UNECE WP.29 Gap Analysis

Cybersecurity Risk and Mitigation Assessment


The new UNECE WP.29 regulation R155 for CSMS (Cyber Security Management System) has been adopted by UNECE’s World Forum for Harmonization of Vehicle Regulations.

To help OEMs and automotive suppliers understand and assess the risks associated with connected vehicles, the regulation lists (in Annex 5) 69 different attack routes due to 7 different cyber threats and vulnerabilities. To aid in the management of said risks, the regulation also offers 23 cybersecurity mitigations with the potential to secure a vehicle and its components against these threats.

With this tool, you can better understand your organization’s weak spots based on the risk assessment and correlating mitigation demands in the WP.29 regulation. Upstream’s gap analysis assessment will enable you to see where you stand in regard to regulatory compliance and offer a quick overview of areas that may need more attention.


Japanese version is available




Get Started