Measures to Prevent Unauthorized Access to the In-Vehicle E/E System, Due to the Security Vulnerability of a Remote Diagnostic Tester

Features
Event
WCX™ 17: SAE World Congress Experience
Authors Abstract
Content
Remote diagnostic systems support diagnostic communication by having the capability of sending diagnostic request services to a vehicle and receiving diagnostic response services from a vehicle. These diagnostic services are specified in diagnostic protocols, such as SAE J1979, SAE J1939 or ISO 14229 (UDS).
For the purpose of diagnostic communication, the tester needs access to the electronic control units as communication partners. Physically, the diagnostic tester gets access to the entire vehicle´s E/E system, which consists of connectors, wiring, the in-vehicle network (e.g. CAN), the electronic control units, sensors, and actuators.
Any connection of external test equipment and the E/E system of a vehicle poses a security vulnerability. The combination can be used for malicious intrusion and manipulation. Any unauthorized access to the E/E system of a vehicle can severely harm the functional safety and finally cause damage to the vehicle or - even worse - to life and health of people.
This paper describes the architecture of a system for remote diagnostics, its security vulnerability and measures to increase the security.
Meta TagsDetails
DOI
https://doi.org/10.4271/2017-01-1689
Pages
8
Citation
Subke, P., Moshref, M., Vach, A., and Steffelbauer, M., "Measures to Prevent Unauthorized Access to the In-Vehicle E/E System, Due to the Security Vulnerability of a Remote Diagnostic Tester," SAE Int. J. Passeng. Cars – Electron. Electr. Syst. 10(2):422-429, 2017, https://doi.org/10.4271/2017-01-1689.
Additional Details
Publisher
Published
Mar 28, 2017
Product Code
2017-01-1689
Content Type
Journal Article
Language
English