Modern vehicles use the UDS (Unified Diagnostic Services) protocol to manage communication between diagnostic tools and Electronic Control Units (ECUs). Before performing certain diagnostic or programming operations, the diagnostic tool must request a specific session using the Diagnostic Session Control (Service 0x10). Each session provides a different level of access to the ECU's functions and resources.
The most common session is the Default Session (0x10 01), which is the ECU's normal operating mode. In this session, basic diagnostic functions are available, such as reading fault codes (DTCs), monitoring data parameters, and retrieving vehicle information. A typical request and response are:
Request:
ID: 0x7E0
DATA: 02 10 01 00 00 00 00 00
Response:
ID: 0x7E8
DATA: 06 50 01 00 32 01 F4 00The Extended Diagnostic Session (0x10 03) provides access to additional diagnostic features that are not available in the default session. These functions may include actuator tests, advanced ECU information, configuration changes, and security-related operations. Many ECUs require entering the extended session before allowing a Security Access request (Service 0x27).
Request:
ID: 0x7E0
DATA: 02 10 03 00 00 00 00 00
Response:
ID: 0x7E8
DATA: 06 50 03 00 32 01 F4 00The Programming Session (0x10 02) is used when updating or reflashing ECU software. This session enables functions related to firmware downloads, memory erasing, data transfer, and software installation. Because programming operations are critical, ECUs typically require successful authentication through Security Access before granting entry to this session.
Request:
ID: 0x7E0
DATA: 02 10 02 00 00 00 00 00
Response:
ID: 0x7E8
DATA: 06 50 02 00 32 01 F4 00In addition to these standard sessions, many manufacturers implement proprietary sessions such as 0x10 40, 0x10 60, 0x10 85, 0x10 92, or 0x10 C0, which provide access to manufacturer-specific functions. These special sessions are often protected by security mechanisms and are intended for factory tools, engineering diagnostics, or development purposes.
Understanding the differences between Default, Extended, and Programming sessions is essential for anyone working with vehicle diagnostics, ECU simulation, reverse engineering, or automotive cybersecurity. These sessions define the level of access available within the ECU and determine which diagnostic services can be executed during a communication session.
