Please log in

Paper / Information search system

日本語

ENGLISH

Help

Please log in

Cart

Menu
  1. Home
  2. Search
  3. Details
  • Summary & Details

UDS Security Access for Constrained ECUs

Delivery
Provide download link
Format
PDF
Price
Non-members (tax incl.):¥6,600 Members (tax incl.):¥5,280
Paper/Info type
SAE Paper

No.2022-01-0132

Pages
1-9(Total 9 p)
Date of publication
Mar 2022
Publisher
SAE International
Language
English
Event
WCX SAE World Congress Experience 2022

Detailed Information

Author(E)1) Martin Thompson
Affiliation(E)1) ZF Automotive UK Ltd
Abstract(E)Legacy electronic control units are, nowadays, required to implement cybersecurity measures, but they often do not have all the elements that are necessary to realize industry-standard cybersecurity controls. For example, they may not have hardware cryptographic accelerators, segregated areas of memory for storing keys, or one-time programmable memory areas. Such systems must still be protected with a sufficient level of rigor against attackers who wish to modify their operation or extract confidential information from them. A critical interface to defend is the Unified Diagnostics Service (UDS) interface which is used in many areas across the whole vehicle lifecycle. While the UDS service $27 (Security Access) has a reputation for poor cybersecurity, there is nothing inherent in the way it operates which prevents a secure access-control from being implemented. This paper describes an approach to providing UDS Security Access within systems which have very constrained processors (in terms of processing power, memory size and, in particular, cybersecurity features) which can be applied to multiple vehicles across many manufacturers. It describes, in detail, methods for generating UDS-Seeds and UDS-Keys in the absence of a hardware security module (HSM) with a true-random number generator, and without use (by the user who is requesting access) of IT-infrastructure. In addition, the problem of key-management and distribution is tackled head-on and not left as an implementation detail. A threat analysis has been performed (according to ISO/SAE 21434) using model-based tools, the results of which are presented in this paper. The constraints (some of which make it difficult to properly secure certain key material) result in risks which become clear in the threat analysis. Potential future users of this scheme can use this analysis to assess the residual risks in their own applications.

About search

close

How to use the search box

You can enter up to 5 search conditions. The number of search boxes can be increased or decreased with the "+" and "-" buttons on the right.
If you enter multiple words separated by spaces in one search box, the data that "contains all" of the entered words will be searched (AND search).
Example) X (space) Y → "X and Y (including)"

How to use "AND" and "OR" pull-down

If "AND" is specified, the "contains both" data of the phrase entered in the previous and next search boxes will be searched. If you specify "OR", the data that "contains" any of the words entered in the search boxes before and after is searched.
Example) X AND Y → "X and Y (including)"  X OR Z → "X or Z (including)"
If AND and OR searches are mixed, OR search has priority.
Example) X AND Y OR Z → X AND (Y OR Z)
If AND search and multiple OR search are mixed, OR search has priority.
Example) W AND X OR Y OR Z → W AND (X OR Y OR Z)

How to use the search filters

Use the "search filters" when you want to narrow down the search results, such as when there are too many search results. If you check each item, the search results will be narrowed down to only the data that includes that item.
The number in "()" after each item is the number of data that includes that item.

Search tips

When searching by author name, enter the first and last name separated by a space, such as "Taro Jidosha".