·Cancel independent CSMS certification (security system documents submitted together with vehicle test files);
·New models launched post Jul 1 2026 follow mandatory GB44495 while existing listed in-production cars get grace period till Jan 2028;
·O-type trailers remove from mandatory list.
Key enforcement update:
Full vehicle penetration testing becomes compulsory inspection including interface hacking, CAN bus hijacking and man-in-the-middle cloud communication attack; all detected vulnerabilities require closed-loop rectification with supporting paperwork. A new compulsory national standard for automotive data security is under drafting to upgrade current recommended specification.
Three-tier auto factory preparation status:
Premium OEMs with UN R155 EU certification finish all preparation; mid-size automakers complete gap analysis with pending document & penetration test; traditional fuel vehicle manufacturers face severe preparation shortage.
Cost-saving tip:
·Derivative models on identical vehicle platform with unchanged cybersecurity architecture share existing test reports; hardware/T-box core chip replacement triggers re-test.
·Urgent pre-compliance tasks: Reserve lab testing schedule in advance, complete TARA report & security management documents, audit core component suppliers’ security performance.
·Important note: EU UN R155 certification cannot replace domestic GB44495 vehicle announcement test.
BlueAsia arranges pre-compliance assessment to avoid delayed vehicle approval. Contact:13534225140
Related News
