Our work presents fault injection as a technique to bypass the security of diagnosis protocol implementations that do not contain any logical vulnerabilities and, therefore, that is protected against traditional logical attacks. This paper also illustrates the risk of implementing a vulnerable diagnosis protocol since it could serve as an entry point for a scalable attack and proposes some recommendations to mitigate the risk. Although this work is focused on the UDS protocol, a similar approach could be taken to bypass the security of other diagnosis protocols like KWP2000.
View the slides below or download them in PDF. Scroll down to request the whitepaper.