Bentley and MHP collaborate to establish robust Cybersecurity and Software Update Management Systems

In the age of connected vehicles and increasing cyber threat, it is vital for OEMs to demonstrate they have robust processes and systems in place to protect vehicles and individuals interacting with them. The UNECE regulations strive to thoroughly address this issue: as of July 2024, OEMs must adhere to these regulations in order to sell any vehicle and product within its 56 member states.

Notably, the key regulations include R155, which centres on cybersecurity; and R156, which focuses on software updates. In addition to achieving compliance, OEMs are required to introduce the necessary related supporting management systems across their organisations to maintain compliance. What is more, they have to also have them audited by a technical service in order to sell any vehicles in UNECE regions.

MHP Consulting UK and Bentley Motors have therefore collaborated together to establish robust Cybersecurity and Software Update Management Systems (CSMS & SUMS) for the Bentley landscape, achieving compliance with the UNECE (United Nations Economic Commission for Europe) World Forum for Harmonization of Vehicle Regulations (WP.29). Bentley achieved its certification with zero non-conformities for this project, spanning approximately 24 months.

Phase 1: Cybersecurity & Software Update Management Systems (CSMS & SUMS)

During the initial phase of this working relationship, Bentley and MHP Consulting UK were proactive and engaged with a technical service to enable it to develop the appropriate concepts and processes that would align with the UNECE requirements, reinforcing Bentley’s strategic direction and regulatory compliance. Therefore, the nature of this joint work and collaboration resulted in Bentley concentrating on communicating with the external auditors and members of the authorities. MHP Consulting UK captured the key actions, points and behaviours related to the initiative. The successful audit preparation consisted of:

Sophisticated audit strategy development – executing a thorough “dress rehearsal”

Successful integration of requirements in new and existing processes and their implementation

Successful adaption of group-wide policies and processes (e.g. ISO21434 / R155/156)

High process maturity in consideration of ISO21434

Successful onboarding of CSMS/SUMS relevant IT tools

High managerial commitment

Well-structured governance ensured that policies and practices were well-defined and aligned with industry standards. As a result, the Certification Audit was achieved with zero non-conformities.

Phase 2: Operationalisation and execution of Phase 1

Phase 2 of this project involved operationalising, executing and running Bentley’s customised CSMS/SUMS management system, none of which would have been possible without the solid foundation established in Phase 1 – as this foundation enabled the programme to deliver a successful first Surveillance Audit. Phase 2 accomplished the following:

A strong programme governance structure

Extensive surveillance audit preparation

Collected concrete evidence about the process operationalisation

Worked closely and in a cross-functional manner with the business

Demonstration of running CSMS & SUMS relevant IT tools across the business

The use of innovative programme management tools in the business has also enabled strong and transparent programme management during this initiative. The cybersecurity (CS) culture within Bentley was enhanced, too, through Awareness & Communication campaigns (e.g. CS Tech Talks & Monthly Reports). This approach strategically prepared the business for a sustainable integration of CSMS & SUMS deeper into Bentley’s business-as-usual operations.

Bodo Philipp, CEO MHP Consulting UK, says: “Achieving UNECE compliance is crucial for an OEM’s market access, and can therefore mean a bottom-line impact of millions, even billions, depending on the brand. It is key for OEMs to work with proven experts that can help them to navigate the regulatory landscape successfully – especially as the industry becomes more and more dependent on data, internet access and connected services.” He adds: “Our teams have done incredibly successful transformative work together. They’ve led the charge on this initiative, and have set new standards within Bentley – a fantastic achievement. Well done!”

For more information visit: mhp.com

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Bentley and MHP collaborate to establish robust Cybersecurity and Software Update Management Systems

Related Posts

SYS Systems claims ‘Number 1 Partner Status’ for Stratasys following 20% increase in hardware sales

Equitus secures UK office approved for UK defence projects

NORD recommends drives for funding programme

RS augments its RS Think Hub digital platform with additional functionality

Digital Issue