Home > News and Information > Industry News
whole Corporate News Industry News Exhibition & Events

China GB 44495-2024 Automotive Cybersecurity Technical Requirements (2026 Update)

2026-05-08

Update May 2026: MIIT released Amendment No.1 in Dec 2025, postponing the mandatory implementation for new vehicle models from Jan 1, 2026 to July 1, 2026.

1. Official Full Name of GB 44495-2024

GB 44495-2024 Technical Requirements for Automotive Vehicle Cybersecurity. No independent GB 44495 certification certificate is issued. As a mandatory national standard under MIIT compliance, unqualified vehicles cannot obtain announcement approval for mass production and license registration.

  2. Key Mandatory Timeline

·Newly declared vehicle models: Mandatory from July 1, 2026

·Existing in-production models: Transition period until January 1, 2028

  3. Applicable Vehicle Scope

Covers M-category passenger vehicles, N-category cargo vehicles, and O-category trailers equipped with ECU electronic control units. Almost all intelligent connected vehicles are included; only pure mechanical vehicles without ECUs are exempted.

  4. Core Definition: Not Independent Certification

GB 44495 is a mandatory test item in whole vehicle announcement inspection, without separate certification. Different from UN R155, it does not require prior CSMS system certification; CSMS is voluntary for enterprise optimization rather than a precondition.

  5. Four Major Test Modules

·External Interface Security: Audit OBD, USB, WiFi, Bluetooth, Ethernet and remote APP interfaces; rectify unclosed debug ports and unauthenticated Bluetooth pairing.

·Vehicle Communication Security: Protect vehicle-cloud, V2X and in-vehicle CAN/Ethernet data from tampering, eavesdropping and fake command injection.

·OTA Upgrade Security: Mandatory signature verification, power-off protection, automatic rollback and traceable upgrade records.

·Vehicle Data Security: Strict control of personal information and cross-border data transmission; users have the right to delete personal data within 10 working days; clear prompt for in-vehicle cameras and microphones.

  6. Hard Red Line for High-Risk Vulnerabilities

Vehicles with remote control systems must fix high-risk vulnerabilities exposed for over 6 months on official vulnerability platforms; unrectified vulnerabilities result in direct test failure.

  7. Enterprise Compliance Suggestions

·New models: Complete internal pre-inspection and pre-testing in advance; sort out data cross-border compliance.

·Existing models: Prioritize vulnerability remediation and security reinforcement for OTA and remote control vehicles before the transition deadline.


For China GB 44495-2024 certification, contact Blueasia Testing & Certification Consultant: 13534225140

Related News:
  • Kuwait KWS GSO 2693:2023 Certification Cycle | Detailed Timeline Breakdown
  • Kuwait KWS GSO 2693:2023 Certification Cost | Expense Composition & Cost-saving Tips
  • What is Kuwait KWS GSO 2693:2023 Certification | Full CITRA Type Approval Process
  • GSO 2693:2022 Standard Definition | Covered Products & Full Test Items 2026
  • Complete Document Checklist for GSO 2693 Certification + GCC Country Certificate Validity Period 2026

    • Related News

    EU Regulation 2017/79 Certification Standards, Test Items & Products (2026)

    How Much Does GB 44495 Testing Cost?