[DoCAN] Vehicle Diagnostic Communication Part 53 [UDS 14]

[DoCAN] Vehicle Diagnostic Communication Part 53 [UDS 14] 車両診断通信
[DoCAN] Vehicle Diagnostic Communication Part 53 [UDS 14]

Click here for back issues.
https://www.simulationroom999.com/blog/diagnostic-communication-en-back-issue/

Introduction.

Explanation of ISO 14229, the UDS.
In this article, the basic flow of the SecurityAccess service will be explained.

Basic flow of SecurityAccess service

This is the time to explain the basic flow of the SecurityAccess service.
I really wanted to do this last time, but the discussion of the security culture of vehicle diagnostic communication became quite voluminous, so I decided to do it this time.

As some of you may have noticed, the basic flow is as follows.

(1) Transition to extendedDiagnosticSession by DiagnosticSessionControl service.
(2) SecurityAccess service: RequestSeed to obtain a Seed
(3) SecurityAccess service: sendKey to send Key

Basic flow of SecurityAccess service (actual message)

The actual message of SecurityAccess service is described following with comments.

Req: 0x10 0x03	// Transition request to extendedDiagnosticSession
Res: 0x50 0x03 0x03 0xE8 0x13 0x88	// P2 time: 1 second, P2* time: 5 seconds
Req: 0x27 0x01	// SecurityAccess requestSeed Level1
Res: 0x67 0x01 0x12 0x34	// Seed = 0x1234
Req:0x27 0x02 0x56 0x78	// SecurityAccessサービス sendKey Level1 Key=0x5678
Res: 0x67 0x02

Incidentally, from the Seed, both the off-board tester and the ECU generate a Key through a common hash function.
If the keys match, the security is unlocked.

Here, “requestSeed Level 1” may be of interest.
There is a security level in the security of vehicle diagnostic communication.
I explained that the sub-functions of the SecurityAccess service are requestSeed for odd numbers and sendKey for even numbers.
The security levels associated with the sub-functions are as follows.

0x01 and 0x02 are Level 1 in pairs.
0x03 and 0x04 are Level2 in pairs

0x21 and 0x22 are Level17 in a pair

Although the higher Level is positioned as a higher level, in reality, it depends on the manufacturer’s concept.
Basically, the higher Level encompasses the lower Level, but this is not always the case.

The services that can be used vary depending on the Level.
Strictly speaking, the resources that can be used.
The resources referred to here are as follows.

  • Service
  • DID

In other words, it is possible to create a configuration in which only certain DIDs in Serivce$22 can be used unless they are unlocked.
Since I have not yet explained Serivce$22 and DIDs, you may not understand, but it will be OK if you understand them later.

Conclusion

  • Explain the basic flow of the SecurityAccess service.
  • Explain the actual messages in the basic flow of the SecurityAccess service.
  • Security is applied to resources.
    • Service.
    • DID.

Click here for back issues.

コメント

タイトルとURLをコピーしました