SERMI Information for Vehicle Manufacturers

image

Trust Center

As the official Trust Center (TC) for SERMI, Digidentity is responsible for providing Conformity Assessment Bodies with the necessary tools fulfil their duties and responsibilities within the SERMI Scheme. This includes providing and managing of the digital certificates and authorisation status of the IO employees and for providing to the CAB the necessary tools/software to invite the authorised IOs/RSSs and IO/RSS employees to create security tokens and digital certificates.

About SERMI

SERMI is the scheme for accreditation, approval and authorisation to Access Security-related Repair and Maintenance Information (RMI). This scheme ensures secure access to vehicle manufacturers’ data for independent operators, remote service suppliers, and their respective employers.

How to onboard

Onboarding Guidance

A vehicle manufacturer must schedule a meeting with Digidentity Customer Success. This meeting serves as the first point of contact where customer success representatives provide onboarding information and outline the necessary procedures to go live.

Customer Success email: sermi@digidentity.com

Availability: Monday – Friday 09:00 – 17:00 (CET)

Contracts

After initial contact with Customer Success, Digidentity will provide a non-disclosure agreement (NDA) and a commercial contract for signature. The NDA must be signed and delivered to Digidentity to proceed to the next stage of technical implementation.

Technical Implementation

After receiving a signed NDA, Digidentity will provide technical documentation and pre-production credentials to the vehicle manufacturer. This will allow the vehicle manufacturer to connect to the trust center. For more information, please see our technical documentation.

User Acceptance Test

Upon completion of the technical integration, a User Acceptance Test (UAT) will be scheduled. During this UAT, the vehicle manufacturer will be asked to execute a series of test scenarios to verify the success of the integration. Once successfully completed, Digidentity will provide production credentials to the vehicle manufacturer.

Go Live

After receiving production credentials, a vehicle manufacturer can move to production. This is provided all other conditions have been met, including a successful UAT and that a signed contract is in place. Once live, independent operator and remote service supplier employees can access a vehicle manufacturer's secure portal with their SERMI certificate.

Our technical documentation provides step-by-step guidance on how to connect with Digidentity for SERMI. We recommend regularly checking the change log to stay informed of any updates.

Technical documentation

Change log

Relevant information for Vehicle Manufacturers

SERMI VM Service Description

SERMI VM Service Level Agreement

SERMI VM Terms of Service

SERMI VM General Terms and Conditions

Videos

SERMI VM Login

Frequently Asked Questions

What is SERMI?

SERMI is the scheme for accreditation, approval and authorisation to Access Security-related Repair and Maintenance Information (RMI). This scheme ensures secure access to vehicle manufacturers’ data for independent operators, remote service suppliers, and their respective employees.

Who can use the SERMI scheme to gain access to security related RMI? 

SERMI is for independent operators, remote service suppliers and their respective employees.

How can Independent Operators login to SERMI?

IO’s wishing to receive security-related RMI shall obtain an approval inspection certificate from a CAB accredited by the NAB of the Member State where the IO is established. IO employees who are to handle security-related RMI shall obtain an authorisations inspection certificate from a CAB of the Member State where the IO employee resides. To see which CAB’s have been accredited by the NAB of a Member State go to vehiclesermi.eu

How can you login or get access to SERMI through a Remote Service Supplier?

Both Remote Service Suppliers and Independent Operators will need to get approval via their national Conformity Assessment Body (CAB), their employees will also need authorisation from a CAB. After notification, the Trust Centre (Digidentity) will issue certificates and security tokens which will be distributed by the CAB to the Remote Service Supplier and the Independent Operator.

What is ‘security related maintenance and repair information’ or security related RMI’?

As shown in regulation (EU) 2021/12: ​‘Security-related repair and maintenance information’ or ‘security-related RMI’ shall mean the information, software, functions and services required to repair and maintain the features that are included in a vehicle by the manufacturer to prevent the vehicle from being stolen or driven away and to enable the vehicle to be tracked and recovered.

What is the role of the SERMI ‘Trust Centre’ or ‘TC’?

As the body designated by SERMI and approved by the European Commission, Digidentity is responsible for: (A) managing the digital certificates and authorisation status of the IO employees and for providing to the CAB the necessary security tokens and digital certificates for authorised IO employees; (B) providing a vehicle manufacturer with information regarding the authorisation status of an IO employee.