Click here for back issues.
https://www.simulationroom999.com/blog/diagnostic-communication-en-back-issue/
Introduction.
Explanation of the AUTOSAR-Dcm simulation.
In this article, the simulation results of SecurityAccess will be explained.
SecurityAccess simulation results (message)
If you want to review SecurityAccess, refer to the following article.
Simulation results with comments are shown in the following.
Send msg : 2713 // Seed request in defaultSession (SecurityAccess service unsupported session)
Recv msg : 7f277f // NRC$7F(serviceNotSupportedInActiveSession)
Send msg : 1003 // Transition to extendDiagnosticSession
Recv msg : 5003003001f4 // P2 time=48[ms],P2*time=5000
Send msg : 2713deadbeef // wrong message length for Seed request
Recv msg : 7f2713 // NRC$13(incorrectMessageLengthOrInvalidFormat)
Send msg : 2714deadbeef // Send Key even though Seed request was not successful
Recv msg : 7f2724 // NRC$24(requestSequenceError)
Send msg : 2711 // Seed request with non-existent SecurityLevel
Recv msg : 7f2712 // NRC$12(subFunctionNotSupported)
Send msg : 2714deadbeee // send key without another successful Seed request
Recv msg : 7f2724 // NRC$24(requestSequenceError)
Send msg : 2713 // Seed request
Recv msg : 6713deadbeef // Seed=0xdeadbeef
Send msg : 2714deadbeef // Send Key(Key=deadbeef)
Recv msg : 6714 // Send msg : 2713 // send again (Key=deadbeef)
Send msg : 2713 // Request Seed again
Recv msg : 671300000000 // Seed=0x00000000 (security unlocked)
Send msg : 2714deadbeef // send key with security unlocked
Recv msg : 7f2724 // NRC$24(requestSequenceError)
Send msg : 1003 // transition back to extendDiagnosticSession (security is now locked)
Recv msg : 5003003001f4 // P2 time=48[ms],P2*time=5000
Send msg : 2713 // Seed request
Recv msg : 6713deadbeef // Seed=0xdeadbeef
Send msg : 2714deadbeef // Send Key (Key=deadbeef)
Recv msg : 6714 // Send msg : 2713 // Seed=0xdeadbeef
Send msg : 2713 // Seed request
Recv msg : 671300000000 // Seed=0x00000000 (security unlocked)
sleep : 2.048000 [ms] // 2.048[ms] Wait
Send msg : 2713 // Seed request
Recv msg : 671300000000 // Seed=0x00000000(security unlocked)
sleep : 4.900000 [ms] // 4.900[ms] Wait
Send msg : 2713 // Seed request
Recv msg : 671300000000 // Seed=0x00000000 (security unlocked)
sleep : 5.100000 [ms] // 5.100[ms] Wait (S3 timeout, return to defaultSession)
Send msg : 2713 // Seed request
Recv msg : 7f277f // NRC$7F(serviceNotSupportedInActiveSession)
Send msg : 1003 // Transition to extendDiagnosticSession
Recv msg : 5003003001f4 // P2 time=48[ms],P2*time=5000
Send msg : 2713 // Seed request
Recv msg : 6713deadbeef // Seed=0xdeadbeef
Send msg : 2714deadbeef // Send Key (Key=deadbeef)
Recv msg : 6714 // send key (Key=deadbeef)
Exiting
SecurityAccess simulation results (CAN lines)
And CAN line log. (with comments)
Begin Triggerblock
0.000000 Start of measurement
// Seed request in defaultSession (SecurityAccess service unsupported session)
0.000000 1 18DA10F1x Rx d 8 02 27 13 CC CC CC CC
0.001868 1 18DAF110x Rx d 8 03 7F 27 7F 55 55 55 55
// Transition to extendDiagnosticSession
0.005955 1 18DA10F1x Rx d 8 02 10 03 CC CC CC CC CC
0.007832 1 18DAF110x Rx d 8 06 50 03 00 30 01 F4 55
// Wrong message length for Seed request
0.011968 1 18DA10F1x Rx d 8 06 27 13 DE AD BE EF CC
0.013828 1 18DAF110x Rx d 8 03 7F 27 13 55 55 55 55
// Key sent without successful Seed request
0.018940 1 18DA10F1x Rx d 8 06 27 14 DE AD BE EF CC
0.020840 1 18DAF110x Rx d 8 03 7F 27 24 55 55 55 55
// Seed request with nonexistent SecurityLevel
0.030081 1 18DA10F1x Rx d 8 02 27 11 CC CC CC CC
0.032801 1 18DAF110x Rx d 8 03 7F 27 12 55 55 55 55
// Key sent without a successful Seed request again
0.038887 1 18DA10F1x Rx d 8 06 27 14 DE AD BE EE CC
0.040812 1 18DAF110x Rx d 8 03 7F 27 24 55 55 55 55
// Seed Request
0.044892 1 18DA10F1x Rx d 8 02 27 13 CC CC CC CC CC
0.046793 1 18DAF110x Rx d 8 06 67 13 DE AD BE EF 55
// Send Key (Key=deadbeef)
0.053854 1 18DA10F1x Rx d 8 06 27 14 DE AD BE EF CC
0.055763 1 18DAF110x Rx d 8 02 67 14 55 55 55 55
// Request Seed again
0.059793 1 18DA10F1x Rx d 8 02 27 13 CC CC CC CC CC
0.061718 1 18DAF110x Rx d 8 06 67 13 00 00 00 00 55
// Send Key with security unlocked
0.065856 1 18DA10F1x Rx d 8 06 27 14 DE AD BE EF CC
0.067715 1 18DAF110x Rx d 8 03 7F 27 24 55 55 55 55
// Transition back to extendDiagnosticSession (now security lock is applied)
0.071778 1 18DA10F1x Rx d 8 02 10 03 CC CC CC CC
0.073712 1 18DAF110x Rx d 8 06 50 03 00 30 01 F4 55
// Seed request
0.077775 1 18DA10F1x Rx d 8 02 27 13 CC CC CC CC CC
0.079684 1 18DAF110x Rx d 8 06 67 13 DE AD BE EF 55
// Send Key (Key=deadbeef)
0.083747 1 18DA10F1x Rx d 8 06 27 14 DE AD BE EF CC
0.085795 1 18DAF110x Rx d 8 02 67 14 55 55 55 55 55
// Seed Request
0.091808 1 18DA10F1x Rx d 8 02 27 13 CC CC CC CC CC
0.093749 1 18DAF110x Rx d 8 06 67 13 00 00 00 00 55
// 2.048[ms] Wait
// Seed request
2.149081 1 18DA10F1x Rx d 8 02 27 13 CC CC CC CC CC
2.151039 1 18DAF110x Rx d 8 06 67 13 00 00 00 00 55
// 4.900[ms] Wait
// Seed Request
7.057408 1 18DA10F1x Rx d 8 02 27 13 CC CC CC CC CC
7.059390 1 18DAF110x Rx d 8 06 67 13 00 00 00 00 55
// 5.100[ms] Wait (S3 timeout to return to defaultSession)
// Seed request
12.165579 1 18DA10F1x Rx d 8 02 27 13 CC CC CC CC CC
12.167602 1 18DAF110x Rx d 8 03 7F 27 7F 55 55 55 55
// Transition to extendDiagnosticSession
12.170600 1 18DA10F1x Rx d 8 02 10 03 CC CC CC CC CC
12.172509 1 18DAF110x Rx d 8 06 50 03 00 30 01 F4 55
// Seed request
12.175524 1 18DA10F1x Rx d 8 02 27 13 CC CC CC CC CC
12.177572 1 18DAF110x Rx d 8 06 67 13 DE AD BE EF 55
// Send Key (Key=deadbeaf)
12.180562 1 18DA10F1x Rx d 8 06 27 14 DE AD BE EF CC
12.182446 1 18DAF110x Rx d 8 02 67 14 55 55 55 55 55
End TriggerBlock
Observations on the results of the SecurityAccess simulation.
The volume has increased considerably compared to the previous simulation.
In addition to the actual communication telegrams, the behavior changes depending on the order judgment of Seed request/Key send, session state, and security state.
The fact that it depends on the session state is also related to the S3 timeout, so we can check the behavior like this.
The message itself is simple, and if you can imagine the session state and security state, it should be OK.
If you can visualize these two concepts, you should not be so confused.
Conclusion.
- Check the results of the SecurityAccess simulation.
- Check the message level.
- Check the CAN line level.
- SecurityAccess behavior depends on session state and security state.
- SecurityAccess behavior depends on session state, security state, and S3 timeout.
Click here for back issues.
コメント