With more software updates, there is a growing need for an accompanying international standard such as the ISO 24089, which shall provide standardization of software updates on a global level. In addition to ISO 24089, UN Regulation No. 156 has already established a more uniform approach to the requirements around software updates with the Software Update Management System (SUMS).
- I. Current challenges of software updates
- II. How ISO 24089 and UN Regulation No 156 will standardize software updates
- III. What is the difference between ISO 24089 and UN Regulation No 156?
- IV. What we know about ISO 24089 [as of March 2022]
- V. When will the ISO 24089 be released?
- VI. Getting ready for ISO 24089
Some decades ago, when the car was purely mechanical, fixing failures or implementing changes or upgrades was only possible at the workshop. Now compare that to today’s vehicles. Nowadays, upgrades can be made via software updates completely remotely and on the fly without a mechanic being involved.
All these capabilities are possible thanks to the increased use of electronic control units, which directly increases the complexity of software in vehicles.
Increased connectivity, in-car services, functionalities, features ways and functionality to distribute software play a role here.
Not surprisingly, in order to increase capabilities and enable upgrades, software updates are often performed. However, for many years software updates had been unregulated, which led to an increased number of bugs and incidents. Luckily, this is set to change with new standards and regulations.
Current challenges of software updates
Considering a vehicle’s life span is about 10 years or longer, a driving vehicle requires multiple updates over a prolonged period of time to ensure cybersecurity. Compared to previous decades, enhancing vehicle operations, performing maintenances and updates remotely is a great improvement and opportunity.
At a first glance, it seems like an efficient way to add new capabilities, new in-vehicle apps features, and implementing important fixes.
However, while these updates are essential to provide security patches, they also represent a major challenge to the industry.
Just like cars could be hacked before connectivity came around, vehicles today can be hacked via one of the hundred ECUs, vulnerabilities on apps of connected smartphones, communication networks, etc.
Due to increased connectivity, cars are more vulnerable now than ever.
To make matters more complicated in the automotive industry, although there has been some practice to verify software updates during verification and validation at the development stage, there are no officially standardized best practices to verify software updates.
While OEMs might have already methods to confirm software updates, verifying all additional components originally produced by suppliers can get lost along the complex supply chain. Moreover, considering today’s cars have more than a hundred ECUs, verifying secure software updates for every single one of them remains a challenge.
How ISO 24089 and UN Regulation No 156 will standardize software updates
The introduction of industry set standard ISO 24089 “Road vehicles – Software update engineering” is set to change the management of software updates and move towards a uniform approach managing requirements.
In parallel, compliance with the UN Regulation No 156 is required by the European Union’s General Safety Regulation (GSR) for a vehicle type approval for all UNECE member countries. The UN Regulation No 156 makes management and documentation of software updates mandatory for vehicles These requirements are covering type approval relevant systems and components, as well as safety and continuous operation related functions.
This will be managed and documented through the certified Software Update Management System (SUMS). Under the UN Regulation No 156, manufacturers are required to assess and renew certified SUMS at least every three years. Read more about it in our blog UN Regulation No 156: Software Update Management System (SUMS).
What is the difference between ISO 24089 and UN Regulation No 156?
Regarding the product liability law, with the implementation of the ISO 24089 standard it can be proven that the design and implementation of processes is according to the requirements for a proper SUMS, which also supports the proof that the OEM is adhering to the requirements from the UN R156.
However, being compliant to the standard does not automatically mean that a company is compliant to the regulation and vice versa.
Further, it should be noted that an audit and official certification of the SUMS in accordance with the requirements for UN R156 by a technical service, is currently only performed for OEMs and not for suppliers.
The SUMS certification follows the same approach as the CSMS certification according to UNR155.
A Technical Service (such as TÜV or Dekra) performs the audit. An audit report is prepared and handed over to the Approval Authority (e.g. the German Kraftfahrtbundesamt KBA) for approval of the audit.
This way, a Certificate of Compliance (CoC) can be issued by the Approval Authority (after the audit by the Technical Service).
This does not mean that suppliers will not have to demonstrate their compliance with UN Regulation No 156. The suppliers might have to support the OEM with documentation or even provision of software updates and this in a managed way.
What we know about ISO 24089 [as of March 2022]
The ISO 24089 Road vehicles – Software update engineering is currently still “under development”. In fact, it will be published only after voting of the participating Working Committees is closed, which is the next step.
The ISO 24089 will not only provide technical requirements related to software updates and cybersecurity throughout the vehicle lifecycle, but also organizational and procedural requirements for the entire automotive supply chain. In short, it should ensure that:
- Vehicle software updates are secure and come from verified sources
- Processes and continuous improvements for software updates are implemented
- Create shared awareness of safety and cybersecurity along the automotive supply chain
Most importantly, as the ISO 24089 will describe the technical requirements for SUMS, OEMs and suppliers must further define organizational processes e.g. by defining how long software updates will be provided over a certain period and by which entity it will be provided.
With the upcoming ISO 24089 Road vehicles – Software update engineering, the UN Regulation No 156 have similar requirements as both require secure software update mechanisms.
Therefore, detailed alignment between the requirements of the ISO 24089 and the UN Regulation No 156 will be an important topic. Assessing the manufacturer’s software updates will identify the level of conformity to the UN Regulation No 156 and ISO 24089.
The ISO 24089 and UN Regulation No 156 are like the ISO/SAE 21434 being the standard that supports being adherend to the requirements of the UN Regulation No 155.
In the past, we’ve already served clients in harmonizing these two views and consolidated unified conformity with the standard and the regulation. Just like synchronization and alignment between the ISO/SAE 21434 and UN Regulation No 155 was a challenge that needed to be tackled, this time around won’t be different with the SUMS.
When will the ISO 24089 be released?
The ISO 24089 current status is still in the Draft International Standard (DIS), with the plan to release the standard end of the year 2022.
Getting ready for ISO 24089
It can be stated that subjects such as quality management, information security, functional safety, and cybersecurity are closely connected to SUMS and some requirements go hand in hand with each other.
Finally, processes to interact with vehicle users and provide skilled personnel in cases of specific over-the-air updates as well as thorough documentation are necessary to ensure that vehicle software updates are conducted as required.
Now it is a good time for all stakeholders involved to initiate dialogues between OEMs and suppliers to ensure software updates are conform to regulations like the UN Regulation No 156, but also the international standard ISO 24089 as well as other related automotive relevant standards.
Risk must be mitigated during the entire vehicle lifecycles. Our UN R156 learning portfolio can already give you a knowledge boost and overview of current demands for software update management systems
As soon as the publication of ISO 24089 is official, we will host a live webcast, similar to the UN Regulation No 156 on Software Update Management System.
Alternatively, you can also learn about the UNECE Regulation No. 156 in our short video course.
Stay tuned with our newsletter for more upcoming news related to ISO 24089.
Tobias Pilz is Lead Senior Consultant at CYRES Consulting. His expertise includes the implementation and audit of Information and Cybersecurity Management Systems and Processes as well as Ethical Hacking.
At CYRES Consulting he is involved in different cybersecurity projects and also a member of the DIN NA052-00–32-12 AK Software Update Engineering and thus also of the ISO/TC 22/SC 32/WG 12 “Software Update” covering the development of the ISO 24089.