ISO 26021-1:2022

INTERNATIONAL ISO
STANDARD 26021-1
Second edition
2022-02
Road vehicles — End-of-life activation
of in-vehicle pyrotechnic devices —
Part 1:
Application and communication
interface
Véhicules routiers — Activation de fin de vie des dispositifs
pyrotechniques embarqués —
Partie 1: Interface des couches application et communication
Reference number
© ISO 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .vii
Introduction .viii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Symbols and abbreviated terms.3
4.1 Symbols . 3
4.2 Abbreviated terms . 3
5 Conventions . 5
6 Basic principles and use cases overview . 5
6.1 Basic principles . 5
6.2 Use case groups and associated use cases . 6
7 Use cases definition (UC) . 7
7.1 UCG 1 – Perform communication interface discovery . 7
7.1.1 UC 1.1 – Discover DoCAN communication interface. 7
7.1.2 UC 1.2 – Discover DoIP communication interface. 7
7.2 UCG-2 – Perform authentication . 7
7.2.1 UC 2.1 – Perform PDT authentication . 7
7.2.2 UC 2.2 – Perform fixed-address PCU/PCU(s) authentication . 8
7.3 UCG 3 – Perform system initialisation (Sys-Init) . 8
7.3.1 UC 3.1 – Report PCU hardware deployment method . 8
7.3.2 UC 3.2 – Report number of PCU(s) . 9
7.3.3 UC 3.3 – Report address information of PCU(s) . 9
7.3.4 UC 3.4 – Report vehicle identification number . 9
7.3.5 UC 3.5 – Report dismantling documentation of PCU . 10
7.4 UCG 4 – Perform PCU initialisation (PCU-Init) . 10
7.4.1 UC 4.1 – Report PCU deployment loop identification table . 10
7.4.2 UC 4.2 – Initiate safetySystemDiagnosticSession . 11
7.4.3 UC 4.3 – Keep-alive safetySystemDiagnosticSession . 11
7.4.4 UC 4.4 – Unlock security of PCU .12
7.4.5 UC 4.5 – Execute PCU(s) scrapping program module loader .12
7.5 UCG 5 – Perform PCU and ACL sequence (PCU- and ACL-Scrapping) .13
7.5.1 UC 5.1 – Report ACL deployment sequence (ACL-Init) .13
7.5.2 UC 5.2 – Write dismantling documentation into PCU (Device-Deploy) .13
7.5.3 UC 5.3 – Perform ACL deployment confirmation sequence (Device-Deploy) . 14
7.5.4 UC 5.4 – Perform PCU pyrotechnic device scrapping via loop identification
(Device-Deploy) . 14
7.6 UCG 6 – Terminate PCU pyrotechnic device deployment (PCU-End) .15
7.6.1 UC 6.1 – Terminate PCU pyrotechnic device scrapping via communication
interface .15
7.6.2 UC 6.2 – Terminate PCU pyrotechnic device scrapping via ACL .15
8 Application (APP) .16
8.1 APP – Preconditions of end-of-life activation of pyrotechnic devices. 16
8.2 APP – Overview of end-of-life activation of pyrotechnic devices sequence . . 17
8.3 APP – Software provisions . 19
8.3.1 APP – Scrapping program module (SPM) . 19
8.3.2 APP – Scrapping program module loader (SPL) . 19
8.3.3 APP – PCU loop identification table . 19
8.4 APP – Mapping of use cases to requirements . 20
8.5 APP – Application timing definition . 21
8.6 APP – Discovery of communication interface (Com I/F-Discovery) .22
iii
8.6.1 APP – Overview of discovery of communication interface (Com-Discovery) .22
8.6.2 APP – Setup DoCAN communication interface .22
8.6.3 APP – Setup DoIP communication interface . 24
8.6.4 APP – Determination of DoCAN or DoIP communication interface in the
vehicle . 25
8.7 APP – Perform authentication – Optional (Sys-Auth) . 26
8.7.1 APP – Overview of the authentication – Optional (Sys-Auth) .26
8.7.2 APP – PDT authentication against fixed-address PCU – Optional (Sys-Auth) .26
8.7.3 APP – Fixed-address PCU authentication against PDT – Optional (Sys-Auth). 27
8.8 APP – Perform system initialisation (Sys-Init) . 27
8.8.1 APP – Overview of the system initialisation (Sys-Init) . 27
8.8.2 APP – Report PcuHardwareDeploymentMethod (Sys-Init).28
8.8.3 APP – Report number of PCUs (Sys-Init) .28
8.8.4 APP – Report DoCAN address information of PCUs (Sys-Init) .28
8.8.5 APP – Report DoIP address information of PCUs (Sys-Init) .30
8.8.6 APP – Report vehicle identification number (Sys-Init) . 31
8.8.7 APP – Report dismantling documentation of PCU (Sys-Init) . 31
8.9 APP – Perform PCU initialisation (PCU-Seq) . 31
8.9.1 APP – Overview of the PCU initialisation (PCU-Seq) . 31
8.9.2 APP – Report PCU deployment loop identification table (PCU-Seq) . 32
8.9.3 APP – Initiate safetySystemDiagnosticSession (PCU-Seq) .33
8.9.4 APP – Keep-alive safetySystemDiagnosticSession (PCU-Seq) .33
8.9.5 APP – Unlock security of PCU (PCU-Seq) . 33
8.9.6 APP – Execute PCU scrapping program module loader (PCU-Seq) .33
8.10 APP – Perform PCU and ACL scrapping (Device-Deploy) .34
8.10.1 APP – Overview of the PCU- and ACL-Scrapping (Device-Deploy) .34
8.10.2 APP – Report ACL deployment sequence (ACL-Prep) .34
8.10.3 APP – Write dismantling documentation into PCU (Device-Deploy) . 35
8.10.4 APP – Confirm ACL deployment sequence (Device-Deploy) . 35
8.10.5 APP – Perform device scrapping (Device-Deploy) . 35
8.10.6 APP – Evaluation of device scrapping (Device-Deploy) . 35
8.10.7 APP – Next pyrotechnic device (Device-Deploy) .36
8.11 APP – Terminate PCU and ACL pyrotechnic device deployment (PCU-End) .36
8.11.1 APP – Overview of the PCU- and ACL-Termination (PCU-End) .36
8.11.2 APP – Terminate PCU pyrotechnic device scrapping (PCU-End) .36
8.11.3 APP – Terminate PCU pyrotechnic device scrapping via ACL (PCU-End) . 37
8.12 APP – Terminate system deployment (Sys-End) . 37
9 Service interface (SI) definition between application and OSI layers .37
9.1 SI — A_Data.req, A_Data.ind, and A_Data.conf service interface (SI) . 37
9.2 SI — A_Data.req, A_Data.ind, and A_Data.conf service interface (SI) parameter
mapping .38
9.3 Service interface parameters (SIP) . 39
9.3.1 SIP – General .39
9.3.2 SIP – Data type definitions .39
9.3.3 SIP – Mtype, message type .39
9.3.4 SIP – TAtype, target address type .39
9.3.5 SIP – AE, address extension .39
9.3.6 SIP – TA, target address . 39
9.3.7 SIP – SA, source address .40
9.3.8 SIP – Length, length of PDU .40
9.3.9 SIP – PDU, protocol data unit .40
9.3.10 SIP – Result, result .40
10 Application layer (AL) .40
10.1 AL – Applicable ISO 14229-1 UDS functionality .40
10.2 AL – PCU timing parameters . 41
10.3 AL – Authentication . 41
10.3.1 AL – Requirements specification – PDT authentication . 41
iv
10.3.2 AL – Requirements specification – Fixed-address PCU/PCU(s) authentication . 42
10.4 AL – ReadDataByIdentifier – Read PCU hardware deployment method . 42
10.4.1 AL – Requirements specification – Read PCU hardware deployment method . 42
10.4.2 AL – Message sequence requirements – Read
PcuHardwareDeploymentMethod . 43
10.4.3 AL – Message sequence example – Read PcuHardwareDeploymentMethod. 43
10.5 AL – ReadDataByIdentifier – Read NumberOfPcu in vehicle .44
10.5.1 AL – Requirements specification – Read NumberOfPcu in vehicle .44
10.5.2 AL – Message sequence requirements – Read number of PCUs in vehicle .44
10.5.3 AL – Message sequence example – Read NumberOfPcu in vehicle . 45
10.6 AL – ReadDataByIdentifier – Read PcuAddressInfo . 45
10.6.1 AL – Requirements specification – Read PcuAddressInfo . 45
10.6.2 AL – Message sequence requirements – Read PcuAddressInfo of PCU .46
10.6.3 AL – Message sequence example – Read PcuAddressInfo of DoCAN PCU .46
10.6.4 AL – Message sequence example – Read PcuAddressInfo of DoIP PCU . 47
10.7 AL – ReadDataByIdentifier – Report VIN from PCU.48
10.7.1 AL – Requirements specification – Report VIN from PCU.48
10.7.2 AL – Message sequence requirements – Report VIN from PCU .48
10.7.3 AL – Message sequence example – Report VIN from PCU .48
10.8 AL – ReadDataByIdentifier – Report dismantler information .49
10.8.1 AL – Requirements specification – Report dismantler information .49
10.8.2 AL – Message sequence requirements – Report dismantler information .50
10.8.3 AL – Message sequence example – Report dismantler information .50
10.9 AL – ReadDataByIdentifier – Read deployment loop identification table .50
10.9.1 AL – Requirements specification – Read deployment loop identification
table .50
10.9.2 AL – Message sequence requirements – Read deployment loop
identification table. 51
10.9.3 AL – Message sequence example – Read deployment loop identification table . 52
10.10 AL – DiagnosticSessionControl – safetySystemDiagnosticSession .53
10.10.1 AL – Requirements specification – safetySystemDiagnosticSession .53
10.10.2 AL – Message sequence requirements – safetySystemDiagnosticSession .53
10.10.3 AL – Message sequence example – safetySystemDiagnosticSession .53
10.11 AL – TesterPresent .54
10.11.1 AL – Requirements specification – TesterPresent.54
10.11.2 AL – Message sequence requirements – TesterPresent .54
10.11.3 AL – Message sequence example – TesterPresent . 55
10.12 AL – SecurityAccess . 55
10.12.1 AL – Requirements specification – SecurityAccess . 55
10.12.2 AL – Message sequence requirements – SecurityAccess .56
10.12.3 AL – Message sequence example – SecurityAccessType = RequestSeed . 57
10.12.4 AL – Message sequence example –
SecurityAccessType = SendDeploymentKey . 57
10.13 AL – WriteDataByIdentifier – Write dismantler information .58
10.13.1 AL – Requirements specification – Write dismantler identification
information .58
10.13.2 AL – Message sequence requirements – Write dismantler identification
information .58
10.13.3 AL – Message sequence example – Write dismantler identification
information . 59
10.14 AL – RoutineControl . 59
10.14.1 AL – Requirements specification – RoutineControl . 59
10.14.2 AL – Message sequence requirements – RoutineControl . 61
10.14.3 AL – Message sequence example – ExecuteSPL with SF = startRoutine . 61
10.14.4 AL – Message sequence example – ExecuteSPL with
SF = requestRoutineResult . 62
10.14.5 AL – Message sequence example – DeployLoopRoutineID with
SF = startRoutine . 62
v
10.14.6 AL – Message sequence example – DeployLoopRoutineID with
SF = requestRoutineResult .63
10.15 AL – ACL request deployment sequence (optional) .64
10.15.1 AL – Requirements specification – ACL request deployment sequence .64
10.15.2 AL – Message sequence requirements – ACL request deployment sequence .64
10.16 AL – ACL confirm deployment sequence (optional) .64
10.16.1 AL – Requirements specification – ACL confirm deployment sequence.64
10.16.2 AL – Message sequence requirements – ACL confirm deployment sequence
(optional) .65
10.17 AL – ACL terminate deployment sequence (optional) .65
10.17.1 AL – Requirements specification – ACL terminate deployment sequence
(optional) .65
10.17.2 AL – Message sequence requirements – ACL terminate deployment sequence .65
10.18 AL – EcuReset .66
10.18.1 AL – Requirements specification – EcuReset.66
10.18.2 AL – Message sequence requirements – EcuReset .66
10.18.3 AL – Message sequence example – hardReset .66
11 Presentation layer (PL) .67
11.1 PL – Data type UNUM8 . 67
11.2 PL – Data type UNUM16 . 67
11.3 PL – Data type UNUM32 . 67
11.4 PL – Data type UCHAR8 . 67
12 Session layer (SL) .67
12.1 SL – Timing parameters . 67
12.2 SL – Error detection .68
13 Transport layer (TL) .68
13.1 TL – DoCAN . .68
13.2 TL – DoIP .68
14 Network layer (NL) .68
14.1 NL – DoCAN .68
14.2 NL – DoIP .69
15 Data link layer (DLL) . .69
15.1 DLL – CAN L_Data frame padding bytes . 69
15.2 DLL – ACL with bidirectional communication . 69
15.2.1 DLL – tP4_Sender timing specification . 69
15.2.2 DLL – Bit rate and byte format specification . 69
16 Physical layer (PHY).70
16.1 PHY – Connection between PDT and vehicle PCU(s) . 70
16.2 PHY – Conformance to CAN . 71
16.3 PHY – Conformance to Ethernet . 71
16.4 PHY – In-vehicle ACL with bidirectional communication (optional) . 71
16.4.1 PHY – Determine ACLType . 71
16.4.2 PHY – ACL_CommMode hardware provision . 71
16.4.3 PHY – ACL_CommMode conformance to ISO 14230-1 .72
16.5 PHY – In-vehicle ACL with PWM signal (optional) .74
16.5.1 PHY – Determine ACLType .74
16.5.2 PHY – ACL_PWMMode hardware provision .74
16.5.3 PHY – ACL PWM signal specification . 75
Annex A (informative) Typical configuration of PDT and vehicle PCU .79
Annex B (informative) Network architecture examples .81
Bibliography .88
vi
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 22, Road vehicles, Subcommittee SC 31,
Data communication.
This second edition cancels and replaces the first edition (ISO 26021-1:2008, ISO 26021-2:2008,
ISO 26021-2:2008/Cor 1:2009, ISO 26021-4:2009, ISO 26021-5:2009), which have been technically
revised.
The main changes are as follows:
— restructuring of four parts into a single document including use cases and application requirements;
— introduction of requirement structure with numbering and name;
— support of ISO 13400 DoIP (diagnostic communication over Internet Protocol);
— support of ISO 13400-4 DoIP diagnostic connector.
A list of all parts in the ISO 26021 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
vii
Introduction
End-of-life deployment activation of on-board pyrotechnic devices is a part of a wider regime designed
to ensure that road vehicles are scrapped in a safe and environmentally acceptable condition after their
use.
Newly designed products implement new security features like the authentication service. Such
vehicle PCU(s) can not be supported by pyrotechnic device deployment tools (PDTs) without security
implementation.
The ISO 26021 series is based on the Open Systems Interconnection (OSI) basic reference model
[1]
specified in ISO/IEC 7498-1 and ISO/IEC 10731 , which structures communication systems into seven
layers. When mapped on this model, the application layer protocol and data link layer framework
requirements specified/referenced in the ISO 26021 series are structured according to Figure 1.
Figure 1 illustrates a standard-based documentation concept, which consists of the following main
clusters:
— vehicle diagnostic communication framework: covers all relevant basic vehicle diagnostic
communication specifications of OSI layers 7, 6 and 5;
— vehicle diagnostic communication use case framework: covers the use cases and requirements of
the subject matter of OSI layer 7;
— presentation layer framework: covers all data-relevant specifications of OSI layer 6;
— conformance test plan: covers the conformance test plan requirements of the use cases and
communication requirements of OSI layers 7, 6 and 5;
— lower OSI layer framework: covers all vehicle diagnostic protocol standards of OSI layers 4, 3, 2 and
1, which are relevant and referenced by the use case specific standard.
viii
Figure 1 — ISO 26021 documents reference according to OSI model
ix
INTERNATIONAL STANDARD ISO 26021-1:2022(E)
Road vehicles — End-of-life activation of in-vehicle
pyrotechnic devices —
Part 1:
Application and communication interface
1 Scope
This document is applicable to road vehicles, where the electronic vehicle interface of the diagnostic
link connector (DLC) is used to perform an end-of-life (EoL) activation of in-vehicle pyrotechnic devices.
Apart from actual removal, this is the method to assure that no pyrotechnic substances are left in an
EoL vehicle. On-board activation is an effective and safe method.
This document describes use cases and specifies technical requirements in order to support the end-
of-life activation of in-vehicle pyrotechnic devices via the electronic communication interface. This
document references the ISO 14229 series unified diagnostic services implemented on diagnostic
communication over controller area network (DoCAN) and Internet Protocol (DoIP) along with the
required provision of data definitions.
This document comprises:
— terminology definitions;
— definition of end-of-life activation of in-vehicle pyrotechnic devices relevant use cases;
— requirements for the establishment of communication between the pyrotechnic device deployment
tool (PDT) and the vehicle's pyrotechnic control unit(s) (PCU(s));
— requirements for the optional usage of a credentials-based authentication and authorisation
mechanism between the PDT and the vehicle;
— requirements for the protection against tampering of the defined end-of-life activation of in-vehicle
pyrotechnic devices;
— PCU-relevant technical requirements.
PDT-relevant requirements are specified in a test equipment-specific standard with PDT-specific
requirements.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 7498-1, Information technology — Open Systems Interconnection — Basic Reference Model: The
Basic Model
ISO/IEC 9834-1, Information technology — Procedures for the operation of object identifier registration
authorities: General procedures and top arcs of the international object identifier tree — Part 1:
ISO 11898-1, Road vehicles — Controller area network (CAN) — Part 1: Data link layer and physical
signalling
ISO 11898-2, Road vehicles — Controller area network (CAN) — Part 2: High-speed medium access unit
ISO 13400-2, Road vehicles — Diagnostic communication over Internet Protocol (DoIP) — Part 2: Transport
protocol and network layer services
ISO 13400-3, Road vehicles — Diagnostic communication over Internet Protocol (DoIP) — Part 3: Wired
vehicle interface based on IEEE 802.3
ISO 13400-4, Road vehicles — Diagnostic communication over Internet Protocol (DoIP) — Part 4: Ethernet-
based high-speed data link connector
ISO 14229-1, Road vehicles — Unified diagnostic services (UDS) — Part 1: Application layer
ISO 14229-2, Road vehicles — Unified diagnostic services (UDS) — Part 2: Session layer services
ISO 14229-3, Road vehicles — Unified diagnostic services (UDS) — Part 3: Unified diagnostic services on
CAN implementation (UDSonCAN)
ISO 14229-5, Road vehicles — Unified diagnostic services (UDS) — Part 5: Unified diagnostic services on
Internet Protocol implementation (UDSonIP)
ISO 14230-1, Road vehicles — Diagnostic communication over K-Line (DoK-Line) — Part 1: Physical layer
ISO 15031-3, Road vehicles — Communication between vehicle and external equipment for emissions-
related diagnostics — Part 3: Diagnostic connector and related electrical circuits: Specification and use
ISO 15765-2, Road vehicles — Diagnostic communication over Controller Area Network (DoCAN) — Part 2:
Transport protocol and network layer services
ISO 15765-5, Road vehicles — Diagnostic communication over Controller Area Network (DoCAN) — Part 5:
Specification for an in-vehicle network connected to the diagnostic link connector
1)
ISO 26021-3, Road vehicles — End-of-life activation of on-board pyrotechnic devices — Part 3: Data
definitions
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 7498-1, ISO 14229-1 and
the following apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
key
data value sent from the external test equipment to the on-board controller in response to the seed (3.9)
in order to gain access to the locked services
3.2
pyrotechnic control unit
PCU
electronic control unit in the vehicle network which controls the activation of pyrotechnic devices
3.3
pulse width modulation
PWM
signal linked by the ACL to the independent hardware path in the pyrotechnic control unit (3.2)
Note 1 to entry: The PWM signal is active during the deployment session.
1) Second edition under preparation. Stage at the time of publication: ISO/DIS 26021-3:2022.
3.4
pyrotechnic device deployment tool
PDT
tool designed to be plugged into the OBD interface in order to communicate via the internal computer
network in an end-of-life vehicle with control units which are able to activate pyrotechnic devices
3.5
safing
mechanism whose primary purpose is to prevent an unintended functioning of the pyrotechnic control
unit (3.2) processor prior to detection of a crash situation
3.6
safing unit
part of the pyrotechnic control unit (3.2) that allows the pyrotechnic component deployment
microprocessor (µP) to deploy the pyrotechnic devices via the driver stage
EXAMPLE An electromechanically operated switch or a separate processor.
3.7
scrapping program module
module responsible for firing the selected pyrotechnic device loops one by one
3.8
scrapping program module loader
module responsible for converting the scrapping program module (3.7) to an executable format
3.9
seed
pseudo-random data value sent from the on-board controller to the external test equipment, which is
processed by the security algorithm to produce the key (3.1)
4 Symbols and abbreviated terms
4.1 Symbols
∆ delta
∆t DoIP network design-dependent delays
P6_Client
∆t DoIP network design-dependent extended delays
P6*_Client
∆t DoCAN network design-dependent delays
P2
t time
t
S3_Client
client session timer
t
S3_Server server session timer
t
P2_Server_Max
server response timer maximum value
t
P2*_Server_Max
server extended response timer maximum value
t
P3_Client_Phys time between end of server response and start of new client request
4.2 Abbreviated terms
ACL additional communication line
AL application layer
APP application
BP basic principle
CAN controller area network
CANID CAN identifier
DID data identifier
DLC diagnostic link connector
DLL data link layer
DoCAN diagnostic communication over CAN
DoIP diagnostic communication
...