On-board diagnostics (OBD) interfaces have been in cars for a long time, since 1996 in the United States. Typically, they are only used by service shops and car inspectors but there are also other uses for it. Since OBD-II is basically a serial port, the hardware needed to use it is simple and readily available. There are Bluetooth, Wi-Fi and USB adapters available for purchase from many manufactures.
For example, when we wanted to quickly demo our instrument cluster displays in the Martti automated driving development car by VTT Technical Research Centre of Finland, we used a Bluetooth OBD-II adapter instead of connecting to the car’s CAN bus. This way we saved a lot of time and wiring. In addition, we did not have to test so much the actual car, since OBD-II communication is somewhat standard, and were interested in speed and RPM at this point.
Keeping automotive security on top of mind, Link Motion’s carputer ensures the development of various application opportunities with OBD-II, such as collecting driving data
OBD-II communication is simple, in short sending “0100” to the car makes it to respond to what mode 01 parameters it supports, and sending for example “010D” is replied with the vehicle speed. An article in Wikipedia lists the generic modes and parameters. Since OBD-II is mandatory in passenger cars, this method works almost worldwide for every brand and model.
There are Android and iOS OBD-II applications that provide instrumentation and even some basic fault code reading and clearing, though some of the functionality is brand- and model-specific. Naturally, car manufactures have not published their own additions to the standard communication in fear of unwanted use, as there is no security in the OBD-II standard. Android Auto and Apple CarPlay are also providing car interface and applications, but they are more focused on the entertainment, navigation and telecommunication areas.
All these ways of interfacing with the car also provide an attack point, and with the arrival of autonomous driving, even more risks. Here at Link Motion we are using sandboxing to prevent unauthorized access to the vehicles’ systems. So even if unauthorized messages or even access is reaching one level, it cannot reach the more critical areas. Even though car manufactures are not publishing their own additions, there is still a lot potential for all kind of applications. Even just collecting the driving data and providing some statistics would be beneficial to the owner, maybe also cloud support and data analytics – there are several possibilities.