A Balanced Approach for Securing the OBD-II Port

Paper #:
  • 2017-01-1662

Published:
  • 2017-03-28
Affiliated:
Pages:
10
Abstract:
The On-Board Diagnostics II (OBD-II) port began as a means of extracting diagnostic information and supporting the right to repair. Self-driving vehicles and cellular dongles plugged into the OBD-II port were not anticipated. Researchers have shown that the cellular modem on an OBD-II dongle may be hacked, allowing the attacker to tamper with the vehicle brakes. ADAS, self-driving features and other vehicle functions may be vulnerable as well. The industry must balance the interests of multiple stakeholders including Original Equipment Manufacturers (OEMs) who are required to provide OBD function, repair shops which have a legitimate need to access the OBD functions, dongle providers and drivers. OEMs need the ability to protect drivers and manage liability by limiting how a device or software application may modify the operation of a vehicle. This paper outlines a technical approach based upon cryptographic authentication and granular access control policy which addresses the needs of stakeholders. This allows the OEM to protect the security of the vehicle by carefully controlling the functions a particular device plugged into the OBD-II port is able to perform. This allows device makers (diagnostic tools, insurance dongles, etc.) to have their products certified to work with the OEM’s vehicles. The result is the OEMs can protect driver safety and maintain the right to repair.
Also in:
  • SAE International Journal of Passenger Cars - Electronic and Electrical Systems - V126-7EJ
  • SAE International Journal of Passenger Cars - Electronic and Electrical Systems - V126-7
Sector:
Access
Now
SAE MOBILUS Subscriber? You may already have access.
Buy
Attention: This item is not yet published. Pre-Order to be notified, via email, when it becomes available.
Select
Price
List
Download
$27.00
Mail
$27.00
Members save up to 40% off list price.
Share
HTML for Linking to Page
Page URL

Related Items

Technical Paper / Journal Article
2008-06-23
Technical Paper / Journal Article
1929-01-01
Technical Paper / Journal Article
2011-10-06
Technical Paper / Journal Article
1923-01-01
Technical Paper / Journal Article
2006-11-21