Skip to main content

Diagnostic Session : Function 5 - Session Oriented Access to Services

 There are multiple users those need to use UDS protocol for various purposes like Garage person for fault detection, ECU manufacture for Testing activities and development purpose. Also  OEM needs  access to ECU memory for flashing purposes. 

UDS services can be categorized in different groups like few services will just read some Data from memory,a few will write or update the data to memory, some will erase/update ECU sw itself , some will control Inputs outs of ECU directly. 

So there are chances that any improper usage of UDS service may result in safety issues , security breaches or damage to ECU resources. Hence, it doesn't make sense to give access to all services to everyone.

To achieve this UDS has designed some mechanisms like Sessions, Security Authentication, Preconditions.

I hope you are aware about what a Diagnostic Session is.

Please visit : https://thevehiclediagnostics.blogspot.com/2020/01/what-is-diagnostic-session.html if you want to brush up. 

A Diagnostic Session plays an important role to provide restricted access to services.

How a Diagnostic Session does this ! Let us see that in detail. 

  • A sessions could be default or non default. 
  • Any service in UDS can only be executed if it is allowed in that session.
  • A session has set of services those can be executed in that session.
  • Also a session transition between two session is possible only if that is allowed.  

There are three basic sessions :  

                     1. Default Session
                       2. Extended Session
                       3. Programming Session

Other than this ECU may support a different session if required. 

Let us see these sessions in detail. 

1. Default Session : 

  •  As its name suggests it is default session of ECU.
  • This session gives superficial access to set of UDS services.
  •  Whenever ECU powers-up it is supposed to be in Default session until any session change is  requested.
  •  Generally services requesting data or writing data (unsecured data) are allowed in this session.  
  •  Services like Reading DIDs 0x22, Write Data by Identifier, Reading DTCs 0x19, Tester Present 0x3E, ECU Reset 0x11 are allowed in this session. 
  • No services which needs secured access can be executed in this session as service Security Access 0x27 is not allowed in this session.
  • ECU remains in default session if no session change is requested.
  • One of the targeted users could be a Garage person trying to just read DTCs.
                 But the question is then what about the access to other service . To answer this we need to know Non- default sessions. 

2. Extended Session :
  • All services allowed in default sessions are allowed in this session.
  • In addition to that this session gives access to more services.
  • This session is MUST to take ECU to Programming session. 
  • Any Security Levels applicable to ECU can be unlocked in this session as service Security Access 0x27 is allowed in this session.
  • All secured  services can be executed after successful unlocking of ECU for any security level.
  • ECU enters in default session if this session is ended or expired.
  • One of the targeted users could be a End Of line engineer doing a Dynamic Vehicle Test which needs security levels.
3.Programming Session:
  • A specialized session designed for ECU programming. 
  • All services allowed in default sessions are allowed in this session.
  • Services used for programming like RequestDownload - 0x 34, TransferData -0x 36, etc can be executed in this session.
  • ECU enters to default session if this session is ended or expired.
  • One of the targeted users could be a End of line Engineer Flashing Calibration SW

There are some more aspects like how much time ECU remains in a same session, how session transition works.But that is not part of this write up as I wanted to focus only on the session and service co-relation. 

As per the information about you might have got an idea that how a service and session are co related.

But what if I send a service which is not allowed in current session !  
Also what if a service is supported but what if particular a subfunction of a service is not supported in a specific session. 
 
Please post your answers in the comments. Let us share what we know !




Comments

Post a Comment

Popular posts from this blog

What is UDS on CAN or Diagnostic on CAN ?

OSI Model and Diagnostics : OSI model has 7 layers and each layer has defined functionality. To understand this you can refer this excellent IEEE  publication. It explains OSI Model for CAN , Ethernet, flexray and MOST.  External reference : http://www.ieee802.org/1/files/public/docs2013/new-tsn-diarra-osi-layers-in-automotive-networks-0313-v01.pdf   So let us understand,  what is this UDS on CAN  ? When a Diagnostic Message formatted  as per ISO 14229 -1 i.e UDS Standard is sent over Controller Network we say Diagnostics Communication is happening as per UDS on CAN. So as per this : Below layers participate in Diagnostic Communication Over CAN :  1. Application Layer :  ISO 14229-1:2013 ROAD VEHICLES — UNIFIED DIAGNOSTIC SERVICES (UDS) — PART 1: SPECIFICATION AND REQUIREMENTS  ISO 14229-3:2012 ROAD VEHICLES — UNIFIED DIAGNOSTIC SERVICES (UDS) — PART 3: UNIFIED DIAGNOSTIC SERVICES ON CAN IMPLEMENTATION (UDSON...
Post a Comment
Read more

Diagnostic Session Function 3 - Security and authorization of the user – Use of Seed and Key for authenticating -

 Let us see how the function of Security Access is served by Diagnostic Session.   Security is an important aspect of an UDS implementation. It is required to avoid unauthorized access to ECU. As one can control ECU functionality through usage of UDS services, it becomes vital to secure ECU from unintended or vulnerable access.  Hence UDS has provisioned a special service called Security Access SID 0x27 to authorize a user.It works on the principle of Seed and key mechanism. You can get lot many websites explaining how security service works. The intention of this write up is to know how session is important for the implementation of security of an ECU. As mentioned in the blog (https://thevehiclediagnostics.blogspot.com/2020/01/what-is-diagnostic-session.html )  a diagnostic session of an ECU is a timed window. Session management helps in following manner for security 1 . Limit a secured access for timed window i.e session. 2 . End se...
Post a Comment
Read more