Articles - Archive

Sermi, is it the end of a long story?



It was back in 2008 when the European Commission decided to regulate access to vehicle security data, in this case anti-theft data, so as to allow independent operators to operate competitively and guarantee the fulfillment of the Euro 5/6 Regulations (715/2007 and 692/2008)

Massimo Brunamonti

It was back in 2008 when the European Commission decided to regulate access to vehicle security data, in this case anti-theft data, so as to allow independent operators to operate competitively and guarantee the fulfillment of the Euro 5/6 Regulations (715/2007 and 692/2008). The decision was taken to set up a 'Security Forum' and define a process to guarantee free access to vehicle anti-theft data also to aftermarket specialists. Within a year, at the end of 2009, the Forum introduced Sermi, a scheme whereby any car repairer could be accredited by a conformity assessment body (Cab) (Accredia in Italy) by submitting a professional qualification along with a clean criminal record to obtain an 'access certificate', issued by an independent trust centre, along with the key duplicate codes of any nature and type. Finally! One might say. Well, not quite. What happened instead was that a whole series of argumentations, of various kinds, were added to the Forum's proposal in an apparently praiseworthy attempt to broaden the scope of the scheme, but with the result that in the end everything came to a standstill. Requests were made such as protection against tampering with anti-pollution systems, the removal of the Fap filter, and protection for IT security, which some thought could be solved by using the Sermi, suitably adapted for the purpose. But the Sermi protocol alone, due to its very nature, is hardly suitable to meet all these requirements unless someone addresses a much broader and in part still undefined legislative framework. The consequence of all this was that the sector missed out on the simple yet positive steps forward that the original Sermi would have introduced anyway. In conclusion, more than 10 years have passed and we are still going nowhere. However, it is a common sentiment that the need for the Sermi protocol is increasingly pressing; just think of the new mobility standards that are emerging: shared mobility is based on independent service providers operating fleets of multi-brand vehicles, for which access to diagnostic, repair and maintenance data is vital. How can such a scenario become a reality without a qualified independent multi-brand repair shop? How can such fleets constitute a consumer-friendly, advantageous proposition without a competitive aftermarket? The European Commission, seeing the need to make up for lost time, finally presented the official proposal for the adoption of the Sermi protocol in April 2019. The independent aftermarket was delighted with the news, as this would represent a cornerstone for free access to technical data; unfortunately though, there are still many problems, and all of them, as it happens, are linked to how and who will manage or influence the issuing of access certificates, which apparently appeal to many. Some have even gone so far as to propose imposing a burden of proof of correct conduct on vehicle repairers, under penalty of exclusion from access, thus introducing a presumption of guilt to an entire sector that is as virtuous as any other in terms of qualifications and professionalism. Then comes another pressing problem, that of access to vehicle Obd ports. Many manufacturers, in the name of cyber-security, are making Obd access arbitrarily expensive and potentially controlled and discretionary, with the introduction of their own access codes and management systems. A functioning Sermi protocol would, due to its nature, be the automatic solution to the problem. The European alliance of independent operators (Afcar), which represents the entire sector including Egea, is quite right to push for a prompt adoption of Sermi as it stands, and then develop it towards new requirements when the overall legal framework allows it. For example: the suspension of access authorisations following unlawful activity. One does not need to be a legal expert to understand that in order to define such a concept of legitimacy, it is necessary to take into account the whole European legal framework as well as that of each Member States in order to create a coherent, harmonised standard that can be adopted throughout the EU. The same applies to IT security: it is first necessary to first finalise and adopt the Unece protocol as a European standard in order to be able to adapt Sermi accordingly. We all know, says Afcar, that the Sermi as it stands will require expansion, but now is the time, after waiting for more than 10 years, to implement what we have and then work on future developments. An operational Sermi could easily be extended to include certifications for access to the Obd port and qualification to work on anti-pollution or IT systems. Therefore, seeing that the Commission in the final stages of adopting the Annex X of Regulation 858, now is the time to act, to provide the industry with a vital tool to guarantee innovative services and fair competition. The whole world views Italian and European equipment manufacturers as models of innovation and competitiveness making them global market leaders. By the same token, EU citizens, through their growing preference, are awarding independent car repairers the prize of being the best and most competitive suppliers of quality services. We hope that Brussels, which is usually attentive to these issues, will soon confirm its intentions to protect a sector that is as vital as it is strategic for the EU economy as a whole.

back to archive