20° Workshop on Automotive Software & System

The new UNECE and EC Regulations in the automotive sector: game changers?

For many years, the automotive sector has enjoyed a special status among the transportation sectors; that of being largely self-regulated rather than being directly regulated by authorities. Key automotive standards such as ISO/TS 16949 (then IATF 16949), ASPICE, ISO 26262 and SAE J3061 (then ISO/SAE 21434) have always been taken up voluntarily and/or by market requests, never mandated by law. Now, the tide seems to be reversing.

We can identify the turning point in the publication of UNECE R155 and R156 on 4 March 2021; they establish that significant technical requirements for Cybersecurity and for SW Update Over-The-Air have to be certified before new vehicles can be ‘road-worthy’. Those regulations are not that thick (30 and 16 pages) but they are replete with technical specifications that have been usually left out of regulatory aspects in automotive.

Another new and big(ger?) game changer has been just released by the European Commission. A draft of Regulation 2019/2144 governing “modern technologies used in vehicles, including specific requirements for automated and fully automated (‘driverless’) vehicles and the systems they employ, to ensure that they are safe to use”, has been published on 07 April 2022, accompanied by 70 pages of technical Annexes, and it has been finalized on 06 July.

The actual impact of this ’tsunami’ of new regulations in a sector which is already struggling with overwhelming projects complexity is difficult to pinpoint, however, at least one thing is clear: roadmap to new standards/regulations compliance is no longer (just) in the hands of industry but (mostly) in those of the lawmakers: a paradigm shift.


Carlo Donzella

CEO at exida Development S.r.l

exida footer logo

We provide consulting, assessment, cybersecurity, alarm management, product testing and certification under a number of Functional Safety, Security and SW Quality standards, such as IEC 61508, IEC 61511, ISO 26262, ISO 13849, IEC 62061, ISA Security Compliance Institute (ISCI), ASPICE


All Rights Reserved © 2020 exida.com GmbH VAT-ID (DE)218559059 | exida Development SrL VAT-ID (IT)10166460013