Formal Security Analysis of Vehicle Diagnostic Protocols

Diagnostic protocols for vehicles are important for maintenance, updates, etc. However, if they are not secure, an attacker can use them as an entry point to the vehicle or even directly access critical functionality. In this paper, we discuss the security of the vehicle diagnostics protocols Diagnostics over IP (DoIP) and Unified Diagnostic Services (UDS). For UDS, we provide a formal analysis of the included security protocols SecurityAccess service and the different variants of the new Authentication service introduced in the year 2020. We present two new vulnerabilities, we identified in our analyses, describe how they can be mitigated and formally verify our mitigations. Furthermore, we give recommendations on how to securely implement UDS and how future standards can be improved.