As we reach the beginning of the end for the OBD connector, the future of vehicle diagnostics becomes uncertain. Neil Pattemore discusses the challenges posed to the aftermarket by vehicle manufacturers and suggests how these challenges can be met in order to maintain a level playing field.
The old saying, ‘you will miss it when it’s gone’, is coming to fruition. The first vehicles with restricted OBD connector access have hit the market. This access is now limited to emissions related-data and diagnostic trouble codes (DTCs) only. Perhaps surprisingly, this is legally possible, as although the basis for the beloved, standardised on-board diagnostic (OBD) connector is contained in European legislation (Euro 5 – (EU) No. 715/2007), which is in turn referenced back to UNECE vehicle type approval requirements for both cars and trucks (UNEC Regulations 83 and 49 respectively), these type approval regulations stipulate the physical connector, pin assignment, emissions-related data and communication protocols, but mandate nothing more.
These new vehicles – currently the FIAT 500L, 500X, Doblo and S Class Mercedes, as well as likely including other Mercedes, BMW and VW models later on – still have an OBD connector, but when you connect your multi-brand diagnostic tool, only emissions data is accessible. FIAT has recognised that access to more vehicle functions and data is necessary, so has therefore provided a system that generates a certificate which will provide access. However, this process is only possible once you have registered your details with FIAT and are using its dedicated WiTECH 2 diagnostic tool. Not only are you potentially telling one of your biggest competitors who you are and what vehicles you are working on, but you will have to buy its tool to allow you to work on said vehicles.
There are two elements that pose a threat to the aftermarket (specifically relating to FIAT/Chrysler vehicles). Firstly, there is the manufacturers’ ability to legally restrict access to vehicle data. Secondly, there’s the continued development of the ‘connected car’ automated vehicle control systems cooperative intelligent transport systems and, ultimately, the fully autonomous vehicle is also restricting aftermarket access. The secure exchange of data with the vehicle is a fundamental pre-requisite, but this should not be at the expense of competitive services that support consumer choice.
If you look at the FIAT diagnostic process, not only does it require registration, but it also imposes the use of the FIAT WiTECH 2 cloud based application on a specific vehicle, at a specific time, with limited duration of the certificate validity. Existing diagnostic tool manufacturers will not be able to conduct reverse engineering – a perfectly legal process, used to create their own diagnostic test routines. Even if tool manufacturers can buy diagnostic data from a vehicle manufacturer and implement it into their multi-brand diagnostic tool, when connected to the vehicle it would not be able to generate a certificate, or use a certificate already generated by the FIAT WiTECH 2 system.
Now consider this after being extrapolated across all vehicle manufacturers; the need to buy diagnostic tools from every vehicle manufacturer is not an attractive proposition for independent workshops, even before you start to add in the annual update costs and the multiplicity of registration processes, certificate requests and (potentially) the restricted access that this may still impose. For example, it is being proposed that certificates would be issued for each system on a specific vehicle, so if you are working on the brakes and now need to work on the engine… voila, two certificates are needed and they may not be free of charge! It is also being proposed that the data needed for testing of electronic systems as part of the future MOT test will be defined and controlled through the use of one or more certificates.
So, what is the way forward? Firstly, the implementation of the FIAT certificate process almost certainly introduces some ‘non-compliances’ with existing Euro 5 legislation, which will need to be challenged at a European level, but also there is a need to look at the wider picture and the core principle of using certificates. There are several ‘cascading’ elements defining when a certificate may be required – it isn’t necessarily every time a diagnostic tool is connected to a vehicle, and even when something is connected, it should then depend on what data or functions need to be accessed. For example, connecting a diagnostic tool in the workshop with the engine off/ignition on and the vehicle stationary should not require a certificate to read data or a trouble code. However, when the same circumstances exist, but the technician wants to re-flash the ECU of a safety relevant system (e.g. ABS), then a certificate may be appropriate.
Further security considerations are introduced depending on when a vehicle is being driven. Even though a diagnostic tool or plug-in device monitors some ‘read-only’ data and may seem innocuous, it still needs to be designed in such a way that its requests for data are not so frequent that it could overload the CANBus and cause a vehicle operation problem. Perhaps, in such cases, the certificate should be more about the verification of the design functionality of the device, rather than an access control function. When it comes to controlling the function of the vehicle’s safety system whilst the vehicle is being driven, it is intended that this will be possible as part of the ITS functionality, but using a tightly controlled certificate system. Ultimately, it is clear that certificates can provide the required level of safety and security of as part of the ‘inherent security of the vehicle by design’. What is also clear is that if certificates are going to become a future requirement for accessing a vehicle and its data, then the procedure for accessing and using them is going to need legislative control to ensure continued ‘access all areas’ in support of undistorted competition and consumer choice.