1. Scope 范围

1.1 This Regulation applies to vehicles, with regard to cyber security, of the Categories M and N.
This Regulation also applies to vehicles of Category O if fitted with at least one electronic control unit.

1.1 本法规适用于M类和N类车辆的网络安全。
本法规亦适用于安装至少一个电子控制装置的O类车辆。

车辆类型：

1. M类：至少具有4个车轮的专为人员运输而设计的车辆，并进一步根据座位和质量分为：M1、M2、M3
   • M1：包括驾驶员在内不超过9个座位，且最大载重不超过3.5吨
   • M2：包括驾驶员在内超过9个座位，且最大载重不超过5吨
   • M3：包括驾驶员在内超过9个座位，且最大载重超过5吨
2. N类：至少具有4个车轮的专为货物运输而设计的车辆，并根据质量进一步分为：N1、N2、N3
   • N1：最大载重不超过3.5吨
   • N2：最大载重超过3.5吨但不大于12吨
   • N3：最大载重超过12吨
3. L类：轻便摩托车、摩托车、机动三轮车和四轮车
4. O类：拖车
   具体可查阅 https://transportpolicy.net/standard/eu-vehicle-definitions

1.2 This Regulation also applies to vehicles of the Categories L6 and L7 if equipped with automated driving functionalities from level 3 onwards, as defined in the reference document with definitions of Automated Driving under WP.29 and the General Principles for developing a UN Regulation on automated vehicles (ECE/TRANS/WP.29/1140).

1.2 本法规同样适用于配备了3阶自动驾驶的L6和L7类车辆。自动驾驶的定义在WP.29和制定联合国自动驾驶车辆法规的一般原则（ECE/TRANS/WP.29/1140）

L6：空载质量不超过350公斤的四轮车（不包括车辆电池质量），最大时速不超过45km/h，且满足如下条件：

1. 发动机气缸不超过50立方厘米
2. 内燃机输出功能不超过4KW
3. 电机最大连续额定功能不超过4KW

L7：不属于L6类的四轮车，空载质量超过400公斤（载货车辆为550公斤），不包括电池质量，发动机功能不超过15KW。

1.3 This Regulation is without prejudice to other UN Regulations, regional or national legislations governing the access by authorized parties to the vehicle, its data, functions and resources, and conditions of such access. It is also without prejudice to the application of national and regional legislation on privacy and the protection of natural persons with regard to the processing of their personal data.

本法规不影响其他联合国法规、区域或国家立法所规定授权方使用车辆、其数据、功能和资源以及此类使用条件。也不妨碍在处理个人数据方面适用关于隐私和保护自然人的国家和区域立法

1.4 This Regulation is without prejudice to other UN Regulations, national or regional legislation governing the development and installation/system integration of replacement parts and components, physical and digital, with regards to cybersecurity.

本法规不影响其他联合国条例、国家或区域立法对网络安全方面实物和数字替换部件的开发和安装/系统集成的管理。

2. Definitions 术语

2.1 “Vehicle type” means vehicles which do not differ in at least the following essential respects:
(a) The manufacturer’s designation of the vehicle type;
(b) Essential aspects of the electric/electronic architecture and external interfaces with respect to cyber security.

2.1. “车辆类型”指至少以下方面没有区别：
(a) 制造商层面的类型名称相同
(b) 与网络安全相关的E/E架构和外设接口相同

2.2 “Cyber security” means the condition in which road vehicles and their functions are protected from cyber threats to electrical or electronic components.

2.2. “网络安全”指道路车辆及其功能免受对电气或电子部件的网络威胁的状态。

2.3 “Cyber Security Management System (CSMS)” means a systematic risk-based approach defining organisational processes, responsibilities and governance to treat risk associated with cyber threats to vehicles and protect them from cyberattacks.

2.3. “网络安全管理制度”指一种基于风险的系统方法，该方法定义了组织流程、职责和治理，以处理与车辆网络威胁相关的风险，并保护其免受网络攻击。

2.4 “System” means a set of components and/or sub-systems that implements a function or functions.

2.4. “系统”指实现一个或多个功能的一组组件和/或子系统。

2.5 “Development phase” means the period before a vehicle type is type approved.

2.5. “开发阶段”指车型获得型式批准之前的一段时间。

2.6 “Production phase” refers to the duration of production of a vehicle type.

2.6. “生产阶段”是指一种车型生产的持续时间。

2.7 “Post-production phase” refers to the period in which a vehicle type is no longer produced until the end-of-life of all vehicles under the vehicle type. Vehicles incorporating a specific vehicle type will be operational during this phase but will no longer be produced. The phase ends when there are no longer any operational vehicles of a specific vehicle type.

2.7. “后生产阶段”是指在该车型下的所有车辆使用寿命结束之前，不再生产该车型的阶段。在这一阶段，采用特定车辆类型的车辆将会投入使用，但将不再生产。该阶段结束时，不再有任何特定车辆类型的操作车辆。

2.8 “Mitigation” means a measure that is reducing risk.

2.8. "缓解"是指降低风险的措施。

2.9 “Risk” means the potential that a given threat will exploit vulnerabilities of a vehicle and thereby cause harm to the organization or to an individual.

2.9. “风险”指的是威胁将利用车辆的漏洞,从而对组织或个人造成伤害。

2.10 “Risk Assessment” means the overall process of finding, recognizing and describing risks (risk identification), to comprehend the nature of risk and to determine the level of risk (risk analysis), and of comparing the results of risk analysis with risk criteria to determine whether the risk and/or its magnitude is acceptable or tolerable (risk evaluation).

2.10. “风险评估”是指发现、识别和描述风险(风险识别)，理解风险的性质和确定风险水平(风险分析)，并将风险分析结果与风险准则进行比较，以确定风险和/或其大小是否可接受或可容忍(风险评价)的整个过程。

2.11 “Risk Management” means coordinated activities to direct and control an organization with regard to risk.

2.11. “风险管理”是指与风险有关的指导和控制组织的协调活动。

2.12 “Threat” means a potential cause of an unwanted incident, which may result in harm to a system, organization or individual.

2.12. “威胁”是指可能导致系统、组织或个人受到损害的不希望发生的事件的潜在原因。

2.13 “Vulnerability” means a weakness of an asset or mitigation that can be exploited by one or more threats.

2.13. "脆弱性"是指可被一个或多个威胁利用的资产或缓解措施的弱点。

3.Application for approval 申请批准

3.1. The application for approval of a vehicle type with regard to cyber security shall be submitted by the vehicle manufacturer or by their duly accredited representative.

3.1. 网络安全方面的车型审批申请应由车辆制造商或其合法的代表提交。

3.2. It shall be accompanied by the undermentioned documents in triplicate, and by the following particulars:

3.2. 以下单据一式三份，并附下列事项：

3.2.1. A description of the vehicle type with regard to the items specified in Annex 1 to this Regulation.

3.2.1. 与本法规附录1所列项目有关的车辆类型说明。

3.2.2. In cases where information is shown to be covered by intellectual property rights or to constitute specific know-how of the manufacturer or of their suppliers, the manufacturer or their suppliers shall make available sufficient information to enable the checks referred to in this Regulation to be made properly. Such information shall be treated on a confidential basis.
如果信息被证明属于知识产权，或属于制造商或其供应商的专有技术，则制造商或其供应商应提供足够的信息，以使本条例所述的检查能够正确进行。此类信息应在保密的基础上处理。

3.2.3. The Certificate of Compliance for CSMS according to paragraph 6 of this Regulation.

3.2.3. 符合本法规第6段规定的CSMS合规证书。

3.3. Documentation shall be made available in two parts:
(a) The formal documentation package for the approval, containing the material specified in Annex 1 which shall be supplied to the Approval Authority or its Technical Service at the time of submission of the type approval application. This documentation package shall be used by the Approval Authority or its Technical Service as the basic reference for the approval process. The Approval Authority or its Technical Service shall ensure that this documentation package remains available for at least 10 years counted from the time when production of the vehicle type is definitively discontinued.
(b) Additional material relevant to the requirements of this regulation may be retained by the manufacturer, but made open for inspection at the time of type approval. The manufacturer shall ensure that any material made open for inspection at the time of type approval remains available for at least a period of 10 years counted from the time when production of the vehicle type is definitively discontinued.

3.3. 文档被分为两部分：
(a) 批准的正式文件包，包含附录1规定的材料，应在提交型式批准申请时提供给批准机构或其技术服务部门。本文件包应使用由审批机构或其技术服务部门作为审批过程的基本参考。审批机构或其技术服务部门应确保该文件包至少在该车型最终停止生产之日起10年内可用。
(b) 与本法规要求有关的其他材料可由制造商保留，但在型式批准时开放供检查。制造商应确保在型式批准时开放供检验的任何材料至少在该车型确定停止生产之日起10年内仍然可用

4. Marking 标志

4.1. There shall be affixed, conspicuously and in a readily accessible place specified on the approval form, to every vehicle conforming to a vehicle type approved under this Regulation an international approval mark consisting of:

4.1. 每辆符合根据本法规认可的车辆型号的车辆，须在批准表格上指明的明显地方，加贴国际认可标志，该标志包括:

4.1.1. A circle surrounding the Letter “E” followed by the distinguishing number of the country which has granted approval.

4.1.1. 在字母“E”周围的圆圈，后面跟着批准国家的编号。

4.1.2. The number of this Regulation, followed by the letter “R”, a dash and the approval number to the right of the circle described in paragraph 4.1.1. above.

4.1.2. 本法规的编号，后面加上字母“R”、破折号和第4.1.1款上所述圆圈右侧的批准编号。

4.2. If the vehicle conforms to a vehicle type approved under one or more other Regulations annexed to the Agreement in the country which has granted approval under this Regulation, the symbol prescribed in paragraph 4.1.1. above need not be repeated; in this case the Regulation and approval numbers and the additional symbols of all the Regulations under which approval has been granted in the country which has granted approval under this Regulation shall be placed in vertical columns to the right of the symbol prescribed in paragraph 4.1.1. above.

4.2. 如果车辆符合根据本法规批准的国家的协议所附的一项或多项其他法规批准的车辆类型，则第4.1.1款规定的标志上内容无需重复;在这种情况下，在根据本法规给予批准的国家，所有根据本法规给予批准的条例的批准编号和附加符号应放在第4.1.1款规定的符号右侧的纵列中

4.3. The approval mark shall be clearly legible and shall be indelible.

4.3. 批准标志应当清晰易读，不可磨灭。

4.4. The approval mark shall be placed on or close to the vehicle data plate affixed by the Manufacturer.

4.4. 认可标志应放置在制造商贴出的车辆数据牌上或附近。

4.5. Annex 3 to this Regulation gives examples of the arrangements of the approval mark

4.5. 本法规附录3给出了批准标志安排的示例

5. Approval

5.1. Approval Authorities shall grant, as appropriate, type approval with regard to cyber security, only to such vehicle types that satisfy the requirements of this Regulation.

5.1. 审批机构应酌情仅对满足本法规要求的车辆类型授予网络安全方面的型式批准。

5.1.1. The Approval Authority or the Technical Service shall verify by means of document checks that the vehicle manufacturer has taken the necessary measures relevant for the vehicle type to:
(a) Collect and verify the information required under this Regulation through the supply chain so as to demonstrate that supplier-related risks are identified and are managed;
(b) Document risks assessment (conducted during development phase or retrospectively), test results and mitigations applied to the vehicle type, including design information supporting the risk assessment;
© Implement appropriate cyber security measures in the design of the vehicle type;
(d) Detect and respond to possible cyber security attacks;
(e) Log data to support the detection of cyber-attacks and provide data forensic capability to enable analysis of attempted or successful cyberattacks.

5.1.1. 审批机构或技术服务部门应通过文件核查的方式核实车辆制造商已采取与该车型相关的必要措施:
(a) 通过供应链收集和验证本法规要求的信息，以证明与供应商相关的风险已被识别和管理
(b) 记录风险评估(在开发阶段或追溯进行)、测试结果和适用于车辆类型的缓解措施，包括支持风险评估的设计信息;
© 在车辆类型设计中实施适当的网络安全措施;
(d) 检测和应对可能的网络安全攻击
(e)记录数据，以支持网络攻击的检测，并提供数据取证能力，以分析企图或成功的网络攻击。

5.1.2. The Approval Authority or the Technical Service shall verify by testing of a vehicle of the vehicle type that the vehicle manufacturer has implemented the cyber security measures they have documented. Tests shall be performed by the Approval Authority or the Technical Service itself or in collaboration with the vehicle manufacturer by sampling. Sampling shall be focused but not limited to risks that are assessed as high during the risk assessment.

5.1.2. 审批机构或技术服务部门应通过对该车型的车辆进行测试来验证车辆制造商是否已实施其记录的网络安全措施。测试应由审批机构或技术服务部门自行或与车辆制造商合作抽样进行。抽样应集中但不限于风险评估中被评估为高的风险。

5.1.3. The Approval Authority or Technical Service shall refuse to grant the type approval with regard to cyber security where the vehicle manufacturer has not fulfilled one or more of the requirements referred to in paragraph 7.3., notably:
(a) The vehicle manufacturer did not perform the exhaustive risk assessment referred to in paragraph 7.3.3.; including where the manufacturer did not consider all the risks related to threats referred to in Annex 5, Part A;
(b) The vehicle manufacturer did not protect the vehicle type against risks identified in the vehicle manufacturer’s risk assessment or proportionate mitigations were not implemented as required by paragraph 7.;
© The vehicle manufacturer did not put in place appropriate and proportionate measures to secure dedicated environments on the vehicle type (if provided) for the storage and execution of aftermarket software, services, applications or data;
(d) The vehicle manufacturer did not perform, prior to the approval, appropriate and sufficient testing to verify the effectiveness of the security measures implemented.

5.1.3. 如果车辆制造商未满足第7.3章节所述的一项或多项要求，则审批机构或技术服务部门应拒绝就网络安全进行型式批准。,特别是:
(a)车辆制造商没有执行第7.3.3章节所述的详尽的风险评估。包括制造商未考虑附录5 A部分所述威胁相关的所有风险的情况;
(b)车辆制造商没有保护车辆类型免受车辆制造商风险评估中确定的风险，或者没有按照第7章节的要求实施相应的缓解措施
©车辆制造商未采取适当和相称的措施，确保该车型(如有)的专用环境用于存储和执行售后软件、服务、应用程序或数据;
(d)在批准之前，车辆制造商没有进行适当和充分的测试来验证所实施安全措施的有效性。

5.1.4 The assessing Approval Authority shall also refuse to grant the type approval with regard to cyber security where the Approval Authority or Technical Service has not received sufficient information from the vehicle manufacturer to assess the cyber security of the vehicle type.

5.1.4. 如果审批机构或技术服务部门未从车辆制造商处获得足够信息以评估该车型的网络安全，则评估审批机构也应拒绝就网络安全授予车型批准。

5.2. Notice of approval or of extension or refusal of approval of a vehicle type pursuant to this Regulation shall be communicated to the Parties to the 1958 Agreement which apply this Regulation, by means of a form conforming to the model in Annex 2 to this Regulation.

5.2. 根据本条例批准或延长或拒绝批准一种车型的通知，应以符合本条例附件2中式样的形式，传达给适用本条例的1958年协定缔约方。

5.3. Approval Authorities shall not grant any type approval without verifying that the manufacturer has put in place satisfactory arrangements and procedures to manage properly the cyber security aspects as covered by this Regulation.

5.3. 批准机构不得授予任何型式批准，除非核实制造商已制定了令人满意的安排和程序，以妥善管理本法规所涵盖的网络安全方面

5.3.1. The Approval Authority and its Technical Services shall ensure, in addition to the criteria laid down in Schedule 2 of the 1958 Agreement that they have:
(a) Competent personnel with appropriate cyber security skills and specific automotive risk assessments knowledge;1
(b) Implemented procedures for the uniform evaluation according to this Regulation.

5.3.1. 除1958年协定附表2规定的标准外，批准机构及其技术服务部门应确保:
(a)具备适当网络安全技能和特定汽车风险评估知识的胜任人员
(b)根据本条例实施统一评价程序。

5.3.2. Each Contracting Party applying this Regulation shall notify and inform by its Approval Authority other Approval Authorities of the Contracting Parties applying this UN Regulation about the method and criteria taken as a basis by the notifying Authority to assess the appropriateness of the measures taken in accordance with this regulation and in particular with paragraphs 5.1., 7.2. and 7.3.
This information shall be shared (a) only before granting an approval according to this Regulation for the first time and (b) each time the method or criteria for assessment is updated.
This information is intended to be shared for the purposes of collection and analysis of the best practices and in view of ensuring the convergent application of this Regulation by all Approval Authorities applying this Regulation.

5.3.2. 适用本条例的每一缔约方应通过其审批机构通知并通知适用本条例的缔约方的其他审批机构，通知机构为评估根据本条例特别是第5.1、7.1和7.3章节采取的措施的适当性所采用的方法和标准。
该信息应在以下情况下共享:(a)仅在根据本法规第一次批准之前和(b)每次更新评估方法或标准时共享。
共享这些信息的目的是为了收集和分析最佳实践，并确保所有适用本法规的审批机构统一适用本法规。

5.3.3. The information referred to in paragraph 5.3.2 shall be uploaded in English language to the secure internet database “DETA”,2 established by the United Nations Economic Commission for Europe, in due time and no later than 14 days before an approval is granted for the first time under the methods and criteria of assessment concerned. The information shall be sufficient to understand what minimum performance levels the Approval Authority adopted for each specific requirement referred to in paragraph 5.3.2 as well as the processes and measures it applies to verify that these minimum performance levels are met. 3

5.3.3. 第5.3.2章节所述的信息应在适当时间内，不迟于根据有关评估方法和标准首次批准前14天，以英文上传至联合国欧洲经济委员会建立的安全互联网数据库“DETA”2。这些信息应足以理解批准机构对第5.3.2章节所述的每项具体要求采用的最低绩效水平，以及其用于验证满足这些最低绩效水平的过程和措施

5.3.4. Approval Authorities receiving the information referred to in paragraph 5.3.2 may submit comments to the notifying Approval Authority by uploading them to DETA within 14 days after the day of notification.

5.3.4. 收到第5.3.2段所述信息的审批机构可以在通知之日起14天内将其上传到DETA，向通知批准机构提交意见

5.3.5. If it is not possible for the granting Approval Authority to take into account the comments received in accordance with paragraph 5.3.4., the Approval Authorities having sent comments and the granting Approval Authority shall seek further clarification in accordance with Schedule 6 to the 1958 Agreement. The relevant subsidiary Working Party4 of the World Forum for Harmonization of Vehicle Regulations (WP.29) for this Regulation shall agree on a common interpretation of methods and criteria of assessment.5 That common interpretation shall be implemented and all Approval Authorities shall issue type approvals under this Regulation accordingly.

5.3.5. 如果批准机构不可能考虑根据第5.3.4章节收到的意见，提出意见的审批机构和给予意见的审批机构应按照1958年协定附表6寻求进一步澄清。世界车辆法规协调论坛(WP.29)关于本法规的相关附属工作组4应就评估方法和标准的共同解释达成一致这一共同解释应予以实施，所有审批机构应根据本法规相应地颁发型式批准。

5.3.6. Each Approval Authority granting a type approval pursuant to this Regulation shall notify other Approval Authorities of the approval granted. The type approval together with the supplementing documentation shall be uploaded in English language by the Approval Authority within 14 days after the day of granting the approval to DETA.6

5.3.6. 根据本条例进行型式批准的各审批机构应将批准情况通知其他审批机构。型式审批连同补充文件应在批准deta之日起14天内由批准机构以英文上传

5.3.7. The Contracting Parties may study the approvals granted based on the information uploaded according to paragraph 5.3.6. In case of any diverging views between Contracting Parties this shall be settled in accordance with Article 10 and Schedule 6 of the 1958 Agreement. The Contracting Parties shall also inform the relevant subsidiary Working Party of the World Forum for Harmonization of Vehicle Regulations (WP.29) of the diverging interpretations within the meaning of Schedule 6 to the 1958 Agreement. The relevant Working Party shall support the settlement of the diverging views and may consult with WP.29 on this if needed.

5.3.7. 缔约方可根据根据第5.3.6款上传的信息研究授予的批准。如缔约方之间有任何不同意见，应按照1958年协定第10条和附表6解决。各缔约方还应将1958年协定附表6含义范围内的不同解释通知世界车辆规则统一论坛(WP.29)的有关附属工作组。有关工作组应支持解决分歧意见，必要时可就此与WP.29协商。

5.4. For the purpose of paragraph 7.2. of this Regulation, the manufacturer shall ensure that the cyber security aspects covered by this Regulation are implemented.

5.4. 为达成第7.2章节的目标，在本法规中，制造商应确保本法规所涵盖的网络安全方面得到实施。

6. Certificate of Compliance for Cyber Security Management System 网络安全管理体系合规证书

6.1. Contracting Parties shall appoint an Approval Authority to carry out the assessment of the manufacturer and to issue a Certificate of Compliance for CSMS.

6.1. 缔约方应指定一个审批机构对制造商进行评估，并颁发CSMS的符合性证书。

6.2. An application for a Certificate of Compliance for Cyber Security Management System shall be submitted by the vehicle manufacturer or by their duly accredited representative.

6.2. 网络安全管理系统合规证书的申请应由车辆制造商或其正式认可的代表方提交

6.3. It shall be accompanied by the undermentioned documents in triplicate, and by the following particular:
6.3.1. Documents describing the Cyber Security Management System.
6.3.2. A signed declaration using the model as defined in Appendix 1 to Annex 1.

6.3. 以下文件一式三份：
6.3.1. 描述网络安全管理系统的文件。
6.3.2. 使用附录1的附加1中定义的模型的已签署声明。

6.4. In the context of the assessment, the manufacturer shall declare using the model as defined in Appendix 1 to Annex 1 and demonstrate to the satisfaction of the Approval Authority or its Technical Service that they have the necessary processes to comply with all the requirements for cyber security according to this Regulation.

6.4. 在评估的背景下，制造商应声明使用附录1至附加1中定义的模型，并向批准机构或其技术服务部门证明，他们具有必要的流程，符合本法规规定的所有网络安全要求。

6.5. When this assessment has been satisfactorily completed and in receipt of a signed declaration from the manufacturer according to the model as defined in Appendix 1 to Annex 1, a certificate named Certificate of Compliance for CSMS as described in Annex 4 to this Regulation (hereinafter the Certificate of Compliance for CSMS) shall be granted to the manufacturer.

6.5. 当该评估圆满完成并收到制造商根据附录1附加1中定义的模型签署的声明时，应授予制造商本法规附件4中所述的CSMS符合性证书(以下简称CSMS符合性证书)。

6.6. The Approval Authority or its Technical Service shall use the model set out in Annex 4 to this Regulation for the Certificate of Compliance for CSMS.

6.6. 审批机构或其技术服务部门应使用本法规附件4中规定的模式来制作CSMS符合性证书。

6.7. The Certificate of Compliance for CSMS shall remain valid for a maximum of three years from the date of deliverance of the certificate unless it is withdrawn.

6.7. 除非撤销证书，否则CSMS合规证书自证书交付之日起最长有效期为三年。

6.8. The Approval Authority which has granted the Certificate of Compliance for CSMS may at any time verify that the requirements for it continue to be met.The Approval Authority shall withdraw the Certificate of Compliance for CSMS if the requirements laid down in this Regulation are no longer met.

6.8. 授予CSMS符合性证书的批准机关可随时核实其是否继续符合要求。如果不再满足本条例规定的要求，批准机关应撤销CSMS合规证书。

6.9. The manufacturer shall inform the Approval Authority or its Technical Service of any change that will affect the relevance of the Certificate of Compliance for CSMS. After consultation with the manufacturer, the Approval Authority or its Technical Service shall decide whether new checks are necessary.

6.9. 制造商应将任何影响CSMS符合性证书相关性的变更通知审批机构或其技术服务部门。在与制造商协商后，审批部门或其技术服务部门应决定是否需要进行新的检查。

6.10. In due time, permitting the Approval Authority to complete its assessment before the end of the period of validity of the Certificate of Compliance for CSMS, the manufacturer shall apply for a new or for the extension of the existing Certificate of Compliance for CSMS. The Approval Authority shall,
subject to a positive assessment, issue a new Certificate of Compliance for CSMS or extend its validity for a further period of three years. The Approval Authority shall verify that the CSMS continue to comply with the requirements of this Regulation. The Approval Authority shall issue a new certificate in cases where changes have been brought to the attention of the Approval Authority or its Technical Service and the changes have been positively reassessed.

6.10. 在适当的时候，允许审批机构在CSMS符合性证书有效期结束前完成其评估，制造商应申请新的或延长现有的CSMS符合性证书。审批机构应当:
若评估结果为正面，则会发出新的符合标准证书，或将证书的有效期再延长三年。审批机构应核实CSMS是否继续遵守本法规的要求。如果变更已提请审批机构或其技术服务部门注意，并且变更已得到同意性的重新评估，则批准机关应颁发新的证书。

6.11. The expiry or withdrawal of the manufacturer’s Certificate of Compliance for CSMS shall be considered, with regard to the vehicle types to which the CSMS concerned was relevant, as modification of approval, as referred to in paragraph 8, which may include the withdrawal of the approval if the conditions for granting the approval are not met anymore.

6.11. 就与CSMS相关的车辆类型而言，制造商的CSMS符合性证书的到期或撤回应被视为第8章节所述的批准修改，其中可能包括在授予批准的条件不再满足时撤回批准。

7. Specifications 规范

7.1. General specifications

7.1. 通用规范

7.1.1. The requirements of this Regulation shall not restrict provisions or requirements of other UN Regulations.

7.1.1. 本法规的要求不得妨碍联合国其他法规的规定或要求。

7.2. Requirements for the Cyber Security Management System

7.2. 网络安全管理系统需求

7.2.1. For the assessment the Approval Authority or its Technical Service shall verify that the vehicle manufacturer has a Cyber Security Management System in place and shall verify its compliance with this Regulation.

7.2.1. 为进行评估，审批机构或其技术服务部门应核实车辆制造商已建立网络安全管理系统，并应核实其是否符合本法规。

7.2.2. The Cyber Security Management System shall cover the following aspects:

7.2.2. 网络安全管理体系应包括以下几个方面:

7.2.2.1. The vehicle manufacturer shall demonstrate to an Approval Authority or Technical Service that their Cyber Security Management System applies to the following phases:
(a) Development phase;
(b) Production phase;
© Post-production phase.

7.2.2.1. 车辆制造商应向审批机构或技术服务部门证明其网络安全管理系统适用于以下阶段:
(a)开发阶段;
(b)生产阶段;
©后生产阶段。

7.2.2.2. The vehicle manufacturer shall demonstrate that the processes used within their Cyber Security Management System ensure security is adequately considered, including risks and mitigations listed in Annex 5. This shall include:
(a) The processes used within the manufacturer’s organization to manage cyber security;
(b) The processes used for the identification of risks to vehicle types. Within these processes, the threats in Annex 5, Part A, and other relevant threats shall be considered;
© The processes used for the assessment, categorization and treatment of the risks identified;
(d) The processes in place to verify that the risks identified are appropriately managed;
(e) The processes used for testing the cyber security of a vehicle type;
(f) The processes used for ensuring that the risk assessment is kept current;
(g) The processes used to monitor for, detect and respond to cyber-attacks, cyber threats and vulnerabilities on vehicle types and the processes used to assess whether the cyber security measures implemented are still effective in the light of new cyber threats and vulnerabilities that have been identified.
(h) The processes used to provide relevant data to support analysis of attempted or successful cyber-attacks.

7.2.2.2. 车辆制造商应证明其网络安全管理系统中使用的流程确保充分考虑了安全性，包括附录5中列出的风险和缓解措施。这应包括:
(a)制造商组织内部用于管理网络安全的流程;
(b)用于识别对车辆类型风险的流程。在这个流程汇中，应考虑附录5 A部分中的威胁和其他相关威胁;
©用于评估、分类和处理已识别的风险的流程;
(d)验证所识别的风险是否得到适当管理的流程;
(e)用于测试某一车型网络安全的流程;
(f)用于确保风险评估与时俱进的流程;
(g)用于监测、检测和响应针对车辆类型的网络攻击、网络威胁和漏洞的流程，以及用于评估所实施的网络安全措施在已发现的新网络威胁和漏洞下是否仍然有效的流程。
(h)用于提供相关数据以支持对企图或成功的网络攻击进行分析的流程。

7.2.2.3. The vehicle manufacturer shall demonstrate that the processes used within their Cyber Security Management System will ensure that, based on categorization referred to in paragraph 7.2.2.2 © and 7.2.2.2 (g), cyber threats and vulnerabilities which require a response from the vehicle manufacturer shall be mitigated within a reasonable timeframe.

7.2.2.3. 车辆制造商应证明其网络安全管理系统中使用的流程将确保根据第7.2.2.2 ©和7.2.2.2 (g)章节所述的分类，在合理的时间范围内减轻需要车辆制造商做出响应的网络威胁和漏洞。

7.2.2.4. The vehicle manufacturer shall demonstrate that the processes used within their Cyber Security Management System will ensure that the monitoring referred to in paragraph 7.2.2.2 (g) shall be continual. This shall:
(a) Include vehicles after first registration in the monitoring;
(b) Include the capability to analyse and detect cyber threats, vulnerabilities and cyber-attacks from vehicle data and vehicle logs. This capability shall respect paragraph 1.3. and the privacy rights of car owners or drivers, particularly with respect to consent.

7.2.2.4. 车辆制造商应证明其网络安全管理系统中使用的流程将确保第7.2.2.2 (g)章节所述的监控是持续的。这应当:
(a)将首次登记后的车辆列入监测;
(b)包括从车辆数据和车辆日志中分析和检测网络威胁、漏洞和网络攻击的能力。这种能力应符合第1.3款以及车主或司机的隐私权，特别是关于同意的隐私权。

7.2.2.5. The vehicle manufacturer shall be required to demonstrate how their Cyber Security Management System will manage dependencies that may exist with contracted suppliers, service providers or manufacturer’s sub-organizations in regards of the requirements of paragraph 7.2.2.2.

7.2.2.5. 应要求车辆制造商说明其网络安全管理系统将如何根据第7.2.2.2章节的要求管理与合同供应商、服务提供商或制造商子组织之间可能存在的依赖关系。

7.3. Requirements for vehicle types

7.3. 车辆形式要求

7.3.1. The manufacturer shall have a valid Certificate of Compliance for the Cyber Security Management System relevant to the vehicle type being approved. However, for type approvals prior to 1 July 2024, if the vehicle manufacturer can demonstrate that the vehicle type could not be developed in compliance with the CSMS, then the vehicle manufacturer shall demonstrate that cyber security was adequately considered during the development phase of the vehicle type concerned.

7.3.1. 制造商应持有与获批车型相关的有效网络安全管理系统合规证书。然而，对于2024年7月1日之前的型号批准，如果车辆制造商能够证明该车型无法按照csm进行开发，则车辆制造商应证明在相关车型的开发阶段充分考虑了网络安全。

7.3.2. The vehicle manufacturer shall identify and manage, for the vehicle type being approved, supplier-related risks.

7.3.2. 车辆制造商应对被批准车型的供应商相关风险进行识别和管理。

7.3.3. The vehicle manufacturer shall identify the critical elements of the vehicle type and perform an exhaustive risk assessment for the vehicle type and shall treat/manage the identified risks appropriately. The risk assessment shall consider the individual elements of the vehicle type and their interactions. The risk assessment shall further consider interactions with any external systems. While assessing the risks, the vehicle manufacturer shall consider the risks related to all the threats referred to in Annex 5, Part A, as well as any other relevant risk.

7.3.3. 车辆制造商应识别车辆类型的关键要素，并对车辆类型进行详尽的风险评估，并应适当地处理/管理已识别的风险。风险评估应考虑车辆类型的各个要素及其相互作用。风险评估应进一步考虑与任何外部系统的相互作用。在评估风险时，车辆制造商应考虑与附录5 A部分所述的所有威胁相关的风险，以及任何其他相关风险。

7.3.4. The vehicle manufacturer shall protect the vehicle type against risks identified in the vehicle manufacturer’s risk assessment. Proportionate mitigations shall be implemented to protect the vehicle type. The mitigations implemented shall include all mitigations referred to in Annex 5, Part B and C which are relevant for the risks identified. However, if a mitigation referred to in Annex 5, Part B
or C, is not relevant or not sufficient for the risk identified, the vehicle manufacturer shall ensure that another appropriate mitigation is implemented.

In particular, for type approvals prior to 1 July 2024, the vehicle manufacturer shall ensure that another appropriate mitigation is implemented if a mitigation measure referred to in Annex 5, Part B or C is technically not feasible. The respective assessment of the technical feasibility shall be provided by the
manufacturer to the approval authority.

7.3.4. 汽车制造商应当保护该车型不受汽车制造商风险评估中确定的风险的影响。应实施相应的缓解措施，以保护车辆类型。实施的缓解措施应包括附录5 B和C章节中提及的与所确定的风险相关的所有缓解措施。但是，如果附录5 B和C章节所述的缓解，与识别的风险不相关或不充分时，车辆制造商应确保实施另一种适当的缓解措施。

特别是，对于2024年7月1日之前的型式批准，如果附录5 B或C章节所述的缓解措施在技术上不可行的情况下，车辆制造商应确保实施另一种适当的缓解措施。相应的技术可行性评估，由制造商提交到审批机关。

7.3.5. The vehicle manufacturer shall put in place appropriate and proportionate measures to secure dedicated environments on the vehicle type (if provided) for the storage and execution of aftermarket software, services, applications or data.

7.3.5. 车辆制造商应采取适当和相称的措施，确保该车型(如提供)专用环境的安全，用于存储和执行售后软件、服务、应用程序或数据。

7.3.6. The vehicle manufacturer shall perform, prior to type approval, appropriate and sufficient testing to verify the effectiveness of the security measures implemented.

7.3.6. 在型式认可之前，车辆制造商应进行适当和充分的测试，以验证所实施安全措施的有效性。

7.3.7. The vehicle manufacturer shall implement measures for the vehicle type to:
(a) Detect and prevent cyber-attacks against vehicles of the vehicle type;
(b) Support the monitoring capability of the vehicle manufacturer with regards to detecting threats, vulnerabilities and cyber-attacks relevant to the vehicle type;
© Provide data forensic capability to enable analysis of attempted or successful cyber-attacks.

7.3.7. 车辆制造企业应当实施车型管理措施，以便:
(a)检测和防止针对该类型车辆的网络攻击;
(b)支持车辆制造商在检测与车辆类型相关的威胁、漏洞和网络攻击方面的监控能力;
©提供数据取证能力，以便分析企图或成功的网络攻击。

7.3.8. Cryptographic modules used for the purpose of this Regulation shall be in line with consensus standards. If the cryptographic modules used are not in line with consensus standards, then the vehicle manufacturer shall justify their use.

7.3.8. 用于本法规目的的加密模块应符合共识标准。如果使用的加密模块不符合共识标准，则车辆制造商应证明其使用的合理性。

7.4. Reporting provisions 报告规定
7.4.1. The vehicle manufacturer shall report at least once a year, or more frequently if relevant, to the Approval Authority or the Technical Service the outcome of their monitoring activities, as defined in paragraph 7.2.2.2.(g)), this shall include relevant information on new cyber-attacks. The vehicle manufacturer shall also report and confirm to the Approval Authority or the Technical Service that the cyber security mitigations implemented for their vehicle types are still effective and any additional actions taken.

7.4.1. 车辆制造商应至少每年一次，或在相关情况下更频繁地向批准机构或技术服务部门报告其监测活动的结果，如第7.2.2.2 (g)章节所定义，其中应包括有关新网络攻击的相关信息。车辆制造商还应向审批机构或技术服务部门报告并确认，针对其车型实施的网络安全缓解措施仍然有效，并已采取任何其他措施。

7.4.2 The Approval Authority or the Technical Service shall verify the provided information and, if necessary, require the vehicle manufacturer to remedy any detected ineffectiveness.
If the reporting or response is not sufficient the Approval Authority may decide to withdraw the CSMS in compliance with paragraph 6.8.

7.4.2 审批机构或技术服务部门应核实所提供的信息，必要时，要求车辆制造商对发现的无效信息进行补充。
如果报告或答复不充分，批准机关可根据第6.8章节决定撤销CSMS。

8. Modification and extension of the vehicle type 车型的改装和扩展

8.1. Every modification of the vehicle type which affects its technical performance with respect to cybersecurity and/or documentation required in this Regulation shall be notified to the approval authority which approved the vehicle type. The Approval Authority may then either:

8.1. 任何影响其网络安全和/或本法规要求的文件方面的技术性能的车辆类型的修改应通知批准该车辆类型的批准机构。批准机构可:

8.1.1. Consider that the modifications made still comply with the requirements and documentation of existing type approval; or

8.1.1. 考虑所作的修改仍符合现有型式批准的要求和文件;或

8.1.2. Proceed to necessary complementary assessment pursuant to paragraph 5, and require, where relevant, a further test report from the Technical Service responsible for conducting the tests.

8.1.2. 根据第5章节进行必要的补充评估，并在相关情况下要求负责进行测试的技术处提供进一步的测试报告。

8.1.3. Confirmation or extension or refusal of approval, specifying the alterations, shall be communicated by means of a communication form conforming to the model in Annex 2 to this Regulation. The Approval Authority issuing the extension of approval shall assign a series number for such an extension and inform there of the other Parties to the 1958 Agreement applying this Regulation by means of a communication form conforming to the model in Annex 2 to this Regulation.

8.1.3. 确认、延期或拒绝批准，具体说明变更，应通过符合本条例附录2格式的通信形式传达。签发延期批准的审批机关应为延期批准分配一个编号，并以符合本条例附录2格式的函件通知适用本法规的1958年协定其他缔约方。

9. Conformity of production

9.1. The Conformity of Production Procedures shall comply with those set out in the 1958 Agreement, Schedule 1 (E/ECE/TRANS/505/Rev.3) with the following requirements:

9.1. 生产程序的符合性应符合1958年协议附表1 (E/ECE/TRANS/505/Rev.3)的规定，并符合以下要求:

9.1.1. The holder of the approval shall ensure that results of the conformity of production tests are recorded and that the annexed documents remain available for a period determined in agreement with the Approval Authority or its Technical Service. This period shall not exceed 10 years counted from the time when production is definitively discontinued;

9.1.1. 批准的持有人应确保记录生产试验的符合性结果，并确保所附文件在与审批机关或其技术服务处商定的期限内保持可用。该期限自确定停止生产之日起计算，不得超过十年;

9.1.2. The Approval Authority which has granted type approval may at any time verify the conformity control methods applied in each production facility. The normal frequency of these verifications shall be once every three years.

9.1.2. 授予型式认可的审批机构可随时对每个生产设施采用的符合性控制方法进行验证。这些核查的正常频率应为每三年一次。

10. Penalties for non-conformity of production 生产不合格的处罚

10.1. The approval granted in respect of a vehicle type pursuant to this Regulation may be withdrawn if the requirements laid down in this Regulation are not complied with or if sample vehicles fail to comply with the requirements of this Regulation.

10.1. 如不符合本法规所列的规定，或样本车辆不符合本法规的规定，则可撤回根据本法规就某类型车辆所给予的批准。

10.2. If an Approval Authority withdraws an approval it has previously granted, it shall forthwith so notify the Contracting Parties applying this Regulation, by means of a communication form conforming to the model in Annex 2 to this Regulation.

10.2. 如果审批机关撤销其先前授予的批准，应立即以符合本条例附录2格式的函件通知适用本条例的缔约方。

11. Production definitively discontinued 停产

11.1. If the holder of the approval completely ceases to manufacture a type of vehicle approved in accordance with this Regulation, he shall so inform the authority which granted the approval. Upon receiving the relevant communication that authority shall inform thereof the other Contracting Parties to the Agreement applying this Regulation by means of a copy of the approval form bearing at the end, in large letters, the signed and dated annotation “PRODUCTION DISCONTINUED”.

11.1. 持证人完全停止生产按本条例批准的车辆的，应当通知批准机关。在收到有关通知后，该机构应将批准表格的副本通知适用本法规的协定其他缔约方，批准表格的末尾应以大写字母注明签名和日期的注释“生产停止”。

12. Names and addresses of Technical Services responsible for conducting approval test, and of Type Approval Authorities负责进行认可试验的技术服务部门和型式认可机构的名称和地址

12.1. The Contracting Parties to the Agreement which apply this Regulation shall communicate to the United Nations Secretariat the names and addresses of the Technical Services responsible for conducting approval tests and of the Type Approval Authorities which grant approval and to which forms certifying approval or extension or refusal or withdrawal of approval, issued in other countries, are to be sent.

12.1. 适用本法规的本协定缔约方应将负责进行认可试验的技术部门和批准型式认可的机构的名称和地址通知联合国秘书处，并向这些机构寄送其他国家签发的认可、延期、拒绝或撤回认可的证明表格。

Annex 附录1

Infomation document 资料文档

The following information, if applicable, shall be supplied in triplicate and include a list of
contents. Any drawings shall be supplied in appropriate scale and in sufficient detail on size
A4 or on a folder of A4 format. Photographs, if any, shall show sufficient detail.

1. Make (trade name of manufacturer): …
2. Type and general commercial description(s):…
3. Means of identification of type, if marked on the vehicle: …
4. Location of that marking: …
5. Category(ies) of vehicle:…
6. Name and address of manufacturer/ manufacturer’s representative:…
7. Name(s) and Address(es) of assembly plant(s): …
8. Photograph(s) and/or drawing(s) of a representative vehicle: …
9. Cyber Security
   9.1. General construction characteristics of the vehicle type, including:
   (a) The vehicle systems which are relevant to the cyber security of the vehicle type;
   (b) The components of those systems that are relevant to cyber security;
   © The interactions of those systems with other systems within the vehicle type and external interfaces.
   9.2. Schematic representation of the vehicle type
   9.3. The number of the Certificate of Compliance for CSMS: …
   9.4. Documents for the vehicle type to be approved describing the outcome of its risk assessment and the identified risks: …
   9.5 Documents for the vehicle type to be approved describing the mitigations that have been implemented on the systems listed, or to the vehicle type, and how they address the stated risks: …
   9.6. Documents for the vehicle type to be approved describing protection of dedicated environments for aftermarket software, services, applications or data:…
   9.7. Documents for the vehicle type to be approved describing what tests have been used to verify the cyber security of the vehicle type and its systems and the outcome of those tests:…
   9.8. Description of the consideration of the supply chain with respect to cyber security:…

Annex 1 - Appendix 1

Model of Manufacturer’s Declaration of Compliance for CSMS
Manufacturer’s declaration of compliance with the requirements for the Cyber Security Management System
Manufacturer Name: …
Manufacturer Address:…
……………………(Manufacturer Name) attests that the necessary processes to comply with
the requirements for the Cyber Security Management System laid down in
paragraph 7.2 of UN Regulation 155 are installed and will be maintained.
Done at: …………………… (place)
Date: …
Name of the signatory: …
Function of the signatory: …
…
(Stamp and signature of the manufacturer’s representative)

Annex 4

Attachments: description of the Cyber Security Management System by the manufacturer.
附件：制造商对CSMS的描述

Annex 5

List of threats and corresponding mitigations

1. This annex consists of three parts. Part A of this annex describes the baseline for threats, vulnerabilities and attack methods. Part B of this annex describes mitigations to the threats which are intended for vehicle types. Part C describes mitigations to the threats which are intended for areas outside of vehicles, e.g. on IT backends.

1. 本附录由三部分组成。章节A描述威胁、漏洞和攻击方式的基线。章节B描述针对车辆类型的威胁的缓解措施。章节C描述针对车辆外部区域（例如IT后端）的威胁的缓解措施。

2. Part A, Part B, and Part C shall be considered for risk assessment and mitigations to be implemented by vehicle manufacturers.

2.章节A、章节B、章节C都应被车辆制造商考虑用于风险评估和实施缓解措施。

3. The high-level vulnerability and its corresponding examples have been indexed in Part A. The same indexing has been referenced in the tables in Parts B and C to link each of the attack/vulnerability with a list of corresponding mitigation measures.

3.高层次的漏洞和其对应的示例被罗列到章节A中。章节B和章节C也引用的同样的索引，将每个攻击/漏洞与相应的缓解措施列表联系起来。

4. The threat analysis shall also consider possible attack impacts. These may help ascertain the severity of a risk and identify additional risks. Possible attack impacts may include:
   (a) Safe operation of vehicle affected;
   (b) Vehicle functions stop working;
   © Software modified, performance altered;
   (d) Software altered but no operational effects;
   (e) Data integrity breach;
   (f) Data confidentiality breach;
   (g) Loss of data availability;
   (h) Other, including criminality.

4.威胁分析应同样考虑可能的攻击影响。这些影响可能会帮助确定风险的严重程度和识别额外的风险。可能的攻击影响可包括：
(a) 受影响车辆的安全操作；
(b) 车辆功能停止工作；
© 软件被修改，性能被改变；
(d) 软件被改变，但对操作无影响；
(e) 数据完整性被破坏；
(f) 数据机密性被破坏；
(g) 丧失数据可用性；
(h) 其他，包括犯罪行为；

Part A. Vulnerability or attack method related to the threats关联威胁的漏洞或攻击方式

1. High level descriptions of threats and relating vulnerability or attack method are listed in Table A1.
   Table A1 List of vulnerability or attack method related to the threats

1.表A1列出了威胁和相关漏洞或攻击方法的高层次描述

Part B.Mitigations to the threats intended for vehicles针对车辆威胁的缓解措施

1. Mitigations for “Vehicle communication channels” “车辆通信信道”的缓解措施

Mitigations to the threats which are related to “Vehicle communication channels” are listed in Table B1.缓解“车辆通信信道”相关的威胁的措施罗列在表B.1中
Table B1
Mitigation to the threats which are related to “Vehicle communication channels”

2. Mitigations for “Update process” "更新程序"的环节措施

Mitigations to the threats which are related to “Update process” are listed in Table B2.
和“更新程序”相关威胁的环节措施罗列在表B2
Table B2
Mitigations to the threats which are related to “Update process”

3. Mitigations for “Unintended human actions facilitating a cyber attack” “无意的个人行为导致的网络攻击”的缓解措施

Mitigations to the threats which are related to “Unintended human actions facilitating a cyber attack” are listed in Table B3.
“无意的个人行为导致的网络攻击”相关威胁的缓解措施
Table B3
Mitigations to the threats which are related to “Unintended human actions facilitating a cyber attack”

4. Mitigations for “External connectivity and connections”

Mitigations to the threats which are related to “external connectivity and connections” are listed in Table B4.
车辆外部连接威胁的缓解措施罗列在表B4
Table B4
Mitigation to the threats which are related to “external connectivity and connections”

5. Mitigations for "Potential targets of, or motivations for, an attack " “攻击的潜在动目标或动机”的缓解措施

Mitigations to the threats which are related to "Potential targets of, or motivations for, an attack " are listed in Table B5.
“攻击的潜在目标或动机”威胁的环节措施罗列在表B5
Table B5
Mitigations to the threats which are related to “Potential targets of, or motivations for, an attack”

6. Mitigations for “Potential vulnerabilities that could be exploited if not sufficiently protected or hardened” “如果没有得到充分保护或加固，可能被利用的潜在漏洞”的缓解措施

Mitigations to the threats which are related to “Potential vulnerabilities that could be exploited if not sufficiently protected or hardened” are listed in Table B6. “如果没有得到充分保护或加固，可能被利用的潜在漏洞”相关威胁的缓解措施罗列在表B6。
Table B6
Mitigations to the threats which are related to “Potential vulnerabilities that could be exploited if not sufficiently protected or hardened”

7. Mitigations for “Data loss / data breach from vehicle” “车辆数据丢失或数据泄露”的缓解措施

Mitigations to the threats which are related to “Data loss / data breach from vehicle” are listed in Table B7.
“车辆数据丢失或数据泄露”威胁的缓解措施罗列在表B7
Table B7
Mitigations to the threats which are related to “Data loss / data breach from vehicle”

8. Mitigations for “Physical manipulation of systems to enable an attack” “对系统进行物理操纵实现攻击”的缓解措施

Mitigation to the threats which are related to “Physical manipulation of systems to enable an attack” are listed in Table B8.“对系统进行物理操纵实现攻击”威胁的缓解措施罗列在表B8
Table B8
Mitigations to the threats which are related to “Physical manipulation of systems to enable an attack”

Part C. Mitigations to the threats outside of vehicles 车辆外部威胁的缓解措施

1. Mitigations for “Back-end servers” “后端服务”的缓解措施

Mitigations to the threats which are related to “Back-end servers” are listed in Table C1.“后端服务”相关威胁的缓解措施罗列在表C1
Table C1
Mitigations to the threats which are related to “Back-end servers”

2. Mitigations for “Unintended human actions” "无意的个人行为"的缓解措施

Mitigations to the threats which are related to “Unintended human actions” are listed in Table C2.
Table C2 "无意的个人行为"威胁的缓解措施
Mitigations to the threats which are related to “Unintended human actions”

3. Mitigations for “Physical loss of data” “数据物理丢失”的缓解措施

Mitigations to the threats which are related to “Physical loss of data” are listed in Table C3.
Table C3“数据物理丢失”威胁的缓解措施罗列在表C3
Mitigations to the threats which are related to “Physical loss of data loss”