OpenConsultation consultationoutcome

GB type approval scheme: cyber-security and software update requirements

From:
Department for Transport
Published
26 February 2025
Last updated
16 September 2025 See all updates
This consultation has concluded

Read the full outcome

GB type approval scheme: cyber-security and software update requirements government response

HTML

Detail of outcome

Following review of the feedback to this consultation, the department will continue with mandating the UN regulations on cyber-security and software updates within the GB type approval scheme. We have decided to incorporate revisions to the implementation dates to allow more time for the automotive industry to comply, while maintaining an accelerated implementation for GB to mandate these important requirements.

The department’s revised proposal also provides additional time for multi-stage manufacturers to comply to ease the impact on GB manufacturers.

The revised proposal is detailed in the consultation outcome, which includes a summary of responses and next steps the government intends to take.

The amended dates for compliance with UN Regulation No. 155 on cyber-security (R.155) and UN Regulation No. 156 on software updates (R.156) are given below.

Registration typeRevised date of effect for R.155 Revised date of effect for R.156
New GB vehicle types (excluding completed vehicles)1 June 20261 June 2026
Complete and incomplete vehicles1 June 20271 June 2027
Completed vehicles1 June 20287 July 2029
Special purpose vehicles7 July 20297 July 2029

Original consultation

Summary

Seeks views on proposals to mandate approval of vehicles to 2 internationally recognised technical regulations under the GB type approval scheme.

This consultation closesran atfrom
to

Consultation description

This consultation seeks views on our proposal to mandate approval to 2 internationally recognised technical regulations under the GB type approval scheme. They are:

  • UN Regulation No. 155 on cyber-security and cyber security management systems
  • UN Regulation No. 156 on software updates and software update management systems

Under these proposals, we intend to:

  • make the approval mandatory for specific vehicle categories produced in unlimited and medium series under the GB type approval framework
  • outline the transitional arrangements for new vehicle types and registrations – this will ensure manufacturers have time to adapt processes to comply
  • introduce exemptions that reduce the administrative burden on manufacturers

The proposal will ensure robust processes are in place for manufacturers to manage cyber-security threats and safely deploy software updates for new vehicles that enter the GB market.

We are also seeking views on extending the application of the technical requirements to other vehicle categories and introducing additional enforcement measures for vehicles in service.

Documents

GB type approval scheme: cyber-security and software update requirements

HTML

Ways to respond

Respond online

or

Complete a response form and either

Email to:

ivs.consult@dft.gov.uk

Write to:

International Vehicle Standards
Department for Transport
3rd Floor, Great Minster House
London, SW1P 4DR

Updates to this page

Published 26 February 2025
Last updated 16 September 2025 href="#full-history">+ show all updates

  1. The department will continue with mandating the UN regulations on cyber-security and software updates within the GB type approval scheme, as outlined in the consultation outcome.

  2. First published.

Sign up for emails or print this page