Automotive Cybersecurity: Chinese GB / UNECE R155 and R156 Comparison 

A deep-dive into two new required GB from the Chinese Ministry of Industry and Information Technology (MIIT) compared to similar UNECE regulationsThe Chinese Ministry of Industry and Information Technology (MIIT) plans to introduce more than 100 mandatory and optional automotive cybersecurity standards. However, in 2021, the MIIT announced the following two standards will be upgraded to mandatory GB (Guo Biao, or “national standard” in Chinese), meaning all OEMs must comply with the requirements:

• GB "Technical Requirements for Vehicle Cybersecurity"
• GB "General Technical Requirements for Software Update of Vehicles"

This training addresses these mandatory GB along with the theory and practice of the Chinese Cybersecurity and Data Security Standards System for Intelligent and Connected Vehicles (ICV) issued by MIIT in February 2022. The two mandatory GB suggest specific technologies, security controls and test methods for critical on-board and off-board vehicle systems. As a result, OEMs that have implemented UNECE R155 (Cybersecurity) and R156 (Software Update) must meet additional requirements to comply with these national standards. A comparison of these GB against UNECE R155 (Cybersecurity) and R156 (Software Update) is included.

Please note that this training does not, and is not intended to, constitute legal advice.

Contents

• Introduction to China\'s Cybersecurity and Data Security Standards System for Intelligent and Connected Vehicles (ICV)
• China\'s Cybersecurity Law, Data Security Law, Personal Information Protection Law
• Overview of GB "Technical Requirements for Vehicle Cybersecurity" and UNECE R155
• Detailed walkthrough of the GB and comparison with UNECE R155 requirements
• Overview of GB "General Technical Requirements for Software Update of Vehicles" and UNECE R156
• Detailed walkthrough of the GB and comparison with UNECE R156 requirements
• Summary and Wrap-up

Target audience

Managers and decision-makers in the R&D departments of OEMs and automotive suppliers, including:

• Homologation managers/engineers
• Regulatory specialists/experts
• Cybersecurity managers/engineers
• Purchasing and sales
• Legal and compliance

Prerequisites

A basic knowledge of and/or experience with:

• Cybersecurity Management Systems (CSMS) or ISO/SAE 21434
• Update Management Systems (SUMS) or ISO 24089
• Testing methods, vehicle systems, cybersecurity controls, and the management of software

Further information

For online trainings, all materials are offered digitally. For in-person trainings, all materials are offered digitally and may be supplemented with hard copies. Copies of any relevant standards must be provided by the learner.