ISO 13400-2:2019 pdf free download – Road vehicles一Diagnostic communication over Internet Protocol (DoIP) – Part 2: Transport protocol and network layer services.
6.2.5 Secured (TLS) DoIP session
For a secured TCP connection, the TLS dedicated TCP_DATA port is used. As for the unsecured DoIP session case, the first step in order to initiate a secure TLS connection between the client DoIP entity and the DoIP entity, is to open a TLS socket (destination port is TLS TCP_DATA). This is done prior to any message exchange. Therefore, a DoIP entity provides the resources to handle the incoming communication request (e.g. socket resources). The DoIP entity provides sufficient resources to handle the specified number of concurrently supported DoIP sessions secured with TLS (
Once a socket is established, the TLS protocol specific handshake initializing steps is performed by the client DoIP entity and the DoIP entity. After the TLS handshake is successfully completed, all subsequent messages are exchanged through this TLS TCP_DATA socket (e.g. routing activation and DolP diagnostic messages).
Figure 6 shows the DoIP session secured with TLS example.
6.3.2 Multiple vehicles in a single network
This subclause gives an example of a sequence by which the external client DoIP entity may be able to identify and group server DoIP entities of all connected vehicles within a network.
Figure 7 shows an example of a simplified identification sequence performed by the client DoIP entity.
When a vehicle is connected to the DoIP network and the IP address allocation is completed (see
Figure 5), the DoIP entities send out vehicle announcements after waiting for A_DoI P_Announce_Wait.
If the client DoIP entity is connected to the DoIP network at a later time, it should trigger vehicle announcement/identification responses by sending a broadcast vehicle identification request.
The server DoIP entities in all vehicles respond to a vehicle identification request within A_DoIP_Ctrl.
If a vehicle announcement/vehicle identification is received by the client DoIP entity and contains a VIN/ GID synchronization status incomplete message (1016), meaning that the VIN or GID is not synchronized with all server DoIP entities in the vehicle, the client DoIP entity starts a vehicle discovery timer for this vehicle (identified by the VIN/GID given by the VIN/GID master in its vehicle announcement/vehicle identification response).
This mechanism allows the VIN/GID master to notify the client DoIP entity when some entities need more time for VIN/GID synchronization. When the vehicle discovery timer expires, another vehicle identification request is sent to all those DoIP entities, which reported VIN/GID invalid in their initial vehicle announcement/identification responses.