I. Introduction

Numerous incidents of attacks on automotive cyber security have been reported. These examples use a wide range of attack surfaces as a stepping stone, such as direct attacks on the automobile’s controller area network (CAN), remote attacks using IT-based communication, and attacks using external entities, such as servers or smartphones. In examining these various attack surfaces, particularly attacks on or analyses of a vehicle’s CAN, the automobile’s diagnostic functions are usually targeted. Many of the electronic control units (ECUs) on board of automobiles for sale use the Unified Diagnostic Services (UDS) protocol [1] or the Keyword Protocol 2000 (KWP2000) [2] for offering diagnostic services through a CAN to calibrate the ECU, run operation tests, or read or delete diagnostic trouble codes (DTCs). Because diagnostic functions write to the internal memory and protect access to crucial functions, such as reprogramming routine processing, security access services are usually in-built in many ECUs. However, only challenge-response authentications are defined as security access services. Considering communication interceptions and falsifications, a separate security function needs to be implemented. In addition, the key calculation algorithms and methods for generating the seed value in the security access service’s challenge-response authentication are not defined under the UDS or KWP2000 protocols, and therefore vary according to the installation and packaging. Moreover, when there are defects in the implementation of the security access service, attackers may be granted access to crucial safeguarded functions, leading to falsification of the ECU or unauthorized control.