Fault injection on automotive diagnostic protocols

In this work we present fault injection as a technique to bypass the security of automotive diagnosis (UDS) protocol implementations that do not contain any logical vulnerabilities. Two different ECUs, both from car models currently available for sale, were tested against fault injection attacks. Our tests proved that it is possible for an attacker to inject faults and bypass the UDS authentication, obtaining access to the internal Flash and SRAM memories of the targets. By analyzing the dumped firmware, the keys and algorithm that protect the UDS have also been extracted, giving full access to the diagnosis services without requiring the use of fault injection techniques.

This publication is available in a form of slides, originally presented by Riscure's Niek Timmers at the 2018 ESCAR USA conference. The original research paper, created by Ramiro Pareja and Santiago Cordoba, is available after registration.

Get the whitepaper

View the slides below or download them in PDF. Scroll down to request the whitepaper.


Register to download the whitepaper

Thank you! Please click this link to download the whitepaper.

By continuing to browse this website, you agree to the use of cookies and data processing according to our privacy statement. Close