Survey of practices for securing the interface through the Data Link Connector (DLC)
This document has been issued to provide a reference or overview of some current practices which could be utilized for securing the vehicle’s interface with the Data Link Connector (DLC) from cybersecurity risks associated with external test equipment connections (e.g. diagnostics scan tools) or remotely connected applications (e.g. telematics devices). The practices outlined in this report are examples of some secured in-vehicle data access methods which might be used in the automotive industry. Note that In-vehicle network protocol descriptions and data format details are not included in this report.
Rationale: On-Board Diagnostic (OBD) regulations require passenger cars, and light and medium duty trucks, to provide a Data Link Connector (DLC) to support communication of diagnostic information to off-board devices. Many vehicle manufacturers also provide access to enhanced diagnostic information and vehicle systems/subsystems via this connector. Different system practices and different possible approaches for handling secure connections to communicate information from a vehicle to an off-board device are surveyed in this report.