SFD

From Ross-Tech Wiki

Schutz der Fahrzeugdiagnose (SFD)

Schutz der Fahrzeugdiagnose (SFD) aka. Protection of Vehicle Diagnostics (PVD) replaces the existing Login & Security Access functionality, which means it doesn't interfere with basic functions like reading Control Module Identification or Event and Diagnostic Trouble Codes (DTC's) or Measuring Values.

Advanced functions like Coding, Adaptation, Basic Settings and/or Output Test may be limited and require a SFD unlock. SFD appeared first in MY 2020 and was at first limited to newly introduced Models and/or Control Modules. You will see Vehicles with individual Control Modules using classic Login/Security Access protections and other Control Modules in the same Vehicle using the newer SFD protection.

An Auto-Scan with VCDS will show you if a specific control module requires SFD unlocks to perform certain functions via an addition/suffix of "SFD" to the VCID line. 

  Address 09: Cent. Elect. (J519)
  Part No SW: 1EE 937 089 D    HW: 1EE 937 089
  Component: SAM_H         H08 0530
  ASAM Dataset: EV_SAMVW31x 005001
  VCID: 43DB1062BB164BA2C69-8016 SFD

Schutz der Fahrzeugdiagnose 2 (SFD2)

SFD2 does NOT replace the aforementioned SFD. Instead it is meant as an extension for the original SFD functionality in order to secure Control Modules against unauthorized manipulation (by law). This is primarily aimed at driver assistance systems, autonomous driving, software updates and cyber security in general (i.e. UNECE R 155 and/or UNECE R 156).

The vehicle manufacturer has to ensure that all modifications must be factory authorized, resulting in functions like Coding and Adaptation, as well as Updates etc. only being possible when digitally and cryptographically signed.

This limitation does not apply to most service related functions like Service Reset, Particle Filter Regeneration, Brake Pad Replacements or other typical workshop jobs, as these can still be performed after a regular SFD unlock. SFD2 does however limit/prevent most retrofits and similar efforts to enable functions not available from factory.

An Auto-Scan with VCDS will show you if a specific control module requires SFD2 signed messages to perform certain functions via an addition/suffix of "SFD2" to the VCID line: 

  Address 19: CAN Gateway (J533)
  Part No SW: 1EE 937 012 D    HW: 1EE 937 012
  Component: ICAS1 Host-SG 021 0411
  ASAM Dataset: EV_GatewICAS1MEBUNECE 001013
  VCID: 353F7EBAE5C2E51278D-8060 SFD+SFD2

Diagnostic Firewall & Diagnostic Filter

Even before SFD and SFD2 unauthorized access and/or modifications were prevented by a diagnostic firewall, which required you to open the hood prior to having full access to control module functions. We recommend to open the hood on all MY 2015 and newer before you perform any diagnostic work to ensure the diagnostic firewall is deactivated.

Newer models still have this diagnostic firewall but in addition may have diagnostic filter blocking diagnostic access to control modules entirely. VCDS uses a workaround to access these control modules but may be in Restricted (read-only) mode, preventing most advanced functions like Coding, Adaptation, Basic Settings and/or Output Test etc.

An Auto-Scan with VCDS will show you if Restricted mode is active via an addition/suffix of "-R" to the VCID line for each control module: 

  Address 06: Seat Mem. Pass (J521)
  Part No SW: 1N3 959 760 H    HW: 1N3 959 760 H
  Component: MEM-BFS       011 0571
  Coding: 0118BA4000012A008803010101010000000000000000000000000000211000
  ASAM Dataset: EV_SCMPasseSideCONTIAU736 006013
  VCID: 3E2D6196D0F4264AA97-806A-R

An Auto-Scan with VCDS can show you in the VCID line combinations of "-R" and SFD and SFD2 at the same time: 

  Address 08: Auto HVAC (J979)
  Part No SW: 1EE 907 007 B    HW: 1EE 907 007 B
  Component: Climatronic   H01 0146 
  Coding: 60202224A010120001100010110001102000103111101101000000000000
  ASAM Dataset: EV_ACClimaBHBE3ADV 002032
  VCID: 343943BEEEB8FC1A4F3-8060-R SFD+SFD2

Unlocking Schutz der Fahrzeugdiagnose (SFD)

While we are working on automating the unlock process, VCDS already does support the unlock and re-lock procedure using offline unlock tokens.

The following steps are recommended if you are working on SFD protected vehicles...

  1. Determine which control modules you need to work on, for example:
    • Brake Electronics for Parking Brake related work
    • Information Electronics for Service Reset
  3. Determine if the diagnostic firewall was deactivated when opening the hood. This can be done by connecting to "Diagnostic Interface for Databus / Gateway" (#19) and viewing Diagnostic filter Advanced Measuring Values. Results that look like this confirm you do NOT need to unlock address 19 prior to making changes in other control modules:
    • IDE13754-MAS16867 Diagnostic filter: status-Reason for deactivation hood open
    • IDE13754-MAS16875 Diagnostic filter: status-Filter status Filter is not active
    In this case you can skip steps 3 and 4. The Diagnostic Firewall is already disabled.
    If the status is Filter active you will need to retrieve a Challenge/Token for "Diagnostic Interface for Databus / Gateway" (#19) and all additional SFD protected control modules you need to work on. Those results would look like this:
    • IDE13754-IDE04447 Diagnosis filter: status-Function status Function active: SFD protected
    • IDE13754-MAS16875 Diagnosis filter: status-Filter status Filter active
    In this case you must use steps 3 and 4. The Diagnostic Firewall is active.
  5. SFD unlock the "Diagnostic Interface for Databus / Gateway" (#19) and verify the following Measuring Value shows a non-zero number of minutes:
    • MAS18157-MAS18164 SFD activated status-Duration of vehicle diagnostic to be protected 89 minutes (this counts down to zero and then SFD is locked again automatically)
  6. Disable the Diagnostic Filter in the "Diagnostic Interface for Databus / Gateway" (#19) (usually Adaptation channel IDE16611-Diagnosis filter: temporary deactivation adapted from active to not active) and check the following Measuring Value:
    • IDE13754-MAS16866 Diagnosis filter: status-Odometer 20 km (this counts down from 20 km to zero and then the filter is locked again automatically)
  7. SFD unlock (all) additional SFD protected control modules you plan to work on.

Frequently Asked Questions

  1. Can SFD and/or SFD2 be (permanently) disabled?
    No, neither VCDS nor ODIS can disable SFD and/or SFD2 permanently.
  3. Will VCDS have SFD unlocking built-in at some point?
    While we are already working with Volkswagen to certify our implementation, we cannot provide a specific release date yet.
  5. While an automated/built-in unlock isn't released yet, can Ross-Tech provide offline unlock tokens for SFD?
    No, but they can be obtained for example from one of our distributors. Some markets/regions/countries (i.e. China) may be excluded from this offer.
  7. How to determine if a vehicles has SFD/SFD2 without an Auto-Scan?
    You may see references to PR-Codes like PR-NI0/NI1/NI7/NI8/NI9 which do indicate that a vehicle conforms with the requirements for the specific market it was build for. With PR-NI1/NI7/NI8/NI9 you can expect some/all Control Modules to be SFD2 locked. There are no production/build codes that do show if a vehicle requires SFD unlocks.
  9. Does SFD/SFD2 only apply to UNECE Regions/Countries?
    SFD applies to Audi, Bentley, Bugatti, CUPRA, MAN, SEAT, Skoda, Volkswagen and Volkswagen Commercial models starting with MY 2020/2021 (exact introduction dates differ from model to model), no matter which Region/Country the vehicle was produced for. While SFD2 is related to UNECE R 155/156, it is also rolled out in non-UNECE Regions/Countries.
Retrieved from "https://wiki.ross-tech.com/wiki/index.php?title=SFD&oldid=9759"