Browse Publications Technical Papers 2017-01-1689

Measures to Prevent Unauthorized Access to the In-Vehicle E/E System, Due to the Security Vulnerability of a Remote Diagnostic Tester 2017-01-1689

Remote diagnostic systems support diagnostic communication by having the capability of sending diagnostic request services to a vehicle and receiving diagnostic response services from a vehicle. These diagnostic services are specified in diagnostic protocols, such as SAE J1979, SAE J1939 or ISO 14229 (UDS).
For the purpose of diagnostic communication, the tester needs access to the electronic control units as communication partners. Physically, the diagnostic tester gets access to the entire vehicle´s E/E system, which consists of connectors, wiring, the in-vehicle network (e.g. CAN), the electronic control units, sensors, and actuators.
Any connection of external test equipment and the E/E system of a vehicle poses a security vulnerability. The combination can be used for malicious intrusion and manipulation. Any unauthorized access to the E/E system of a vehicle can severely harm the functional safety and finally cause damage to the vehicle or - even worse - to life and health of people.
This paper describes the architecture of a system for remote diagnostics, its security vulnerability and measures to increase the security.


Subscribers can view annotate, and download all of SAE's content. Learn More »

Members save up to 16% off list price.
Login to see discount.
We also recommend:

SAE J1850 Verification Test Procedures


View Details


Challenges of Changing a Common Vehicle Architecture - Evaluation Process for Functional Integration


View Details


A Vehicle Electrical System Architecture Based on a Multiplexed Design For Operator Controls and Indicators


View Details