J3138_202210 Diagnostic Link Connector Security

Revised

10/04/2022

Features
Issuing Committee
Scope
Content
This document describes a set of recommended actions to take to increase the likelihood of safe vehicle operation when a device (external test equipment, data collection device, etc.) whose normal operation has been compromised by a source external to the vehicle is connected to the vehicle’s diagnostic system. The term “diagnostic system” is intended to be a generic way to reference all the different ways that diagnostic commands might be injected into the system.
The guidance in this document is intended to improve security without significantly impacting the ability for franchised dealer or independent aftermarket external test tools to perform legitimate diagnosis and maintenance functions.
The goal is that intrusive services are only allowed to be performed when the vehicle is in a Safe State such that even if the intrusive service were to be initiated with adversarial intent the consequences of such a service would still be acceptable.
Meta TagsDetails
DOI
https://doi.org/10.4271/J3138_202210
Pages
10
Citation
SAE International Recommended Practice, Diagnostic Link Connector Security, SAE Standard J3138_202210, Revised October 2022, Issued June 2018, https://doi.org/10.4271/J3138_202210.
Additional Details
Publisher
Published
Oct 4, 2022
Product Code
J3138_202210
Content Type
Recommended Practice
Status
Revised
Language
English

Revisions