Vehicle Network Securities

Vehicle technology continues to emerge which brings a tremendous amount of convenience features, safety products and efficient engines for the consumers, but it does come at a cost and that cost is usually at the technician’s expense. As if, diagnosing problems within those systems isn’t difficult enough, we now have challenges even accessing the network.

You may remember a few years ago when two hackers gained controlled over a Jeep Grand Cherokee’s network which allowed them to take control the HVAC system, the radio, and even the throttle. This exercise albeit somewhat controlled, sent shock waves throughout the industry. In response to this, FCA created a Secure Gateway to protect the network starting in model year 2018. Since then, other manufactures have implemented Secure Gateways and other practices to reduce or eliminate the ability to be hacked.

This Secure Gateway acts as a firewall to protect the vehicle’s network from unauthorized access. With the majority of the vehicle’s modules placed behind this firewall, an unauthorized scan tool can only view information as it is only given passive access. This means that you are unable to do any bi-directional task such as module resets, relearns, special functions, or even clearing DTC’s.

In response to the challenges the aftermarket faces, there has been some progress. The OEMs have partnered with specific authentication companies to ensure that the scan tool will not corrupt the network and in some cases the OE is requiring the authentication of the technicians. This challenge of authentication is not only in the aftermarket but even at the dealerships. I know that seems like a daunting task but the procedures in place are designed to be quick so you see very little technician downtime.

So what does this mean for you and your shop? Of course, this is a difficult question to answer because it depends on how many technicians, number of locations and your mix of service. One of the first steps you may want to take is to talk to your scan tool provider. They may be able to help clear up some of the confusion around which authentication companies are working with which OEM’s. You also need to ensure that your scan tool has the functionality to access the gateway with authenticators. Secondly, but maybe more importantly you should look at your training protocols to ensure only qualified technicians have access to the gateway. Validating technicians is required by some OE’s and is the only way to ensure we can maintain the integrity of the network. This may go above technical skill and may require a background check. The National Automotive Task Force (NASTF) has a number of resources to ensure you and your shop are compliant with the OEMs.

Lastly, the shop should look at its own network. Is your scan tool connected to Wi-Fi? If so, ensure the Wi-Fi is secured. This is an important step because a hacker may be able to go through your Wi-Fi to connect to the vehicle via the scan tool. If you have a customer network, it’s best to not have anything else connected to it. You may want to think about a standalone network for any shop equipment that requires internet access.

There is no doubt, vehicle complexity will not be slowing and it will be up to us to stay up to date with technology, training, and equipment.