Motorcycles, scooters and electric bicycles with speed exceeding 25 km/h will be included in the scope of the UN Regulation No. 155 on cyber security and cyber security management.

Cybersecurity, within the context of road vehicles, is the protection of automotive electronic systems, communication networks, control algorithms, software, users, and underlying data from malicious attacks, damage, unauthorized access, or manipulation. The UNECE Cybersecurity regulation requires automotive manufacturers to establish cybersecurity measures to prevent cyber threats. This includes creating a management system, risk assessments, and continuous monitoring against potential vulnerabilities and threats.

The UNECE (United Nations Economic Commission for Europe) Working Party on Automated/Autonomous and Connected Vehicles decided to include motorcycles, scooters and electric bicycles with speed exceeding 25 km/h in the scope of the UN Regulation No. 155 on cyber security and cyber security management.

In force since January 2021, UN Regulation 155 is applied in various regions of the world and covers passenger cars, trucks, and buses. Its purpose is to offer an international framework for the type approval of road vehicles with regard to cyber security. Following the review of the requirements in that regulation and their possible suitability to adequately address the specificities of motorcycles, the Working Group agreed to insert this vehicle category in the scope of UN Regulation 155, with support of the motorcycle industry.

The decision to extend the scope of UN Regulation 155 to motorcycles (vehicle category L) will be submitted to the UNECE-hosted World Forum for Harmonization of Vehicle Regulations (WP.29) for adoption in June 2024. National implementation roadmaps can deviate from that and can also have roadmaps with earlier milestones. It comes at a time when the motorcycle industry has already introduced complex assistance systems in powered two-wheelers, such as Adaptative Cruise Control and advanced connectivity. These developments are justifying the growing concerns about potential cyber risks for this type of vehicles. Furthermore, it comes in a context of increased regulation affecting the automotive industry, especially in China, Europe and India, as well as regulations to ensure a risk-based identified minimum level of cybersecurity protection of all products with digital elements available in the market, such as the upcoming European Union Cyber Resilience Act.

ACEM, the European association of motorcycle manufacturers, said: “We are thrilled to share a landmark achievement for the motorcycle industry. The agreement adopted at UNECE (Working Party on Automated/Autonomous and Connected Vehicles) recognizes the importance of robust cybersecurity measures in a more digitalized world. This regulatory extension reflects a collaborative effort in the industry, underscoring a shared commitment to rider safety and the ongoing advancement of two-wheeled vehicles. Furthermore, UNECE´s positive step aligns with global regulatory trends while setting a precedent for future advancements in the field, offering same level of cybersecurity protection for cars and motorcycles. This decision represents a testament to our commitment towards increased safety for riders and the progressive evolution of two, three and four-wheeled vehicles included in L-category. As the industry advances in line with digitalisation, our association remains at the forefront, ensuring that every technological stride is matched with appropriate safety and security standards.”

Written by Wim Taal

Sources: UNECE, NHTSA & ACEM

Top illustration by Wim Taal (AI)

This article is subject to FEMA’s copyright