The CAN network on modern vehicles can have a very complex topology. Below is an example of a CAN network for a 2019-2022 Kia Forte (BD).

The Integrated Central Control Unit (ICU or ICCU) is the central part of this network. On this KIA model, the ICCU performs two different functions: the Smart Junction Block (SJB) and the Central Gateway (CGW). SJB is a module that performs the function of a conventional junction block and some of the functions of IBU. The Central Gateway (CGW) is a network controller that provides communication between controllers connected to different CAN networks.

The main functions of CGW include: routing — information exchange between different network segments and network security control.

SGW (Security Gateway) is a Central Gateway security feature that allows only authorized access to perform special functions and actuators tests. Thus, the scan tool must first be authorized in the Central Gateway in order to perform special procedures on any Control Units located in different CAN networks connected to the Central Gateway.

For example, when an unauthorized scan tool attempts to perform a special procedure (such as an atuator test) on an engine, it sends a request to ECU, but ECU is located in the P-CAN network and this request must be routed by Central Gateway from D-CAN to P-CAN. If the scan tool is not authorized in the Central Gateway, this request will be blocked and the Central Gateway will respond with NRC code 0x33 "securityAccessDenied" (according to UDS — ISO14229). Even if someone tries to bypass the Central Gateway and connects the scanner directly to the P-CAN network, the Central Gateway with SGW will silently suppress this request (CAN frames that contain certain service identifiers — SID), so this request will never reach the destination (ECU, in this example) and no response will be sent back to the scan tool, response timeout will occur. Thus, physical bypass is not possible for this type of SGW, as for FCA SGW (Fiat/Chrysler SGW), for example, where you can install a jumper instead of the SGW block, which will pass all requests.

The SGW function in the Hyundai/KIA Central Gateway performs authorization based on digital certificates issued by Hyundai/KIA for certain scanner manufacturers, one of which is CS.

SGW authorization on Hyundai/KIA performed offline, no internet connection required.

You can check the result of SGW authorization even in DAP4CS demo mode. The SGW authorization result is displayed in DAP4CS screen log. However, Hyundai/KIA SGW support is an additional option of DAP4CS license key. Therefore, you need to purchase this option for your license key to perform diagnostics over SGW on Hyundai/KIA. The cost of this option is 50 USDT. Without SGW support special functions and actuators tests will not work (on vehicles with SGW, see list below).

SGW has been implemented on several Hyundai/KIA models since 2018, such as:

  • KIA: Carnival (KA4), Ceed (CD), Cerato/Forte (BD), K5 (DL3), K900 (RJ), Mohave (2020~), Seltos (SP2), Sonet (QY), Sorento (MQ4), Soul (SK3), Stinger (CK), Telluride, Xceed
  • Hyundai: Creta (SU2), Elantra (CN7), i20 (BC3, BI3), Ioniq 5 (NE EV), Nexo (FE), Palisade, Santa Fe (TM), Sonata (DN8), Tucson (NX4)
  • Genesis: G70 (IK), G80 (RG3), G90 (HI), GV70 (JK1), GV80 (JX1)

This is an incomplete list and is provided as an example. To clarify the SGW presence, check the connection with the ECU on a specific vehicle. If SGW is present, information about SGW authorization will be appeared in the DAP4CS screen log.

< Next >