As vehicles become increasingly sophisticated and connected, cybersecurity has become a top priority for auto manufacturers. One significant innovation in this domain is the implementation of security gateways, or SGWs, within vehicles. While these gateways serve the critical purpose of protecting vehicles from cyber threats, which you might have heard about in media headlines, they have also introduced challenges for the aftermarket repair industry. This has sparked debate over the balance between cybersecurity and the right to repair.

Why Security Gateways Were Introduced

Security gateways were designed to address a growing concern: the vulnerability of connected vehicles to cyberattacks. Modern cars are equipped with complex networks of electronic control units (ECUs) responsible for everything from engine performance to advanced driver-assistance systems (ADAS). These systems are interconnected and increasingly exposed to external threats through telematics, over-the-air updates, and even physical access points like the Onboard Diagnostics (OBD-II) port. If a bad actor gains control of the ECU, they can potentially impose great dangers.

By introducing security gateways, manufacturers aim to:

1. Prevent Unauthorized Access: SGWs block unapproved attempts to access the vehicle’s systems, protecting sensitive data and ensuring that only authorized tools can interact with the ECUs.
2. Introduce an Extra Layer of Security: Hackers attempting to exploit vulnerabilities in vehicle software have to bypass the additional layer of protection provided by SGWs.
3. Ensure Data Integrity: Security gateways protect critical operations, such as coding, calibrations, and active tests, from being altered or compromised by unauthorized entities.
4. Maintain Control Over Third-Party Tools: Only authorized and reputable aftermarket diagnostic tool brands should be able to access the vehicle's ECU.

The Aftermarket Dilemma

While the intention behind security gateways makes sense, their implementation has had unintended consequences for the automotive aftermarket. Independent repair shops and technicians now face significant hurdles when servicing vehicles equipped with SGWs. These barriers include restricted access to key diagnostic functions, increased dependency on original equipment manufacturer (OEM) tools, and additional costs associated with obtaining authorized access.

For example, many late-model vehicles from brands like Volkswagen, Audi, Mercedes-Benz, and Stellantis have security gateways that block aftermarket diagnostic tools from performing essential functions, such as:

• Clearing diagnostic trouble codes
• Executing bi-directional controls
• Coding and adapting vehicle modules

This restriction forces technicians to rely on expensive OEM tools, which can be a significant financial burden for smaller repair shops. It also raises questions about consumer rights and the broader “right to repair” movement, which advocates for fair access to repair tools and information.

Autel’s Role in Bridging the Gap

Recognizing the challenges faced by the aftermarket, companies like Autel have stepped up to negotiate access to security gateways. Autel has become a trailblazer in this space, achieving certifications for SGW access across multiple manufacturers:

• Mercedes-Benz: Autel users can now clear codes, perform ADAS calibrations, execute active tests, and more on SGW-equipped vehicles, thanks to certification by the Auto Authentication Authority (AutoAuth).
• Nissan and Stellantis: Autel tablets provide secure access to Dodge, Chrysler, Jeep, Ram, Alfa Romeo, Maserati, and Fiat vehicles via AutoAuth.
• Volkswagen and Audi: Autel negotiated with the Volkswagen/Audi Group to enable its tablets to access the Schutz Fahrzeug Diagnose (SFD) gateway, allowing technicians to perform bi-directional controls, parameter adjustments, and sensor relearns. Users can purchase 24-hour or annual access directly through the tablet.

These partnerships highlight the importance of collaboration between OEMs and aftermarket toolmakers to ensure that authorized repair professionals can continue to service vehicles efficiently and effectively.

How to Access Auto-Auth

To access AutoAuth on Autel tablets, users must first register an account on the AutoAuth website, purchase a subscription, and add their Autel device by selecting the manufacturer and entering the serial number. Once registered, the tablet must be connected to the vehicle, and during diagnostics, users should select "North America access via AutoAuth" and log in with their credentials to unlock the Secure Gateway Module (SGM). This enables full diagnostic capabilities, including code clearing, active tests, and relearns on FCA vehicles. Compatible Autel tablets include the MK808, MS906, MS909, MS919, Elite, IM608, Ultra series, and more.

This functionality requires an active Autel subscription. If you need one, check out https://adasdepot.com/software-upgrades-and-subscriptions/autel/

The Road Ahead: Finding a Balance

The implementation of security gateways highlights a critical tension in the automotive industry: the need to protect vehicles from cyber threats while ensuring that independent repair shops and technicians can access the tools they need. As the debate around the right to repair gains momentum, it is essential to:

1. Promote Collaboration: Manufacturers and aftermarket toolmakers must work together to establish secure yet accessible solutions for vehicle diagnostics and repair.
2. Adopt Fair Practices: Access to security gateways should be affordable and straightforward for authorized repair professionals, ensuring a level playing field.
3. Educate Stakeholders: Consumers, technicians, and legislators must understand the implications of security gateways on repairability and advocate for balanced policies.

By striking the right balance between security and accessibility, the automotive industry can ensure that vehicles remain safe from cyber threats without undermining the rights of repair professionals and consumers.