ISO13400 DoIP Protocol: A Comprehensive Guide
Saravana Pandian Annamalai
CEO @ Embien Technologies | Automotive | Embedded
The automotive industry has been rapidly evolving, with advancements in technology revolutionizing the way vehicles are diagnosed and serviced. One such innovation is the Diagnostics Over Internet Protocol (DoIP), a communication protocol that enables seamless interaction between a vehicle's electronic control units (ECUs) and diagnostic instruments or remote service apps via IP networks. In this comprehensive guide, we will delve into the intricacies of the ISO13400 DoIP protocol, its significance in the automotive industry, packet structure, and the communication flow it facilitates. Let's explore the world of DoIP together.
Understanding the ISO13400 DoIP Protocol
The ISO13400 DoIP protocol is a standardized communication protocol used in the automotive industry for diagnostics and remote vehicle servicing. It serves as an alternative to the conventional approach of using the CAN interface with DoCAN (ISO 15765) over the CAN bus. The Unified Diagnostic Services (UDS) protocol, a mechanism for diagnosing each ECU present in a vehicle, is widely used for diagnostics. However, to leverage the advantages of Automotive Ethernet and TCP/IP protocols, the Diagnostics Over Internet Protocol (DoIP) was introduced. Standardized as ISO 13400, this protocol offers the same capabilities as DoCAN but with improved throughput, faster response times, and better reliability.
Importance of the ISO13400 Protocol
The ISO13400 DoIP protocol brings several important advantages to vehicle diagnostics and servicing. One significant benefit is faster data transfer rates, resulting in shorter diagnostic and servicing times. Unlike the limitations of the CAN interface, where large amounts of data need to be sent in segmented packets, DoIP can transfer huge data packets in a single network cycle. Moreover, ISO standardization ensures interoperability between various vehicle manufacturers and diagnostic equipment providers, making the protocol easier to apply across the industry. Additionally, DoIP incorporates precautions to prevent unauthorized access and data breaches, ensuring the confidentiality and privacy of vehicle data through secure TLS connections.
Automotive DoIP Protocol Packet Structure
The automotive DoIP protocol packet structure consists of four primary fields: Protocol Version, Inverse Protocol Version, Payload Type, and Payload Length. These fields provide crucial information about the packet and its payload.
The Protocol Version field specifies the version of the DoIP protocol being used, such as 0x01, 0x02, or 0x03. The Inverse Protocol Version field carries the bit inverted value of the Protocol Version, ensuring error-checking during transmission.
The Payload Type field, represented by two bytes, indicates the type of payload in the message. Multiple payload types are defined, including vehicle identification, diagnostic message delivery, and route activation.
The Payload Length field, represented by four bytes, specifies the length of the payload in bytes. It determines the number of data that follows the header section.
The DoIP Payload contains the actual data to be transmitted, such as diagnostic messages or control signals. The structure of the payload depends on the Payload Type specified in the header. Within the payload, the Identifier field is used to identify the sender and receiver of the message, providing Source Address and Target Address subfields.
Diagnostics Over Internet Protocol Ports and Payloads
The Diagnostics Over Internet Protocol specification defines specific ports for both UDP and TCP operations. These ports play a crucial role in establishing communication between the server and client.
The UDP_DISCOVERY port (port number 13400) is used for listening to incoming requests and commands. It can also function as the source port for broadcast packets. The UDP_TEST_EQUIPMENT_REQUEST port is dynamically assigned and serves as the transmission port for client messages or the destination port for server responses.
In the TCP_DATA port (port number 13400 or 3496 - Secured (TLS)), the server listens for incoming connection requests. The port can be used in both unsecured and secured (TLS) modes, depending on the level of encryption and authentication required.
The DoIP protocol encompasses various payload types, each serving a specific purpose. These payloads, along with their corresponding payload type names, ports, and protocols, are listed in the table below:
These payload types serve different purposes, such as vehicle identification, routing activation, alive check, and doip entity status, among others. They allow for efficient and effective communication between the server and client, ensuring the smooth flow of diagnostic processes.
Communication Flow in the ISO13400 Protocol
Understanding the communication flow in the ISO13400 protocol helps establish a clear picture of how various entities interact and exchange information.
Let's explore the step-by-step communication flow involved in establishing a connection between the user test equipment and the DoIP entity in the vehicle.
1.???????? Opening a UDP Socket: The initial step is to open a UDP socket with the destination port (13400). This socket allows communication between the client and server.
2.???????? Vehicle Identity Request: The client sends a vehicle identity request to the server DoIP, seeking information about the vehicle's identification. This request helps establish a connection between the client and the vehicle.
3.???????? Vehicle Identity Response: The server DoIP responds to the vehicle identity request by providing the necessary information, such as VIN (Vehicle Identification Number), GID (Global Identifier), EID (Entity Identifier), and logical address.
4.???????? Opening a TCP Connection: After receiving the vehicle identity response, the client opens a TCP connection over the TCP_DATA port. From this point forward, all further messages are exchanged via this TCP socket.
5.???????? Routing Activation Request: To enable routing on the initialized connection, the client sends a routing activation request message to the DoIP server. This request indicates the client's eligibility and the desire to activate routing.
6.???????? Routing Activation Response: If the client is eligible and there are fewer active connections registered, the server responds with a routing activation response. This response confirms that the routing has been successfully activated, allowing the client to send valid DoIP messages, such as diagnostic messages.
7.???????? DoIP Header Handler: The DoIP entity executes the DoIP header handler upon receiving any type of data. If the payload contains a diagnostic message (identified by payload type 0x8001 in the generic DoIP header), the diagnostic message handler is called to process the payload.
8.???????? Diagnostic Message Handler: The diagnostic message handler parses the received request, filters the required data for the UDS request based on the service ID and identification, and forwards it to the UDS protocol handler. This handler plays a crucial role in processing diagnostic requests and generating appropriate responses.
9.???????? Diagnostic Response: Once the diagnostic response is formed, the ECU transmits it to the user test equipment. This response contains the requested data or information related to the diagnostic process.
This communication flow ensures a seamless exchange of information between the client and server, allowing for effective diagnostic processes and troubleshooting.
Security in UDS over DoIP Protocol
With the increasing cybersecurity threats in the automotive industry, it is essential to protect vehicle systems from unauthorized access and ensure the safety and integrity of diagnostic operations. The ISO13400 DoIP protocol addresses these concerns by incorporating security measures at both the network layer and UDS application level.
Security in the Network Layer
Diagnostic communication using Transport Layer Security (TLS) allows for the establishment of an authenticated and encrypted communication channel between the client DoIP and the server DoIP. This secure diagnostic communication leverages the widely used TLS protocol for the transport channel, ensuring authenticity, integrity, and confidentiality.
Before the client DoIP and the server DoIP exchange DoIP messages over TLS, they negotiate a secured TCP connection through the TLS handshake process. During this handshake, the client and server agree on the TLS protocol version, choose a common cipher suite, verify certificates, and exchange session keys. Once the handshake is successfully completed, the diagnostic communication can commence on the secured environment.
Security in the UDS Protocol
Ensuring the identities of the diagnostic tool and the vehicle's ECUs is crucial for granting access to diagnostic services. The UDS protocol incorporates secure authentication mechanisms, such as certificates, keys, or other cryptographic methods, to verify the identities of the diagnostic tool and ECUs.
Two UDS services play a significant role in checking the identities of the diagnostic tool:
1.???????? Authentication (UDS Service 0x29): This service enables advanced authentication and authorization of a diagnostic tester to an ECU. It allows the client to authenticate its identity, granting access to restricted data and diagnostic services for security, emissions, or safety reasons.
2.???????? Security Access (UDS Service 0x27): The Security Access service enables customers to unlock restricted-access functions and services by using a key and seed. This traditional means of secure access ensures that only authorized diagnostic testers gain access to ECUs.
These security measures provide a robust framework for protecting vehicle systems from unauthorized access and maintaining the integrity of diagnostic operations.
Summary
Embien, a leading provider of automotive solutions, has developed its own RAPIDSEA ISO13400 DoIP stack. This stack allows developers and OEMs to quickly integrate the UDS stack onto various platforms, such as Linux, Android, Windows, and MCU-based bare metal environments.
In conclusion, the ISO13400 DoIP protocol is a critical component in the automotive industry, enabling efficient and secure communication between diagnostic tools and a vehicle's electronic systems. By leveraging the capabilities of Automotive Ethernet and TCP/IP protocols, DoIP offers improved throughput, faster response times, and enhanced reliability compared to traditional diagnostic methods. It plays a pivotal role in improving vehicle diagnostics, maintenance, and overall vehicle health, as well as enhancing the user experience with modern connected vehicle services.
References
?