing software versions for regulatory compliance. A vehicle with a RXSWIN must meet several criteria: consistency with type approved software, interdependency with other System, identification of vehicles requiring updates, compatibility between new software and vehicle configuration and the ability to record and assess the update’s impact on type-approved System.
3. Requirements for vehicle type
For vehicle types, the focus is on software and over-the-air updates. Under Article 7, Section 2, subparagraph 1 of Regulation No. 156, manufacturers must ensure the authenticity and integrity of updates, while preventing compromised or invalid ones. They must also guarantee that each vehicle type’s RXSWIN is uniquely identifiable. When updating RXSWIN to modify type approved software, automakers must either extend the existing type approval or seek a new one based on the impact of the changes. Additionally, they need to ensure that RXSWIN is accessible through standardized System like the on-board diagnostics interface and protected from unauthorized modifications
For vehicles with over-the-air updates, manufacturers must adhere to guidelines stated in Article 7, Section 2, subparagraph 2. These include the ability of the vehicle to restore its system post-update and maintain sufficient power to ensure proper execution of the update. Automakers are required to inform users before initiating an update, prohibit driving if the update cannot be safely launched, and disable any features that may compromise vehicle safety or interrupt the update process. Upon completion of the update, users should be clearly informed about the outcomes and any changes made.
4. Strategies for SUMS certification preparation
In preparing for SUMS certification, automakers must first evaluate the impact of software updates on each type approval by establishing an effective evaluation process and procedure. Depending on the update's impact, a normal software update may suffice, but thorough validation may be essential in cases of significant changes. This can be a time-consuming and complex process, given the interconnected nature of various vehicle System and domains.
Fescaro, a leading cybersecurity specialist, has developed an automated vehicle software update management system to facilitate this process. Fescaro’s system enables automakers to verify the integrity of each update and evaluate its implications on vehicle type approval, contributing to their path to successful SUMS certification.
The next step involves applying a feature within the cybersecurity-specialized electronic control unit. This system manages software configuration and certification information linking vehicle domains and electronic control units. It plays a crucial role in fulfilling SUMS certification and type approval requirements by enabling vehicle validation, managing software updates, and ensuring safe over-the-air execution.
The cybersecurity-specialized electronic control unit also performs essential security functions, enabling effective compliance with Regulation No. 155’s cybersecurity management system requirements. These functions include protecting the in-vehicle network, detecting abnormal messages in real time and monitoring security information and event management – all of which are instrumental in addressing potential cyberthreats.
5. Key insights of SUMS certification
Achieving SUMS certification requires a comprehensive assessment of the software update’s impact and software configuration management.
However, tracking each type approval, vehicle and electronic control unit poses a real challenge. The key to successful SUMS certification lies in "orchestration" – an integrated approach enhancing workflow productivity. The diagram below illustrates an example of orchestration in the certification process, which involves a seamless integration of vehicle software management System with a cybersecurity-specialized electronic control unit:
An example of orchestration in the SUMS certification process (Fescaro)
Understanding the automotive industry’s complex value chain and the vehicle’s production cycle is equally crucial. This understanding forms the basis for a system that responds effectively to customer needs and regulatory requirements. Close coordination with tier companies, through workshops and seminars, may also facilitate the certification process and ensure regulation compliance.
This article concludes our series on the automotive cybersecurity certification process under UN regulations. A leader in vehicle cybersecurity certification consulting with expertise in all four major certification processes, Fescaro remains committed to providing well-organized, high-level assistance to automakers and tier companies in the field.
(Ku Seong-seo is Fescaro's head of global business sales)
Fescaro is a vehicle cybersecurity specialist that has gone through all major certification processes (CSMS, ISO/SAE 21434, VTA, SUMS). It is the only company in Korea to have obtained what is referred to in the field as the "grand slam of vehicle cybersecurity certification consulting.” - Ed.
MOST POPULAR