Abstract: Achieving UN R155/R156 compliance in an AGL-based SDV requires more than just a secure kernel; it demands a hardened supply chain. This talk contrasts two real-world engagements to illustrate the journey from "Technical Debt" to "Type Approval."

First, we present anonymized Gap Analysis findings from a mass-production Automotive SoC BSP (Vendor A), revealing the hidden compliance blockers common in vendor-supplied Yocto layers—specifically massive out-of-tree kernel code, legacy TEE versions, and missing rollback counters.

Second, we showcase a success story (Project B) where we delivered a fully hardened, R155-compliant security architecture for a 5G Telematics Unit. We will detail the specific OP-TEE implementations used to close the gaps found in standard BSPs, including:

V2X Hardening: Implementing TLS with Mutual Authentication.
Data Privacy: Using Secure Storage with granular access control to protect Vehicle IDs and User Privacy.
Forensics: Building a tamper-resistant security incident logging system for R155 auditability.

Takeaway: A "Before & After" architectural blueprint for transforming a standard Vendor BSP into a compliant AGL product.