TFCS-05 -06 Software Update — Type approval related

TFCS-05 -06 Software Update - Type approval related issues - Japan (Security TF of ITS/AD 10 -11. May 2017 @OICA / Paris) 1

Background Outcome TFCS-03 // 16 -17 February 2017 @ OICA Office, Paris (TFCS-03 -14 e) • Topic „Software updates“ consists of 2 elements: - security issues related to s/w updates => threat analysis - type approval related issues => dedicated discussion • Workscope of TF-CS - Review relevant existing regulations - Develop regulatory proposal to address software updates - Need for configuration control (s/w version identification) - Process for: - s/w updates for series production - s/w updates on registered vehicles (in-use) 2

Background Outcome TFCS-04 // 13 -14 March 2017 @ ITU, Geneva (TFCS-04 -14 e) • Japan and the Netherlands presented their view on how to further proceed on the type approval aspects of software updates. In addition, the EC report on software updates was reviewed. • The group agreed to look at the practicalities of post registration software updates, incl. responsibilities of stakeholders. • The group confirmed considering pre- and post registration software update issues • Further consideration shall be given to the in-field verification of the software status (configuration control) 3

Background Outcome TFCS-04 // 13 -14 March 2017 @ ITU, Geneva (TFCS-04 -14 e) Next Items • Review document from NL on the type approval on software updates (TFCS 04 -12) • OICA to provide input on configuration control • NL/JPN/OICA to develop common proposal for flow diagram on the type approval of software updates 4

Background NL/JPN/OICA have worked on the software update issue. Matrix to distinct actions depending update timing / impact on updates moment of update first type approval (TA) no impact not appicable existing TA, before no action Certificate of Conformity (Co. C) existing TA, after Co. C, no action before registration existing TA, after no action registration, by OEM existing TA, after registration, not by OEM limited impact not applicable severe impact not applicable extension TA new TA extension TA and new Co. C extension TA or individual approval or approval with limited scope. Registration according to national rules new TA and new Co. C new TA or individual approval or approval with limited scope. Registration according to national rules (multi stage) new National approval. Registration according to national rules 5 remark for first type approval, there is no update but the standard procedure for approval The number of individual approvals for a type may be limited, depending on national legislation approval with limited scope = modification on basis of a type approved retrofit adaptation (to be developed)

Development of common proposal on update issue work area of TF Before registration (after first TA, then before/after COC) After registration (after delivery) Measures for TA to deal with updates Necessary (should be in line with IWVTA) Out of TF’s scope (each nation’s issue) Measures for secure updates Necessary The common proposal conclude. . These will be covered by our security task part (currently working on threats analysis). 6

Next steps Vehicles’ functions to be updated (include OTA) should be identified. Cases which shall not be allowed updated by OTA should be identified as well. => This will be an important principle on OTA. Information: Japan is working on identifying cases of updates and can input in coming meetings. 7

Schedule(TBD) 2017 Feb. (2) 2018 Mar. (3) Apr. (4) May (5) ★2/16 -17 TF#3@Paris ★3/13 -14 TF#4@Geneva Identify update cases Jun. (6) ★5/10 -11 TF#5@Paris Jul. (7) Aug. Sep. (8) (9) Nov. (11) Building Update process 8 Dec. (12) Jan. (1) ★12/x TF#x @xx ★8/30 -31(? ) TF#7@Europe? ★6/13 -14 TF#6@Washington Identify functions Oct. (10) ★10/11 -12 TF#8@Tokyo Drafting recommendations