LG Electronics announced that its Hai Phong manufacturing plant in Vietnam — the company’s largest production hub for vehicle components — has been awarded Cyber Security Management System (CSMS) Level 3 certification by TÜV Rheinland. The certification ceremony took place on August 19 at the Hai Phong site, marking a significant validation of LG’s factory-level cybersecurity controls for automotive production.
Scope of Certification and Why CSMS Level 3 Certification Matters
CSMS Level 3 Certification assesses whether cybersecurity processes are systematically applied across the full lifecycle of vehicles and automotive components. That includes planning and development, production, operation and post-production management. According to TÜV Rheinland’s framework, Level 3 reflects mature, organization-wide cybersecurity practices embedded in both administrative and manufacturing processes.
Hai Phong is the first facility, among TÜV Rheinland-certified cases worldwide, to receive both CSMS Level 2 and CSMS Level 3 Certification simultaneously. The dual recognition extends earlier Level 3 certification that LG Vehicle Solution (VS) Company had obtained for its management system. With this plant-level approval, LG confirms that cybersecurity controls are being applied not only at corporate level but also on the factory floor where components are mass produced.
Production Role of Hai Phong and the Practical Reach of CSMS Level 3 Certification
As LG VS Company’s largest vehicle component manufacturing site, Hai Phong supplies the bulk of components delivered to major global automakers. The plant produces items such as head units, displays, connectivity modules, ADAS vision systems and other vehicle electronics that increasingly rely on software. Establishing CSMS Level 3 Certification at this site demonstrates that cybersecurity governance is now part of the mass-production process for critical vehicle components.
The certification covers both IT and operational technology processes. In practice, that means cybersecurity measures are tested across systems that design products, manage supply chains, and control production lines. For automakers that source components from Hai Phong, the certification provides an independent assurance that those parts are produced under standardized cybersecurity practices.
Regulatory Context: UNECE R155 and Industry Standards
The certification comes amid expanding global regulatory scrutiny of automotive cybersecurity. The UNECE R155 regulation, implemented in 2021 and adopted by the European Union and 56 countries across Asia, Oceania and Africa, requires that vehicles be backed by a certified CSMS before entering those markets. Since July 2024, only vehicles meeting this requirement have been allowed in the participating jurisdictions. The United States and China are also tightening automotive cybersecurity rules, increasing supplier obligations.
LG has already moved to meet related standards. In 2024 the company earned Automotive SPICE for Cybersecurity certification — a standard used by European OEMs to evaluate cybersecurity and software reliability in supplier ecosystems. Major U.S. automakers are adopting Automotive SPICE for supplier assessments, reinforcing the commercial importance of factory-level cybersecurity certifications such as CSMS Level 3 Certification.
Corporate Progress, Recognition and Next Steps
LG says it has steadily expanded cybersecurity across LG VS Company. The organization achieved CSMS Level 2 certification in 2023 and Level 3 certification last year at the corporate management level. With Hai Phong now awarded CSMS Level 3 Certification for the facility itself, LG plans to pursue certification for additional manufacturing locations.
In announcing the milestone, Eun Seok-hyun, president of LG VS Company, said:
“Internationally recognized cybersecurity certifications such as CSMS Level 3 strengthen our position as a trusted partner to global automakers. Through an unmatched commitment to security and quality, LG will continue to enhance its leadership in the automotive components market.”
The company views the dual factory and corporate certifications as reinforcing its market position and enabling compliance with regional vehicle-entry rules. LG also points to its broader mobility portfolio — including head units, displays, connectivity, ADAS vision systems, software solutions, lighting systems, e-powertrain components and cybersecurity offerings — as part of its effort to support software-defined vehicles (SDVs).
Industry Implications and Manufacturing Cybersecurity
The move highlights a broader shift in the automotive supply chain. As vehicles become software-defined, cybersecurity during manufacturing becomes a critical element of product safety and regulatory compliance. Suppliers that can show factory-level CSMS Level 3 Certification are better placed to meet automakers’ technical and contractual security demands.
LG’s certification at Hai Phong may influence procurement and supplier-evaluation practices, particularly in regulated markets that enforce UNECE R155 and similar rules. For automakers, component suppliers with CSMS Level 3 Certification offer documented cybersecurity processes across development and production stages.
About LG Vehicle Solution Company
LG Vehicle Solution Company supplies intelligent mobility components and software for modern vehicles. Its portfolio covers in-vehicle infotainment, connectivity, advanced driver-assistance systems, and related software and hardware for software-defined vehicles. LG has also expanded into automotive lighting, e-powertrain solutions and cybersecurity services aimed at meeting growing industry demands.
