Settings Screen Overview

When you install this plug-in, a Security Window is added to MicroPeckerX Control Software. Use it to configure the message authentication feature, monitor traffic, and review logs.

info

The Security Window is the dedicated configuration and monitoring screen for the Message Authentication plug-in.

Security Window

Overview

Tabs are provided for each channel so you can switch between their settings and logs.
Includes controls for showing security message logs, saving and loading settings files, and opening the configuration dialog.

No	Item	Description
[1]	Log area	Displays security message logs.
[2]	Security ID List	Shows the CAN IDs targeted for message authentication and their security settings.
-	button	Opens a file dialog. Saves the transmitted or received security messages shown in the selected channel tab as a CSV log file.
-	button	Opens the Security Setting dialog.
-	Security Mode Enabled	Enables or disables message authentication. Select the checkbox to enable message authentication.

Security Setting Dialog

The Security Setting dialog provides detailed configuration for the message authentication feature. It contains two tabs: Ch Setting (shared channel settings) and ID Setting (per CAN ID).

tip

Typically, define overall rules in Ch Setting and override only special cases in ID Setting. ID Setting also lets you configure periodic transmissions that include authentication data on a per CAN ID basis.

No	Item	Description
[1]	button	Opens a file dialog. Loads the selected security settings file and applies its contents.
[1]	button	Opens a file dialog. Saves the current security settings to a file.
[2]	Ch Setting tab	Configure channel-wide message authentication settings.
[2]	ID Setting tab	Configure message authentication per CAN ID.
[3]	button	Saves the security settings and closes the dialog.
[3]	button	Discards any changes and closes the dialog.

Ch Setting Tab (Common Settings)

Use the Ch Setting tab to configure message authentication settings shared across the channel.

No	Item	Description
[1]	Profile	Select the security profile for message authentication. Choose from: ・Jaspar: Uses the JASPAR specification settings. ・Custom: Uses your own settings. Your selection changes the available field names and editable ranges below.
[1]	FV Master	Specify whether the Freshness Value operates as a master or slave. Select the checkbox for a master (sync message sender); clear it for a slave (sync message receiver).
[2]	SyncFrame Setting	Configure the sync message.
[3]	Security Setting (Ch Common)	Configure channel-wide message authentication settings.

Caution

Select the appropriate profile according to your security policy or the vehicle manufacturer's requirements.

SyncFrame Setting

Configure the sync message.

Field	Description
Protocol	Select the protocol: CAN or CAN-FD.
Std./Ext.	Select the CAN ID type: Std. (standard ID) or Ext. (extended ID).
ID	Enter the CAN ID.

Security Setting (Ch Common)

No	Item	Description
[1]	Callout FileName	Behavior depends on the selected profile: ・Jaspar: A JASPAR-compliant callout DLL is used automatically, so you cannot choose a DLL or view/edit custom parameters. ・Custom: You can select the DLL file (external integration program). The file path chosen in the dialog is displayed.
	button	Enabled only when Profile is set to Custom. Opens a file dialog to select the callout DLL to use.
	button	Enabled only when Profile is Custom. Opens the Callout Custom Param Setting dialog, where you can view and edit callout custom parameters.
[2]	Use Message Authentification	Enables or disables message authentication. Select the checkbox to enable it.
[2]	MAC Verify Attempts	Set the maximum number of MAC verification attempts (1–255). If verification fails consecutively for the configured number of attempts, an authentication error occurs.

tip

Use a callout DLL when you need to extend authentication with custom processing such as key generation. The Jaspar profile automatically uses a fixed DLL, so you do not need to select a file. For Custom, specify the DLL yourself.

Callout Custom Param Setting

When Profile is Custom, load the callout DLL and select Custom Param to open the Callout Custom Param Setting dialog. It lists the custom parameters provided by the callout DLL.

Item	Description
Param[Type]	Shows the parameter name and data type. The data types are: ・Sn: Signed integer (n = bit length) ・Un: Unsigned integer (n = bit length) ・ASCII(m): Character string (m = bytes)
Value	Displays the parameter value (signed integers in decimal, unsigned integers in hexadecimal). Click a cell to edit the value.
button	Saves the parameter settings and closes the dialog.
button	Discards the changes and closes the dialog.

MAC Type Setting

Configure the MAC type and keys.

Field	Description
Cryptographic Protocol	Select the cryptographic protocol used for MAC generation. The available option is CMAC/AES-128.
Truncated MAC Position	Specify the bit position in the data field where part of the generated MAC is placed using the “Motorola sequential” notation. For example, specifying “bits 40–63” places the upper 24 bits of the MAC in bytes D6 through D8.
Crypto Key Setting	Select how the key is generated. Options: ・Fixed Data (Hex): Use a fixed value (hexadecimal) entered right-aligned in big-endian format. Click to generate a random fixed value. ・Callout: Use a value generated by the callout DLL.

FV Setting

Configure the Freshness Value.

Field	Description
FV Used	Enables or disables FV. Select the checkbox to use FV.
Truncated FV Position	Specify the FV bit length and the bit position in the data field using the “Motorola sequential” notation. For example, specifying “bits 32–39” results in an 8-bit FV placed in byte D5.
Fixed Data / Callout	Select how the FV is generated: ・Fixed Data: Use a fixed value (hexadecimal) entered right-aligned in big-endian format. ・Callout: Use a value generated by the callout DLL.

MAC Source Setting

Configure the data used as input to the MAC.

Main Section	Field	Description
Message ID / Prefix		Configures the prefix. The display changes depending on the selected profile: ・Jaspar: Message ID ・Custom: Prefix
	Length	Specify the bit length of the prefix.
	button	Opens the Element Setting dialog to configure prefix elements.
	Type	Select how the prefix is generated. Options: ・Not Used: Do not use a prefix. ・Fixed Data: Use a fixed value (hexadecimal) entered right-aligned in big-endian format. ・Callout: Use a value generated by the callout DLL.
CAN/CAN-FD Payload [Truncated]		Configures the payload.
	Payload Used	Select whether to use the payload. When enabled, part of the data field is treated as payload.
	Position	Specify the bit positions in the data field treated as payload using the “Motorola sequential” notation. For example, specifying “bits 0–31” treats bytes D1 to D4 as payload.
Freshness Value / Postfix		Configures the postfix. The display changes depending on the selected profile: ・Jaspar: Freshness Value ・Custom: Postfix
	Length	Specify the bit length of the postfix.
	button	Opens the Element Setting dialog to configure postfix elements.
	Type	Select how the postfix is generated. Options: ・Not Used: Do not use a postfix. ・Fixed Data: Use a fixed value (hexadecimal) entered right-aligned in big-endian format. ・Callout: Use a value generated by the callout DLL.

Element Setting

Click the Element buttons for Prefix or Postfix in MAC Source Setting to open the Element Setting dialog.

Prefix

Postfix

Main Section	Field	Description
Element List		Displays the list of elements.
	Name	Shows the element name.
	Position	Shows the bit position of the element.
	Bit Alignment	Shows the alignment. “Left” means left-aligned; “Right” means right-aligned.
	Byte Endian	Shows the byte endianness. “Big” means big-endian; “Little” means little-endian.
	Format	Shows the initial value of the element in hexadecimal.
Element Data		Change the settings for the element selected in Element List.
	Name	Enter the element name.
	Position	Specify the bit length and bit position of the element.
	Length = 0	Select the checkbox to set the bit length to 0. When selected, all fields other than Name show “-” and cannot be edited.
	Initial Value (Hex)	Enter the initial value in hexadecimal.
button		Adds a new element.
button		Deletes the element selected in Element List.
button		Saves the element settings and closes the dialog. (*3)
button		Discards any additions, edits, or deletions and closes the dialog.

If no elements exist, one element is generated automatically under the following conditions:

Name is set to “Prefix” for prefixes or “Postfix” for postfixes.
Position covers the entire prefix or postfix. For example, if the length is 16 bits, the position is “bits 0–15.”
Initial Value (Hex) is set to all zeros.

ID Setting Tab

Use the ID Setting tab to configure message authentication for each CAN ID.

No	Item	Description
[1]	Target ID List	Lists the message authentication settings for each CAN ID.
	button	Adds a message authentication setting for a CAN ID.
	button	Deletes the message authentication setting selected in Target ID List.
[2]	Target Frame Info	Configure the frame information for the CAN ID selected in Target ID List. (*)
[3]	Security Setting	Modify the message authentication settings for the CAN ID selected in Target ID List. (*)

Hidden when no CAN IDs are registered in Target ID List.

Target ID List

Shows the message authentication settings for each CAN ID.

Field	Description
ID	Displays the CAN ID. “Std.” indicates a standard ID and “Ext.” indicates an extended ID.
DLC	Shows the data length.
Mode (*1)	Shows the transmission mode: ・Monitor: Receive-only message ・Periodic: Periodic transmit message (sends a data frame at the interval defined by Cycle in Target Frame Info)
Crypto Protocol	Displays the cryptographic protocol used to generate the MAC.
MAC Pos.	Shows the bit position in the data field where part of the MAC is placed using the “Motorola sequential” notation. For example, “40-63” means that bits 40–63 (bytes D6 to D8) in the data field contain the upper 24 bits of the MAC.
FV Pos.	Shows the bit position in the data field where the FV is placed using the “Motorola sequential” notation. For example, “32-39” means that bits 32–39 (byte D5) in the data field contain the FV. Displays “NotUsed” when FV is disabled.
MAC Prefix	Displays the prefix used as MAC input. (*2)
MAC Postfix	Displays the postfix used as MAC input. (*2)
Payload	Shows the bit positions in the data field treated as payload data for MAC generation, using the “Motorola sequential” notation. For example, “0-31” means that bits 0–31 (bytes D1 to D4) are treated as payload.

*1: “Monitor” receives only, while “Periodic” transmits at regular intervals. *2: Displays “Callout” when using values generated by the callout DLL, or “NotUsed” when not used.

Target Frame Info

Configure the frame information for the CAN ID selected in Target ID List.

Field	Description
Protocol	Select the protocol: CAN or CAN-FD.
Std./Ext.	Select the CAN ID type: Std. (standard ID) or Ext. (extended ID).
ID	Enter the CAN ID.
Bit Rate Switch	Enables or disables Bit Rate Switch. Select the checkbox to enable it.
Mode	Select the transmission mode. ・Monitor: Receive-only message ・Periodic: Periodic transmit message (sends a data frame at the interval configured in Cycle)
DLC	Select the data length of the data frame.
Data	Click to open the Data Setting dialog and configure the data field.
Cycle	Specify the transmission interval in milliseconds.
Offset	Specify the offset time in milliseconds from the start of monitoring until the first data frame is sent.

Limitations for periodic transmission settings

Maximum number of CAN IDs with periodic transmission: Up to 10 CAN IDs per channel and 64 CAN IDs in total across both channels.
Minimum transmission interval: The minimum interval equals the total number of CAN IDs with message authentication configured across both channels (n) × 1 ms. For example, if Ch1 has two IDs and Ch2 has three IDs, the minimum interval is 5 ms. Even if you specify a shorter interval in Cycle, the actual transmission interval will not be shorter than this minimum.

Data Setting Dialog

Click Set button in Target ID List to open the Data Setting dialog. It has Hex and Binary tabs so you can configure the data field using either display format.

Hex Tab

Binary Tab

Main Section	Field	Description
ID		Displays the CAN ID.
DLC		Select the data length.
Hex tab	Data field	Shows the data field values (hexadecimal) byte by byte. For example, “D1 – 8” represents D1, D2, …, D8 from left to right. Values can be edited.
Hex tab	Editor	Shows the data field values (hexadecimal) separated by commas for each byte. Values can be edited.
Binary tab	Data field	Shows the data field values (binary) byte by byte with the following columns: ・Data: Byte position in the data field. ・Value: Byte value in binary. Click a cell to edit the value.
Binary tab	Editor	Shows the data field values (binary) separated by commas for each byte. Values can be edited.
button		Opens a file dialog to load a file and apply its contents to the data field.
button		Opens a file dialog to save the data field as a CSV file.
button		Saves the data field settings and closes the dialog.
button		Discards changes to the data field and closes the dialog.

The Data field and Editor areas are linked, so editing one automatically updates the other.

Security Setting

Modify the message authentication settings for the CAN ID selected in Target ID List. By default, the settings from the Ch Setting tab are used, but you can override them per CAN ID.

Use Ch Setting: Checked

Uses the channel-wide message authentication settings.

Use Ch Setting: Unchecked

Uses individual message authentication settings per CAN ID.

Item	Description
Use Ch Setting	Enables or disables the channel-wide settings configured in the Ch Setting tab. Select the checkbox to use the channel-wide settings.
button	Overwrites the message authentication settings with the channel-wide settings. (*) Unavailable when Use Ch Setting is selected.
[1]	Configure individual message authentication settings for the CAN ID. (*). For details on each field, see Security Setting (Ch Common).

Callout DLL settings always use the channel-wide configuration.

Security Window​

Overview​

Security Setting Dialog​

Ch Setting Tab (Common Settings)​

SyncFrame Setting​

Security Setting (Ch Common)​

Callout Custom Param Setting​

MAC Type Setting​

FV Setting​

MAC Source Setting​

Element Setting​

Prefix​

Postfix​

ID Setting Tab​

Target ID List​

Target Frame Info​

Data Setting Dialog​

Hex Tab​

Binary Tab​

Security Setting​

Use Ch Setting: Checked​

Use Ch Setting: Unchecked​