UNECE announces that UN Regulation No. 155 will officially cover motorcycles. The regulation establishes provisions for risk management, detection, response, data privacy, and more across the vehicle lifecycle.

At the end of 2023, we held a webinar, unmasking the cybersecurity regulations in the industry, with our head of product, David Mor-Ofek, and ThunderSoft’s Zhe Ouyang. UN Regulation No. 155 was covered extensively, establishing cybersecurity provisions for the type approval of passenger vehicles. The United Nations Economic Commission for Europe (UNECE) has now announced an expansion of this regulation – it will officially cover motorcycles, scooters, and electric bicycles with speeds exceeding 25 km/h.

The decision to broaden the scope of UN Regulation 155 to include motorcycles will be submitted to the UNECE-hosted World Forum for Harmonisation of Vehicle Regulations (WP.29) for approval in June 2024.

Some of the key requirements imposed by UN Regulation No. 155 include:

• A detailed cybersecurity management system (CSMS) spanning the entire vehicle lifecycle

• Comprehensive risk assessment and mitigation strategies

• Detection and response capabilities for potential cyber-attacks

• Capabilities to provide software updates and fixes for vulnerabilities

• Data protection provisions to ensure the security and privacy of collected user data

This expansion reflects the increasing connectivity and automation features built into motorcycles, consequently increasing their cyber risk profile. Requiring motorcycle manufacturers to adhere to UN Regulation No. 155 will help ensure these vehicles have adequate protection in-place.

If you would like more information on the regulatory landscape for automotive cybersecurity, watch a replay of our October webinar – Unmasking Global Regulatory Landscape. The webinar covered related regulations such as ISO/SAE 21434, ISO/SAE 26262, SAE J3061, UN Regulation No. 155, and others.

Work With C2A Security

Meet compliance demands with EVSec – the leading risk-driven DevSecOps platform aligned with stringent cybersecurity regulations including UN Regulation No. 155, ISO/SAE 21434, SAE J3061, and more.

Our unified approach to dynamic risk management and ongoing compliance helps automakers, suppliers, and mobility companies address cybersecurity provisions for type approval and beyond.

Transition to a proactive security posture leveraging EVSec’s comprehensive capabilities for cybersecurity management systems, risk assessment, detection and response, software updates, data protection, and continuous compliance.