UNECE R155 & R156: Why Software-Only Automotive Cybersecurity Is No Longer Enough

A Regulatory Shift: Cybersecurity Becomes a Lifecycle Obligation 

UNECE R155 and R156 have fundamentally changed automotive cybersecurity. Compliance is no longer limited to pre-production validation—it now extends across the entire vehicle lifecycle.

Manufacturers must demonstrate that their Cyber Security Management System (CSMS) covers development, production, and post-production phases, including continuous monitoring and incident response .

This means cybersecurity is no longer a one-time effort. It is an ongoing operational responsibility lasting over a decade.

The Limits of Software-Only Security and OTA Strategies 

To meet these requirements, many OEMs rely heavily on:

• Over-the-air (OTA) updates
• Software patching
• Cloud-based threat detection

However, this approach introduces structural weaknesses:

 1. Patch Dependency at Scale 

Continuous vulnerability discovery leads to:

• Increasing update frequency
• Rising validation costs
• Operational complexity

Over time, patching becomes unsustainable.

 2. Expanding Attack Surface

Modern vehicles are connected systems:

• Telematics and V2X
• Backend servers
• Charging infrastructure

Cybersecurity must cover the entire vehicle ecosystem, not isolated components .

Software alone cannot fully secure this distributed architecture.

 3. A 15-Year Lifecycle Mismatch

Vehicles remain in operation for 10–20 years, while:

• Software evolves rapidly
• Threats continuously change

This creates a long-term gap:
Security strategies degrade over time

What UNECE R155 Really Demands

R155 requires:

• Exhaustive risk identification (Annex 5 threats)
• Continuous risk assessment updates
• Deployment of proportionate mitigations
• Monitoring and reporting of cyber incidents

In practice, OEMs must prove that security remains effective throughout the vehicle’s life.

From Reactive Security to Built-In Trust

To address these challenges, the industry is shifting toward a new model:

Security by design, anchored in hardware

Instead of relying only on software defenses, OEMs are embedding hardware root of trust directly into vehicle architectures.

Hardware Root of Trust: The Foundation of Long-Term Compliance

 This is where hardware root of trust technologies become essential to ensure long-term compliance and resilience. It enables:

• Secure boot and firmware validation
• Protected key storage
• Hardware-based cryptography
• Strong device authentication

Key advantage:

✔ Reduces reliance on frequent OTA patches
✔ Protects against low-level attacks
✔ Provides long-term security guarantees

Beyond Compliance: Preparing for Future Threats 

R155 is only the beginning.

Future challenges include:

• Increasing EV connectivity (charging interfaces, V2G)
• Growing attack sophistication
• Emerging risks such as post-quantum cryptography

Organizations must move from reactive patching to proactive trust architectures.

Implementing these architectures often requires expertise in custom automotive ASIC design to integrate security directly at the silicon level. 

Executive Takeaways 

• R155 makes cybersecurity a lifecycle requirement
• Software-only approaches create long-term compliance risk
• OTA strategies alone are not scalable
• Hardware-rooted security is becoming critical
• Architecture decisions today define future compliance costs

Conclusion: Compliance Starts at the Silicon Level

UNECE R155 and R156 are not just regulatory constraints—they are redefining how vehicles must be secured.

The future belongs to architectures that are:

• Secure by design
• Resilient over time
• Independent from constant patching

Long-term compliance starts with trust embedded at the hardware level