Securing your future

Securing your future

The RMI’s announcement that its Retail Motor Industry Standards and Certification (RMISC) division has been granted accreditation by the UK Accreditation Service (UKAS) to inspect motor industry businesses against the PAS 125 Bodyshop standard may have only made a brief blip on the radar of independent garages, but it has the potential to represent a major breakthrough in the IAM’s quest to gain access to critical VM data going forwards.

The process has been long, and at times arduous, but this recent development represents the latest significant step on the ladder of future prosperity for service and repair technicians, as Stuart James, RMI IGA Director explains: “In November 2010 we submitted an application to the UK Accreditation Service (UKAS) to be able to become a standards and certification body, in line with the standard EN45011. In short, this standard will allow us to inspect and certify against publicly available standards.

“Our intention from the outset was always to try and produce a set-up that will allow garages to access manufacturer’s security technical information, in line with European legislation. That was three years ago now, and we’ve been working on the plan ever since. For various reasons the security legislation has continued to be deferred and, at the time of speaking, the security standard has yet to be released by the authorising body in the EU.

“To assist with this process, we decided to set the certification business up using an already existing standard and PAS 125 – the standard that insurers insist bodyshops meet in order to satisfy work provider requirements – was the one we settled on. We’ve had a lot of experience of this particular standard through our bodyshop division, and have supported a lot of bodyshops with consulting.

“The accreditation will now allow RMISC to deliver against the PAS 125 requirements, ensuring a business’ processes and way of working is absolutely correct. In reality this is also a means to an end in the journey to gaining full accreditation.”

The first of its kind
How long it is before security technical information accreditation is forthcoming is still unknown, but if and when it is granted then the RMISC stands to become the first organisation in Europe to provide garages with access to such data.

Stuart says: “Now this hurdle has been removed we can concentrate fully on the security side of things to ensure it happens at the earliest opportunity and we’ll be working with UKAS to secure that. Fingers crossed, we may see some major progress this year.

“In the background we’ve been quietly producing a security standard in parallel with the UKAS application which would involve the appropriate audits of businesses that wish to have access to the VM security technical data in question.

“It has to be appreciated that the type of data and systems that garages could potentially have available to them is likely to be associated with key vehicle safety systems so therefore it is vitally important that the business in question has the appropriate standards in place for this data to be used responsibly, mainly because of the driver safety concerns that come with such access.

“The audit would involve CRB checks for the owner of the business and general business checks to assess whether that garage has a genuine need to access that information. We’ll also require proof of activity in the business and the technicians working in the company will undertake a CRB check as well as having to provide evidence to prove that they can undertake this type of work safely and responsibly.”

The current standing
“Normal, non-security VM data is available to all on equal terms, yet there are still some difficulties in getting that information, mainly because of some VMs’ reluctance to make this forthcoming. As proof, there was a big study carried out at the end of 2011 by our colleagues in Holland, Bovag, using the PassThru system to access data from 17 VMs. All 17 were shown to be noncompliant. That is the scale of what we’re up against,” says Stuart.

“With the security element we have to be absolutely confident that accredited garages are rigorously checked and genuinely want it for the right reasons. As far as the argument that this could leave data open to criminal exploitation (as has been cited in some recent car theft reports), the issue lies outside of anything to do with the Euro Five legislation so I’m confident there shouldn’t be any problems with that.”

He continues: “The security data, as things stand today, is a small part of the information that a service/repair professional needs to access. As time goes on, we don’t know how much more information is going to be stored in electronic control units that have a security element to them, therefore making them inaccessible.”

How will garages access data?
According to the RMISC, any individual that is awarded accreditation will likely be given a certificate key (in the form of a USB chip) and a unique pin number that only they’ll be licensed to use. This closes the door on those businesses that think they can accredit one individual and then share the password out to the rest of the staff. Utilising the PassThru system (by use of a J2534 modem) the technician can access the manufacturer’s server – via the internet and at a cost – to download the information they need.

Equally, for those who are concerned that the whole process could entail a heavy expense, Stuart has some more good news. He says: “The RMISC is a subsidiary of the RMI but it is also run as a totally separate company. It’s been set up to give something back to the motor industry, so in that respect it can work as a low margin business, meaning standards that have previously been price prohibitive to many in the industry will now be available at a lower cost.

“The UK motor industry, regardless of whether the business is an RMI member or not, will benefit and this accreditation will help us to assist reputable garages across the UK in accessing this all important information in a tightly controlled and cost-effective way.”

In concluding, Stuart states: “European legislation dictates that a non-franchised garage can work on a one to three-year-old car without invalidating the warranty. More commonly, these garages will require specific access to the information required be able to repair that car, or even utilise flash downloads. This is a major issue and one that we hope we’re on the cusp of finding a solution for.”

Related posts