These are just some notes from reading about the ISO 15765-2 or ISO Transport Layer (ISO-TP) CAN-Bus protocol. May want to check on this post often if it’s useful. I plan on updating it frequently with what new information I find out about it. But, for now. I will provide what notes regarding the protocol that I have now.

The idea behind these blog posts come from reading “The Car Hackers Handbook: A Guide For Penetration Testers”. Plus, I don’t know a whole lot about CAN-Buses. But, I’m curious about them. So, why not put together some notes and post here as I learn?

ISO 15765-2 or ISO-TP is a standard for sending packets over the CAN bus that extends the 8-byte CAN limit to support up to 4095 bytes by chaining CAN packets together.

Common uses for ISO-TP is diagnostics and KWP messages. KWP is an alternative protocol to CAN.

One common application for this can include diagnostic messages transferred with OBD-II equipped vehicles.

It can be used any time large packets need to be sent over CAN.

Encapsulation of ISO-TP into CAN consists of using the first byte to extend the addressing. Which allows for 7 bytes for data in each packet.

ISO-TP can carry up to 4095 bytes of payload per packet.

Sending lots of information over ISO-TP can easily flood the CAN bus. Caution should be used when utilizing the ISO-TP standard for large transfers on an active bus.

In the OSI Model, ISO-TP would be considered in layer 3 and layer 4.

ISO 15765-2 is part 2 of ISO 15765. Titled Diagnostic communications over Controller Area Network (DoCAN). Which costs about 188.74 USD to purchase the PDF/EPUB. Link to it is in the references.

References