Right to repair and the tendency of car makers to encrypt access to CAN-Bus nodes and subunits

[Zardo]

Hi,

I'm wondering whether tools like AlfaOBD, MultiEcuScan or general after-market OBD testers will still be able to access and run test protocolls on all the CAN Nodes present in an age where there's a tendency to encrypt access or block access by a secure gateway.

I haven't done any research on encryption in cars yet as I don't seem to need it for my 2010 Punto.

However, if I were to buy a new car, the inability to diagnose and repair faults (as long as I'm technically able to do it myself) because of being blocked by a secure Gateway for which, for example, an access right (some kind of subscription fee) needs to be bought, would be a strong No-Go.

What is the developpment in this area concerning FIAT, Abarth and Alfa Romeo cars?

I hear some car makers are much more restrictive on that issue. basically preventing enthousiasts for doing their own repairs.

Thx

 

[bugsymike]

Hi,

I'm wondering whether tools like AlfaOBD, MultiEcuScan or general after-market OBD testers will still be able to access and run test protocolls on all the CAN Nodes present in an age where there's a tendency to encrypt access or block access by a secure gateway.

I haven't done any research on encryption in cars yet as I don't seem to need it for my 2010 Punto.

However, if I were to buy a new car, the inability to diagnose and repair faults (as long as I'm technically able to do it myself) because of being blocked by a secure Gateway for which, for example, an access right (some kind of subscription fee) needs to be bought, would be a strong No-Go.

What is the developpment in this area concerning FIAT, Abarth and Alfa Romeo cars?

I hear some car makers are much more restrictive on that issue. basically preventing enthousiasts for doing their own repairs.

Thx

This detail is on Gendans website, they supply MES Fiat Diagnostics etc.:-

** Important - 2018+ model year coverage: **​

Please note - some vehicles from the 2018 model year onwards (sold since mid-2017) , will have a "Security GateWay" Module (SGW). The SGW module limits diagnostic communication to read-only access, unless the tool can obtain a session-specific access code from Fiat group's servers (which requires an expensive subscription).

This limitation blocks tools from executing commands on the vehicle (e.g. actuations, procedures and even clearing of DTCs).
However, the current generation of SGW can be bypassed, by unplugging the SGW from the car, and connecting an SGW Bypass Adaptor (available separately) in its place.
Vehicles known to be affected so far include MY2018 500X/Renegade, 500L MCA, Doblo, Giulia/Stelvio.

 

[s130]

Life is going to get more difficult for all of us with regards to diagnostic tool access to vehicle systems. Fiat are not the only manufacturers with way of protecting the vehicle from (lets say) "unauthorised access".

On Fiat cars specifically then on some models have the SGW. As mentioned this can be bypassed. However on the latest Ducato models I gather the SGW is integrated into and electronically part of the Body Computer Module (BCM) so can't be bypassed.

I think other manufacturers have done similar which is why I gather some thieves gain access to the vehicle systems by tapping into a fairly accessible external module like a rear camera or front/rear collision radar unit.

To counter this the EU is pressing for/mandating that ALL CAN communication lines must be encrypted. This (certainly for the likes of me/you) will not be able to be bypassed or hacked.

So enter "PASS-THRU" as in SAE J2534 protocol.

This is a good basic article worth reading: https://www.maverickdiagnostics.com/pass-thru-diagnostics-in-the-uk-europe

A serious knock-on effect I've had a discussion about with a larger independent multi-brand garage is that they will have to be more selective in the future about which makes the service/repair. If you take UK make market share as being a typical service share then Fiat and other brands are well down the list so the independent multi-brand garage is not going to be interested in Fiats. These leaves us with Main Dealers or Specialists. Some Fiat/Alfa specialists focus on the older models and have no real interest in newer/current models.

The mistake I think which has been made is that whilst I believe one should still be able to read fault codes they (industry/EU) should have security "ring fenced" certain systems/functions (e.g. keys, security, forced engine start, etc) and left the rest alone.

 

[s130]

I need to clarify my post a little. PASS-TRU / SAE J2534 in itself is just the SAE common approach to vehicle diagnostics. See this: https://www.autopi.io/blog/j2534-explained/

PASS-TRU also allows direct communication with manufacturer servers which is where the security codes for decryption, vehicle data, reprogramming data etc. are obtained (with subscription costs).

 

[The Panda Nut]

I need to clarify my post a little. PASS-TRU / SAE J2534 in itself is just the SAE common approach to vehicle diagnostics. See this: https://www.autopi.io/blog/j2534-explained/

PASS-TRU also allows direct communication with manufacturer servers which is where the security codes for decryption, vehicle data, reprogramming data etc. are obtained (with subscription costs).

Well its all BO****** really as we will all soon be forced to have BEVs and servicing these are not going to be a home job for untrained and unequipped people anyway. The EU really can be a colosal PITA. This PASS-TRU sounds like it may be the answer to servicing but if I pay thousands for a new car (unlikely) it WILL be supplied with service access INCLUDED IN THE PRICE. There is no way I will be compelled to use someone else of unkown capability to serice the safety elements of my transport unsupervised.

No access, NO SALE!

I do get Noop done by the dealer because of its Uni Air and the stupid position of the oil filter that I dont wish to fight with. ANY attempt however to compel me or prevent me from being able to oversee, understand or do the work will result in my immediate departure from owning a new vehicle. I hope I will just be able to stay in charge until Im too old to drive.

Realistically we all need to stop personal transport and change to public transport anyway, and ultimately its going to happen. But much water will go under the bridge before we get there. Unless of course the bridge is washed away in a catsrpophic flood and we all drown or starve as a result.... Which is highly likely so it all wont matter.

 

[s130]

Well its all BO****** really as we will all soon be forced to have BEVs and servicing these are not going to be a home job for untrained and unequipped people anyway. The EU really can be a colosal PITA. This PASS-TRU sounds like it may be the answer to servicing but if I pay thousands for a new car (unlikely) it WILL be supplied with service access INCLUDED IN THE PRICE. There is no way I will be compelled to use someone else of unkown capability to serice the safety elements of my transport unsupervised.

Yes BEV / all electric will be beyond the scope of many. Whilst I've designed and worked on solid state power systems of up to 400kV and 10kW and very large electrical energy storage systems with massive stored charge I don't really fancy messing with electric vehicles. When working on those other systems in employment I was trained, could take my time and was insured. I have a responsibility to my family and my own life so DIY other than wiper blades, bulbs, etc. will be "out of scope".

No access, NO SALE!

Yes indeed. However I don't think many car makers are going to give "lifetime service and repair" included in the price of the vehicle. If nothing else lifetime will be not 10 years but some lower factor.

I do get Noop done by the dealer because of its Uni Air and the stupid position of the oil filter that I dont wish to fight with. ANY attempt however to compel me or prevent me from being able to oversee, understand or do the work will result in my immediate departure from owning a new vehicle. I hope I will just be able to stay in charge until Im too old to drive.

That will be all our wishes. I for medical reasons rely on my vehicle and can't walk to local bus stop and taxi's are too expensive.

You may be too old to drive but there are currently no restrictions on mobility scooter vehicles. Some of these are quite capable and even real off road models

I can see a new trend. "Pimp Your Scooter"