How to reach UNECE R155/R156 compliance

From the 1st of July 2024 vehicle manufacturers must comply with UNECE R155/R156 regulations. Let us help you reach compliance.

... > Automotive > UNECE R155/R156 compliance

Reaching UNECE R155/R156 compliance

The UNECE R155 and R156 regulations establish cybersecurity and software update requirements, to strengthen the safety and security of automotive systems. UNECE compliance:

  • Simplifies the regulatory process for manufacturers looking to sell their products in multiple countries.
  • Demonstrates your commitment to producing safe and secure vehicles, boosting consumer confidence and ultimately promoting the transition to more sustainable transportation options.
  • Promotes a collaborative approach, for instance knowledge sharing and the exchange of best practices, leading to a more comprehensive understanding of electric and hybrid vehicle safety.

The UNECE R155 and R156 regulations are complex. We have the expertise to help you ensure your automotive products meet these important international standards.


Gain insight into gaps


Find out which action to take


Get your vehicle certified

Countdown to UNECE R155/R156

From the 1st of July 2024 all vehicle manufacturers must comply with UNECE Cybersecurity Regulations.









Your challenges

The biggest challenges the automotive world faces with respect to the R155 and R156 regulations are:

  • Getting a clear understanding of the requirements in R155 and R156
  • Adapting existing processes to meet the requirements in R155 and R156
  • Drafting and implementing new processes where needed
  • Relying on a partner to efficiently support with advice
  • Getting the vehicles certified on time, to ensure smooth market access
Quote by

Razvan Venter

Manager Product Security


We still see many automotive companies struggle with the demands of UNECE, especially the smaller companies. We can help you in the whole compliance journey, from training all the way to certification.

How we can help you

We can assess your Cyber Security Management System (CSMS), Software Updates Management System (SUMS) and vehicle types against the requirements of UNECE Cybersecurity (R155) and Software Updates (R156) regulations.

Our UNECE R155 and R156 services


R155/R156 Training

Do you need more knowledge on the R155/R156 regulations? We can help you with an in-company training for your staff.


R155 and R156 Gap Assessment

During a Gap Assessment we review your CSMS processes (in case of R155), SUMS processes (in case of R156) and/or final vehicle type evidence.

You can expect an extensive documentation review and in-depth interviews between our experts and yours.

With the results of our report you can take concrete action to bridge gaps we have determined.


R155 Risk Assessment/TARA

Which threats pose a real risk to your product? We can help you find out with the R155 Risk Assessment/TARA services.

The assessment is highly interactive: together with your experts we conduct several workshops on the target system. You gain insight into threats through an initial Threat Modeling session, we review attack paths, do risk calculation and draw up joint conclusions.

The resulting TARA is fully compliant with the R155 and ISO 21434 requirements, and you can use it as direct evidence for certification.


R155/R156 Implementation and Testing Support

Depending on which gaps are determined during earlier assessments, you might need different kinds of Implementation Support. We offer consultancy services to help with implementation on both R155 and R156 regulations. Support can range from advice, all the way to actively draft (part of) the necessary processes. We also have extensive security testing experience, so we can help you perform the necessary tests.


R155/R156 certification

As a designated Technical Service (E4, E5, E24, E49) Secura can support you with the formal CSMS/SUMS certification of processes, and type approval of your vehicles.


What does UNECE mean for Suppliers?

What proof does a supplier need to give? Watch our Webinar on Demand "How automotive suppliers are affected".



UNECE R155/R156 Brochure (ENG)

Read all about our UNECE Services in this overview brochure.


Contact me

Do you want to know more about our UNECE services? Please fill out the form and we will contact you within one business day.



Secura is a leading cybersecurity expert. Our customers range from government and healthcare to finance and industry worldwide. Secura offers technical services, such as vulnerability assessments, penetration testing and red teaming. We also provide certification for IoT and industrial environments, as well as audits, forensic services and awareness training. Our goal is to raise your cyber resilience.

Secura is a Bureau Veritas company. Bureau Veritas (BV) is a publicly listed company specialized in testing, inspection and certification. BV was founded in 1828, has over 80.000 employees and is active in 140 countries. Secura is the cornerstone of the cybersecurity strategy of Bureau Veritas.