Many motor vehicles are fitted with an electronic engine management system which controls the operation of the engine. The engine management system, and the control routines of that system, typically include on board diagnostics by which the engine management system is able to assess the performance of the engine against certain criteria. One of the most important criteria is the emissions from the engine, and legislators have for many years required vehicle manufactures to provide on board diagnostics (“OBD”), and also to provide a port by which a computer or other external device may be connected to the engine management system in order to access the engine management system.
The computer or other external device will typically be equipped with off board tools which can interrogate the on board diagnostics systems in order to retrieve fault codes, obtain live information and set (or reset) calibration values. The off board tools can therefore assess the immediate and long-term performance of the engine against particular criteria, including emissions.
The possession of an external device equipped with the necessary off board tools was originally limited to authorised specialists, for example authorised vehicle dealers equipped to service the vehicles of one or more manufacturers. Nowadays, however, there is an increasingly active independent sector and the availability of external devices able to access the OBD port, and the availability of the necessary off board tools to access the OBD systems, is becoming increasingly widespread.
Notwithstanding the original intention to provide an OBD port for locating and alleviating emissions faults, as the number of electronic systems on motor vehicles has increased the vehicle manufacturers have come to use the OBD port to access other information about the vehicle. The OBD system is therefore used by certain manufacturers to store information concerning the operation of an anti-lock braking system and a stability control system, for example.
Many vehicles have electronic vehicle management systems in addition to the engine management system, and the OBD system has been expanded to enable the OBD port to be used to allow off board tools to interrogate many different electronics systems of the vehicle, and to correct or re-calibrate those systems if required.
One such electronic system is the vehicle's immobiliser control system. Many modern cars have mechanical keys fitted with a transponder which can communicate with the vehicle's immobiliser control system, while others have a “keyless” system which avoids the requirement for a mechanical key. In both cases the immobiliser control system allows the vehicle to start only if a key having the correct identifier is present. Many vehicle manufacturers supply a vehicle with two (or perhaps more) keys and each key will have a different (and ideally unique) identifier. The immobiliser control system will store a record of the identifiers of all of the keys which are authorised to start the vehicle.
In case a key is lost or damaged, however, it is necessary that the vehicle's immobiliser control system can be accessed and re-programmed to accept the identifier of one or more replacement keys. In most vehicles this access is by way of the OBD port. Therefore, when a key is lost or damaged an external device equipped with the necessary off board tool to reprogram the immobiliser control system is connected to the vehicle by way of the OBD port.
This system is open to mis-use, however, in that the immobiliser control system can be re-programmed as a means to steal the motor vehicle. Thus, provided that access can be gained to the OBD port, and the necessary off board tool is available, the immobiliser control system can be re-programmed to accept a new key (which is in the possession of an intending thief). As the availability of external devices to access the OBD port and the necessary off board tools increases, many are finding their way into the hands of unscrupulous individuals willing to adopt this method of vehicle theft.
In order to access the OBD port it is necessary to obtain entry to the vehicle. The vehicle owner may willingly allow access to the vehicle for valet parking for example, including long-term parking at airports and the like where the vehicle is legitimately driven by a third party. Also, access to a rental vehicle may be given to many individuals. Furthermore, a damaged vehicle may be given to a repairer who necessarily needs access to the vehicle.
Unauthorised entry into a vehicle may also be obtained, enabling access to the OBD port. For example, a vehicle owner may not lock a vehicle when it is stored in a private garage, and an intending thief may be able to obtain access to a locked garage and subsequently to the unlocked vehicle. It is also known that the security systems of some (locked) vehicles permit a window to be broken and the OBD port to be accessed without triggering the alarm.
It will be understood that a motor vehicle offering “keyless” operation (for which it is necessary only to bring the key within range of the vehicle for the immobiliser to be deactivated) are at the greatest risk from unauthorised access to the OBD port, but even a vehicle which requires a mechanical key will be vulnerable to attack, and once the immobiliser has been overcome the intending thief can seek to overcome the limited protection offered by the mechanical key.
Once the immobiliser control system has been re-programmed the vehicle will accept the identifier of the new key at any time, and an intending thief can locate and steal the vehicle at any subsequent time, i.e. if the thief has temporary access to the vehicle for valet parking, for example, he or she will likely steal the vehicle only after it has been returned to the owner.