Commercial AV Deployment Has Started. Independent Security Assurance Cannot Wait

Commercial Autonomous Vehicles pilots in spring 2026. UN R155 mandatory for new vehicle types: January 2026. Securlab is available now before the queue forms.

UN R155 is already mandatory. Commercial pilots have started. The vendors with independent assurance are the ones fleet operators and insurers will look at first.

Commercial self-driving vehicle pilots begin on England's roads in Spring 2026. UN R155 cybersecurity compliance is mandatory for new vehicle types from January 2026. The technology vendors supplying these vehicles need independent assurance of their security posture.

In Autonomous Vehicles, a cybersecurity failure is also a safety failure.

A compromised OTA update, a manipulated sensor feed, an attack on a fleet management platform these are not IT incidents. They affect passengers, pedestrians, and public safety. Regulators, insurers, and fleet operators are requiring independent evidence of cybersecurity posture. Vendor self-assessment is not sufficient.

What your clients are asking

Before we deploy your technology in our vehicles, we need independent evidence of its cybersecurity posture. What can you provide?

Fleet operators, enterprise mobility buyers, and government transport authorities are asking this question as commercial deployment begins. Independent CRTF assessment provides the structured, credible output they are looking for.

What Our Product Assessment Covers

Vehicle Control Security

Software stack integrity

Control system assurance

OTA Update Mechanism

Update pathway security

Version integrity controls

Sensor & Data Integrity

Input validation

Data manipulation resistance

Fleet Management Platform

Backend security

API controls

Access management

V2X and Connectivity

Communication security

Infrastructure interface risk

Supply Chain Assurance

Component provenance

Third-party software risk

The Timeline You Need to Know

Jan 2026

UN R155 mandatory for all new vehicle types in GB type approval.

Spring 2026

Commercial AV pilots begin on England's roads without safety drivers.

2026–27

Secondary legislation under the Automated Vehicles Act finalises supply chain security obligations.

Jan 2028

UN R155 effective for all vehicles. Full cybersecurity management system required.

WHY SECURLAB?

FULL ACCREDITATION STACK

ISO 17020 (Pending) | ISO 27001 | ISO 9001 | CE+

The most comprehensive assurance credential set available from an independent specialist.

INDEPENDENT

We do not consult for the clients we assess.

Our output is credible because our independence is structural, not claimed.

NCSC-LISTED CRTF

One of the only independent specialist CRTFs in the UK.

Listed on the NCSC website — the credential procurement teams recognise.

FASTER AND CLEARER

Workflow platform reduces delivery time without reducing quality.

You know what we are assessing, what evidence we need, and what the output will look like.

FAQs