My Portal
My Portal
Global | EN

Consumer products and retail

Your regular update on technical and industry developments

China: Implements vehicle cybersecurity technical requirements - Standard GB 44495-2024

January 2026 - Electrical & Electronics

In force (since 1 January 2026)

On 23 August 2024, the State Administration for Market Regulation (SAMR) and the Standardization Administration of China (SAC) released GB 44495-2024, which sets out the technical requirements for vehicle cybersecurity.

The standard defines requirements for vehicle cybersecurity management systems, technical cybersecurity measures, risk assessment, as well as inspection, testing, and verification methods. It applies to Class M, N, and O vehicles that are equipped with at least one electronic control unit (ECU).

Under the standard, manufacturers are required to establish and maintain vehicle cybersecurity management systems throughout the vehicle lifecycle and development stages. Key obligations include:

  • Establishing internal vehicle cybersecurity management processes;
  • Developing and maintaining plans to identify, assess, classify, and mitigate vehicle cybersecurity risks, with risk assessments kept up to date;
  • Performing vehicle cybersecurity testing;
  • Assigning responsibilities for monitoring, handling, and reporting vulnerabilities and cyber threats affecting vehicles; and
  • Managing vehicle cybersecurity across enterprises and relevant subcontracting entities, including suppliers, service providers, and vehicle manufacturers.

From the effective date, all new type approval applications must comply with this standard. Vehicles that have already obtained type approval are required to implement the standard’s requirements from 1 January 2028.

Annex A sets out the test and verification methods for external vehicle connection security requirements, vehicle communication system security requirements, vehicle software security requirements, and vehicle data code security requirements.

The standard entered into force on 1 January 2026. An online preview is available via the official standards platform, while the full text must be purchased separately through the authorized standards distribution channel.

Publication reference:

[1] Technical requirements for automobile information security



How does this impact you and your business?

Contact us to discuss.

TÜV SÜD has dedicated experts to assist you in the development of consumer products and meeting applicable regulations. Through a global network of laboratories, TÜV SÜD offers a wide range of services that includes chemical tests, physical or mechanical tests as well as inspections to ensure the compliance of your products in target markets. 

For enquiries, please contact us at [email protected]