Krav til typegodkjenning av kjøretøy i klasse L: endringsbestemmelser om beskyttelse mot cyberangrep

Krav til typegodkjenning av kjøretøy i klasse L: endringsbestemmelser om beskyttelse mot cyberangrep

Delegert kommisjonsforordning (EU) 2025/1455 av 23. juli 2025 om endring av delegert forordning (EU) nr. 44/2014 med hensyn til fastsettelse av tekniske krav og testprosedyrer for beskyttelse av kjøretøy i klasse L mot cyberangrep

Commission Delegated Regulation (EU) 2025/1455 of 23 July 2025 amending Delegated Regulation (EU) No 44/2014 as regards laying down technical requirements and testing procedures regarding the protection of L-category vehicles against cyberattacks
Transport

Kommisjonsforordning publisert i EU-tidende 29.10.2025

Tidligere

  • Utkast til forordning lagt fram av Kommisjonen 5.5.2025 med tilbakemeldingsfrist 2.6.2025
  • Utkast til delegert kommisjonsforordning sendt til Europaparlamentet og Rådet for klarering 23.7.2025

Bakgrunn

(fra kommisjonsforordningen)

(1) The scope of UN Regulation No 155 on cyber security and cyber security management system has been extended to include rules on cybersecurity for Lcategory vehicles (two- and three-wheel vehicles and quadricycles). To make UN Regulation No 155 applicable to L-category vehicles within the Union, it is necessary to include a reference to it in Commission Delegated Regulation (EU) No 44/2014. 

(2) L1e category vehicles designed to pedal referred to in Article 3, point (94)(b), of Regulation (EU) No 168/2013 and pedal cycles with pedal assistance exempted from the application of Regulation (EU) No 168/2013 under its Article 2(2), point (h), are not technically different from a cybersecurity perspective. The latter cycles, representing the vast majority (97 % on average) of the product offer of the majority of bicycle manufacturers, would be subject to the cybersecurity requirements laid down in the Regulation (EU) 2024/2847 of the European Parliament and of the Council, whereas the former cycles, representing only a minority (3 % on average) of the product offer of most bicycle manufacturers, would be subject to the cybersecurity requirements of the UN Regulation No 155. Bicycle manufacturers producing electrically assisted bicycles with digital elements are often involved in the production of both pedal cycles with pedal assistance as defined under the exception clause of Article 2(2), point (h), of Regulation (EU) No 168/2013 and L1e category vehicles designed to pedal referred to in Article 3, point (94)(b), of Regulation (EU) No 168/2013. Developing the compliance with a different set of cybersecurity requirements for only a minority segment of the total production would create a disproportionate administrative burden for bicycle manufacturers. For those reasons, it is appropriate to exclude L1e category vehicles designed to pedal referred to in Article 3, point (94)(b), of Regulation (EU) No 168/2013 from the scope of Delegated Regulation (EU) No 44/2014 as regards cyber security requirements set out therein. 

(3) As L1e category vehicles designed to pedal referred to in Article 3, point (94)(b), of Regulation (EU) No 168/2013 are subject to the requirements of Regulation (EU) 2024/2847 under Commission Delegated Regulation EU […./…..], it is appropriate to align the applicability of the requirements of UN Regulation No 155 with the date of application of Regulation (EU) 2024/2847. 

(4) Besides ensuring the compliance of new vehicle types, national authorities and manufacturers need additional time sufficient to ensure that also all existing vehicle types become compliant with the cybersecurity rules under UN Regulation No 155. 

(5) Delegated Regulation (EU) No 44/2014 should therefore be amended accordingly,

Progresjon
  1. EU-forslag
  2. EU-forslag vedtatt og publisert
    EØS/EFTA-landene vurderer EØS-relevans og -innlemmelse
  3. EØS/EFTA og EU diskuterer
  4. EØS-komitebeslutning vedtatt
  5. Ferdigbehandlet