17 minute read
Chrysler Secure Gateway
from Auto Service Professional - December 2020
by EndeavorBusinessMedia-VehicleRepairGroup
Protecting SWG vehicle control systems from hackers
By Edwin Hazzard
JJust when you think you have the automotive industry figured out, another curveball comes your way. The automotive industry continues to change and evolve at an alarming rate. In order to be successful in this industry, you have to roll with the changes. If you don’t update, you will evaporate.
Some of the changes in this industry present challenges that are very hard for technicians and shop owners to cope with. A lot of it boils down to the learning curve and the costs associated with it. Major changes can be an expense not only to the shop owner, but also for the technician.
For the shop owner it can be a monetary expense as the shop will have to spend money to update their equipment and their technician training standards.
For the technician, the extra time spent training along with spending money on equipment that the shop does not provide can be a burden on some.
No matter which end of the spectrum you find yourself on, when the manufacturers decide to make a change, the independent repair shops pay the ultimate price.
As most of you have heard by now, Fiat
Chrysler Automobiles (FCA) (see Figure 1) has made changes to its proprietary software protocol. As part of a comprehensive approach to safeguard its vehicles from cyber attacks, FCA has implemented a Secure
Gateway (SGW) module in the electrical architecture, starting with most 2018 model
Figure 1: Fiat Chrysler Automobiles (FCA) has integrated security software into their vehicles to prevent unauthorized access.
year vehicles. This module functions as a secure firewall that protects external access to the vehicle via the radio and diagnostic connector from the rest of the vehicle network.
The SGW gates all data exchanged between the “outside world” (e.g., diagnostic tools, incoming signals to radio/head unit) and the “vehicle,” and it determines what commands to allow through the gateway based on an approved list. The SGW does not restrict access to diagnostic data. It restricts the ability of non-registered and nonauthenticated users to perform intrusive diagnostics such as bi-directional controls.
The SGW can control the level of access for each user, based on an assigned role determined during an authentication process.
A challenge-response protocol is used for authenticated access.
A similar process is used for FCA U.S. franchised dealerships.
So if you’re wondering just how somebody could steal information or manipulate the vehicle to cause harm, believe it or not there are many ways to do so. In today’s world a cyber attack can be devastating to the vehicle’s owner. For example, if a vehicle’s owner has their contact list on their cell phone and their phone is synched to their radio it would be very easy for a hacker to get in and steal some valuable information from the vehicle.
Here’s another example which is perhaps even more alarming. In 2015, preeminent hackers Charlie Miller and Chris Valasek dominated headlines with their landmark hack of a Jeep Cherokee. The duo, who now work at Uber’s Advanced Technologies Center, were able to hack into and remotely seize control of an unaltered vehicle and do everything from mess with the radio and windshield wipers to cut the transmission control.
From a basement couch 10 miles away and with Wired reporter Andy Greenberg behind the wheel, they exploited the car’s Uconnect system, an internet-connected computer feature that controlled the entertainment and navigation systems, enabled phone calls and, with a subscription purchase, offered a Wi-Fi hotspot.
From the audio/visual system, they accessed the car’s diagnostic messaging system to gain control, ultimately incapacitating the driver and steering the Jeep off the road. This is the reason that FCA implemented the SGW in order to combat this type of automotive terrorism.
In the beginning, for the automotive aftermarket to be able to service these vehicles properly they didn’t have access to the gateway that protects access to the information
Figure 2: AutoAuth provides independent shops a means to unlock and access all SWG functions.
systems. This presented a problem as only the dealership market had access.
Luckily for the aftermarket, the OEM granted access to the systems but only by strict cyber authentication.
The FCA has set up a “bridge server” and user management system called AutoAuth that mimic’s the user and tool authentication process that FCA certified dealerships use with the FCA scan tool. This solution allows the aftermarket scan tools to unlock the SGW and perform all the necessary repair procedures.
One of the most common questions is, “Does the SGW placed on FCA vehicles prevent independent repair facilities from servicing FCA vehicles?”
The answer is a resounding, “No.” FCA U.S. continues to make available to independent repair facilities all diagnostic and service information. The SGW was placed on most 2018 model year and later FCA vehicles as a cyber security measure, as part of FCA’s commitment to continually review and address potential cyber security vulnerabilities. The concept and design of the SGW reflects an effort to proactively
Figure 3: An example of a screenshot on the AutoAuth site for tool registration.
adopt available guidance and best practices for security controls, including guidance published by the National Highway Traffic and Safety Administration (NHTSA) and the National Institute of Standards and Technology (NIST).
The SGW is not intended to prevent aftermarket tool companies and/or aftermarket repair centers from servicing FCA vehicles. FCA supports aftermarket repair facilities and believes that the customer should be able to choose where to have their vehicle serviced. That’s good news for the automotive aftermarket sector.
So what is AutoAuth exactly? AutoAuth provides a service for independent operators to unlock vehicles to securely provide service to their customers. New vehicles will come enabled with the latest cyber security features to protect vehicle owners from cyber attack. AutoAuth works with independent tool vendors to ensure that the tools independent operators use to do their jobs are AutoAuth-certified tools. This will allow independent operators to continue to service cyber-enabled vehicles.
AutoAuth provides the registration service and “unlock codes” to independent operators’ service tools to unlock vehicle gateways to perform day-to-day service.
What did the FCA do to facilitate this? The FCA has reached out to all the aftermarket scan tool companies that currently have an active scan tool license agreement with FCA in order to provide them with this capability. FCA is having ongoing conversations with several scan tool companies and is working to help them provide their solution in the shortest possible time. The aftermarket scan tool companies will have the same access to the SGW as the OEMs.
As most of you have noticed, FCA is always changing the way the game is played. When setting up your aftermarket scan tool to be able to access the SGW, you should visit the website of AutoAuth. (see Figure 2).
AutoAuth is an independently owned and operated service working in conjunction with auto OEMs and independent tool vendors. What exactly does AutoAuth do for the independent repair shops? Well, they provide a service for independent operators to unlock vehicles to securely provide service to their customers. New vehicles will come enabled with the latest cyber security features
to protect vehicle owners from cyberattack.
AutoAuth works with independent tool vendors to ensure the tools independent operators use to do their jobs are AutoAuth-certified tools. This will allow independent operators to continue to service cyber-enabled vehicles.
AutoAuth provides the registration service and “unlock codes” to independent operator’s service tools to unlock vehicle gateways to perform day-to-day service. Each tool has to be supported by the independent tool manufacturer and registered on AutoAuth based on the tool’s serial number. That tool can only be registered one time and by one shop. If that tool is used by more than one shop it stays by the shop it’s registered to.
Go to www.autoauth.com and search in the list that they have provided to see if
HOLDS LIKE RED. REMOVES LIKE BLUE.
Now, get holding power like our high-strength red threadlocker with the easy removal of our medium-strength blue. No power tools or localized heat required. You’ll be glad you have it.
• High hold strength • Prevents vibration loosening • Gel or liquid • 3/8”- 1” range
permatex.com
Figure 4: A maximum of 100 tools may be registered per shop.
Figure 5: Topology mapping on the AutoAuth site makes it easy to view all of the modules and their status.
your particular scan tool is supported. That is based on whether or not your scan tool manufacturer is participating in this feature. If for some reason the tool that you have is not supported, then I would recommend that you contact the manufacturer of that tool and ask them for assistance. My recommendation is if you are thinking about purchasing a new tool, I would find out first to see if it is supported on the SGW protocol before purchasing the tool.
Here are my tools that I currently have registered with AutoAuth (see Figure 3).
Here is the screen on the AutoAuth site that
you would register your tool on (see Figure 4). You can register up to 100 tools per shop. As of this writing, FCA is using the wiTech II. One of the nice features that FCA put in their tool is the topology feature (see Figure 5).
You will probably start to see that many aftermarket scan tools will start implementing this feature in their scan tools as well. Some tools have done so already. Topology mapping makes it visually easier to see all the modules on one page and their current status on the network.
As I mentioned earlier, technology is changing at a rapid pace. Along with those changes comes the increase of what I call cyber terrorism. While computer systems seem to make our lives and the way of doing business more proficient, it also gives those who wish to do us harm an easier avenue to do so. The only way to protect yourself is to be vigilant and aware of the potential harm that can happen in the most unexplainable ways.
As an auto repair shop owner or technician you have been trained to keep your customers safe in their vehicles. Protecting your customers safety by inspecting the brake system on their vehicle isn’t any different than protecting them from a potential cyber attack. Don’t just protect your customer’s vehicle by the things you can see but you also need to protect them by the things you can’t see.
That is why you need to keep current on your training and your equipment needs.
Unfortunately, today the world is not as safe as it used to be. Hacking into a vehicle to alter the brake system or steering control system can be a very serious thing. The lives of your customers and those that are on the road with them could be put at serious risk.
Between altering the vehicle’s guidance systems or accessing the vehicle owner’s personal information from the radio or cell phone can have catastrophic consequences. So do yourself and your customers a favor and service their vehicles as if it was your own. Keeping your customers safe will give you not only peace of mind but the satisfaction of servicing their vehicles the right way. ■
Edwin Hazzard owns South East Mobile Tech in Charleston, S.C., which is a mobile diagnostic and programming service providing technical service to many automotive and body repair shops. He has 38 years’ experience in the automotive industry. He currently is an automotive trainer, a board member of TST (Technician Service Training), a member of the MDG (Mobile Diagnostic Group), a member of the Professional Tool and Equipment advisory board for Pten magazine, a committee member of Nastaf, and is a beta tester for multiple tool makers.
WE BUY USED SPARK PLUGS
(619) 427 8540
P G M R E C O V E R Y S Y S T E M S . C O M
LINCOLN BIG BROTHER RECALL
A recall has been issued for certain 2019 Lincoln Nautilus vehicles. The Lane Center Assist system may not adequately detect if a driver hands their hands off the steering wheel for a prolonged period of time. If the system remains active despite the driver not having their hands on the wheel, the driver’s inattention may increase the risk of a crash. (Gee, ya think so?)
CADILLAC CADDY MISFIRE/TICK
This bulletin applies to 2015-2019 Cadillac Escalade and 2016-2019 CTS-V vehicles equipped with a 5.3L or 6.2L engine. Some customers may comment about a misfire/tick noise and the MIL on. The technician may find DTC P0300 set or in history. This may be caused by one of the following: • Active fuel management (AFM) lifter that is mechanically collapsed and/or stuck all of the time. • Internal locking pin damage in the lifter due to oil aeration. • Lifter that has collapsed and is stuck in the lifter bore. • Bent pushrod
Inspect for camshaft damage while the lifters are removed. If damage is found, replace the camshaft.
Inspect the valve operation. If the valve(s) are not moving, replace the lifter oil manifold and the affected bank of AFM lifters. If a lifter
If a lifter is stuck in the bore, one possible option is to use a vise grip with a slide hammer to remove the lifter.
Another option is to use a vise grip with a small pry bar. If the lifter cannot be removed, the engine block must be replaced.
has spun in its bore, the lifter guides should also be replaced.
If a lifter was stuck in its bore, after lifter removal, be sure to inspect the lifter bore for damage. If a lifter bore is damaged, GM recommends that the block must be replaced.
FORD FORD STARTER NUT RECALL
Ford is recalling certain 2020 F-150 trucks. An incorrect attachment nut may have been used to attach the battery positive (B+) power supply cable to the starter motor, possibly affecting the electrical conductivity, resulting in excess heat and electrical arcing.
CHEVROLET MAJOR BLIND SPOT
Chevrolet has recalled certain 2020 Corvette vehicles. Despite visual and audible warnings, the vehicle may be driven with the front trunk lid unlatched. An unlatched hood may open at speed, obstructing the driver’s forward view.
CHRYSLER JEEP MAY HAVE BAD TENSIONER
This bulletin applies to 2020 Jeep Wrangler vehicles equipped with a 3.6L V6 engine, built on or after Dec. 13, 2019, or on or before Jan. 25, 2020. The bulletin involves inspecting the Julian date on the hydraulic belt tensioner for possible replacement. Customers may experience a MIL on. DTCs that may be set include P2BA3-00 (starter/ generator mechanical performance) and P0A92-00 (hybrid generator performance). Issues may involve a dead battery and/or the accessory drive belt may be slipping or have belt noise. Only vehicles with the Julian date code 15.08.19 on the hydraulic belt tensioner should be candidates for tensioner replacement. Inspect the hydraulic belt tensioner for the Julian date. It may be necessary to use a flashlight and mirror to see the Julian date. If the Julian date on the tensioner is 15.08.19, replace the tensioner with P/N 05281590AB. If the Julian date is other than 15.08.19, follow normal diagnostics to determine the issue.
Advics adds 62 SKUs to disc brake pad line Advics is adding 62 SKUs to its line of ultrapremium disc brake pads, which significantly boosts the company’s coverage of all late model Japanese and Korean vehicles. In addition to adding coverage for vehicles that were not already in the company’s portfolio, it also is expanding its current offering by matching front pads with rears. This product line expansion demonstrates the company’s continued commitment to technology and developing products for the entire brake system. Additionally, all of the new applications have been engineered to meet or exceed OE standards for durability and performance. Advics ultra-premium brake pads are made from certified “high carbon” and use OE-quality precision machining to achieve tight, precise tolerances, maximum friction reduction and heat diffusion, according to Advics officials.
ADVICS WWW.ADVICSAFTERMARKET.COM
Mevotech offers upgraded control arm bushing Mevotech has released an upgraded spherical control arm bushing for popular 2019-2011 Ford and Lincoln vehicles. The rear upper control arm on these vehicles feature a “block type” rearward bushing. The OE style bushings use a plastic bearing, which may quickly deform while under constant loading forces. The MS404320 replaces the with a spherical greaseable sintered metal bearing engineered to extend the part’s service life. Additionally, a spherical stud is used for full range of motion and the housing is converted from a lightweight aluminum to full steel forging. These improvements increase durability and create a part build to perform. All fastenings and hardware are included to eliminate installation headaches. The MS404320 covers 2019-2011 Ford and Lincoln passenger and SUV vehicles with a North American VIO of over 2.4 million.
MEVOTECH WWW.MEVOTECH.COM
Continental TPMS tool offers universal help The new Autodiagnos TPMS D tool from Continental can read and diagnose all original equipment and 20 aftermarket tire pressure monitoring system sensors. According to Continental, the tool also performs relearns on 98.6% of all domestic, European and Asian vehicles.The TPMS D can program sensors from historical data and features an OBD II mode that streamlines relearns for all of a vehicle’s sensors in less than two minutes. In addition, the tool has a built-in vehicle identification number scanner “for faster look-ups and can download the latest vehicle applications.”
CONTINENTAL COMMERCIAL VEHICLES AND SERVICES WWW.AUTODIAGNOSTPMS.COM
Lumileds rolls out Ultinon Essential LED fog light bulbs Lumileds’ new Philips Ultinon Essential LED fog light bulbs serve as direct replacements for conventional halogen fog light bulbs, producing a powerful white light for enhanced visibility. Specifically, Ultinon Essential LED fog light bulbs are a direct replacement for conventional H7, H8, H11, H16, 9006, 9145, and PS24W fog light bulbs. A compact design makes for easy installation in cars, SUVs, vans, and light trucks. The bulbs offer performance and style by giving the vehicle a modern, high-end look and they put out a powerful white light that helps drivers see and be seen. The bulbs are compatible with 12V and 24V systems and will be available during the first quarter of 2021.
LUMILEDS LLC WWW.LUMILEDS.COM
Four Seasons motor resistor kits are self-contained Due to its confined location, blower motor replacement can be a time consuming and difficult process. Oftentimes, an undiagnosed resistor may be the root cause, resulting in an incomplete repair. Four Seasons has introduced motor resistor kits featuring a quality direct-fit blower motor, resistor and harness connector in a single carton. The kits are application-specific and are designed to reduce warranty by providing all of the electrical components that commonly fail together when replacing a blower motor. Four Seasons Motor Resistor Kits contain all the necessary components for a successful, long lasting repair.
FOUR SEASONS WWW.4S.COM
Bosch recalibration system services ADAS-equipped cars Bosch has unveiled a new recalibration system, the DAS 3000, which is designed for repairing current and future advanced driver assistance systems (ADAS). The DAS 3000 gives technicians the ability to calibrate ADAS technology from the most popular OEMs, like General Motors, Ford, Toyota and Volkswagen. The system includes 13 camera targets that align each camera; a radar board for sensor recalibration; distance and wheel hub alignment markers; and Bosch’s ADAS Positioning System, which utilizes technology and industrial-grade vision cameras to measure the distance and angles of the fixture, in relation to the vehicle, providing the most precise measurements ensuring the exact target positioning required for the most accurate calibration; and more. In addition, the DAS 3000 comes with the Bosch ADS 625 scan tool, plus the Bosch SCT 815 radar reflector.
BOSCH WWW.BOSCHDIAGNOSTICS.COM
Instant information from ASP advertisers AD INDEX
You’re mere seconds away from receiving free product information. Just go to the website(s) listed to the right of each advertiser below and you’re there! Instant product information at your fingertips.
Advertiser
Aftermarket Auto Parts Alliance Inc.
Page
IFC
Website
www.myplace4parts.com
AUTEL
COAST Products
Continental Automotive Systems Inc.
CRP/AAE Steering Specialists
Monroe Shocks & Struts
NAPA Auto Parts
Permatex
PGM Recovery Systems
Porsche Classic Genuine Parts
TechForce Foundation 5, 23, 31
9, IBC
17
17
15
IBC
35
37
19, 21
7 www.autel.com
www.coastportland.com
www.autodiagnostpms.com
www.aaesteering.com
www.monroe.com
www.napaonline.com
www.permatex.com
www.pgmrecoverysystems.com
www.porsche.com
www.techforce.org
MORE PARTS FOR MORE CARS
