VCDS: SFD Diagnostic Firewall
VW Audi Group SFD Diagnostic Firewall
VAG SFD?Some 2020 model year and newer VW Audi Group (VAG) vehicles, are fitted with the "SFD" system.
SFD stands for 'Schutz der FahrzeugDiagnose', which directly translates to Vehicle Diagnostic Protection - essentially it's a diagnostic firewall.
SFD is fitted in the name of security and intercepts diagnostic requests and responses between the tool and the vehicle, and can block some diagnostic commands - particularly coding or adaptation commands which could make a change to the vehicle.
In order for these more advanced diagnostic requests to be allowed through, the control module you are connecting to will generate a 'challenge' token (an alphanumeric code which is unique to that diagnostic session). VAG's servers can use this to generate a 'release' token which, when presented back to the car, will unlock full access to that module for a set time period (typically 90 minutes).
VCDS (with a HEX-V2 or HEX-NET interface) supports SFD in 'offline mode' - it can report the challenge token, and can enter the release token, but as it has no access to VAG's servers, it cannot generate the release token itself. That would need to be obtained from VAG, or via a 3rd party.
Which models are known to be affected?At the time of writing (March 11th 2022), vehicles based on the MQB2020, MQBevo and MEB platforms are known to have SFD.
This list is not exhaustive though; other new models may also be affected:
MQBevo / MQB2020 Platforms