SERMI Information for Conformity Assessment Bodies
Trust Center
As the official Trust Center (TC) for SERMI, Digidentity is responsible for providing Conformity Assessment Bodies with the necessary tools fulfil their duties and responsibilities within the SERMI Scheme. This includes providing digital certificates and technical tools to CABs to invite IO and RSS employees and to manage their authorisation status.
SERMI
SERMI is the scheme for accreditation, approval and authorisation to Access Security-related Repair and Maintenance Information (RMI). This scheme ensures secure access to vehicle manufacturers’ data for independent operators, remote service suppliers, and their respective employees.
How to Onboard
Accreditation
A conformity assessment body must first apply for accreditation at their National Accreditation Body (NAB) and for approval with the SERMI association. For more information, please visit the website of the SERMI Association
Onboarding Guidance
After applying for accreditation, a CAB can schedule a meeting with Digidentity Customer Success.
This meeting serves as the first point of contact where customer success representatives provide onboarding information and outline the necessary procedures to go live.
Our Customer Success department can be contacted on: sermi@digidentity.com
Availability: Monday – Friday 09:00 – 17:00 (CET).
Contracting
After initial contact with Customer Success, Digidentity will provide a non-disclosure agreement (NDA) and a commercial contract for signature.
The NDA must be signed and delivered to Digidentity to proceed to the next stage of technical implementation.
Technical Implementation
Upon receival of the NDA, Digidentity will provide SERMI API documentation and credentials to the CAB.
The SERMI APIs provide CABs with the ability to invite IO and RSS employees, and to manage their authorisation status.
For more information, please see our SERMI API documentation
User Acceptance Test
After completing technical integration, a user acceptance test (UAT) is scheduled with the CAB.
During the UAT, CABs will be requested to complete several test scenarios to ensure that the technical integration was successful and that a CAB is technically able to fulfill its duties and responsibilities within the SERMI Scheme.
Upon successful completion, Digidentity will share production credentials with the CAB.
Support Training
After user acceptance testing, Digidentity will organize a support training and information session with the CAB.
During this session, Digidentity will share crucial support information and procedures to ensure that a CAB can effectively provide technical support to IO and RSS employees.
Go Live
After the support training, a CAB is ready to move to production. This is provided all other conditions have been met, including a successful UAT and a signed contract.
Once live, a CAB can start inviting IO and RSS employees and managing their authorisation status.
Support
Technical support to Independent Operators (IOs), Remote Service Suppliers (RSSs) and their respective IO/RSS employees is shared between the Conformity Assessment Body (CAB) and Digidentity (TC).
• CABs provide first line support to IO’s/RSS’s and their employees. • Digidentity provides second line support to CABs.
The full support procedure is available in the documentation section below.
Documentation
Videos
Frequently Asked Questions
What is SERMI?
SERMI is the scheme for accreditation, approval and authorisation to Access Security-related Repair and Maintenance Information (RMI). This scheme ensures secure access to vehicle manufacturers’ data for independent operators, remote service suppliers, and their respective employees.
Who can use the SERMI scheme to gain access to security related RMI?
SERMI is for independent operators, remote service suppliers and their respective employees.
How can Independent Operators login to SERMI?
IO’s wishing to receive security-related RMI shall obtain an approval inspection certificate from a CAB accredited by the NAB of the Member State where the IO is established. IO employees who are to handle security-related RMI shall obtain an authorisations inspection certificate from a CAB of the Member State where the IO employee resides. To see which CAB’s have been accredited by the NAB of a Member State go to vehiclesermi.eu
How can you login or get access to SERMI through a Remote Service Supplier?
Both Remote Service Suppliers and Independent Operators will need to get approval via their national Conformity Assessment Body (CAB), their employees will also need authorisation from a CAB. After notification, the Trust Centre (Digidentity) will issue certificates and security tokens which will be distributed by the CAB to the Remote Service Supplier and the Independent Operator.
What is ‘security related maintenance and repair information’ or security related RMI’?
As shown in regulation (EU) 2021/12: ‘Security-related repair and maintenance information’ or ‘security-related RMI’ shall mean the information, software, functions and services required to repair and maintain the features that are included in a vehicle by the manufacturer to prevent the vehicle from being stolen or driven away and to enable the vehicle to be tracked and recovered.
What is the role of the SERMI ‘Trust Centre’ or ‘TC’?
As the body designated by SERMI and approved by the European Commission, Digidentity is responsible for: (A) managing the digital certificates and authorisation status of the IO employees and for providing to the CAB the necessary security tokens and digital certificates for authorised IO employees; (B) providing a vehicle manufacturer with information regarding the authorisation status of an IO employee.