# Diag Security Service - [API reference](https://docs.qualcomm.com/doc/80-41102-2/topic/_doxygen_rst_file__doxygen_sources_taf_diagSecurity_interface_h.html#file-taf-diagsecurity-interface-h) The diag security service APIs are part of the diagnostic service. The diag security service provides diag SessionControl(0x10) and SecurityAccess(0x27) service. The SessionControl service is used to enable different diagnostic sessions in the server. It enables a specific set of diagnostic services or functionality in the server. There shall always be exactly one diagnostic session active in a server. A server shall always start the default diagnostic session when powered up. The SecurityAccess service provides a means to access data and/or diagnostic services, which have restricted access for security, emissions, or safety reasons. ## IPC interfaces binding The functions of this API are provided by the **tafDiagSvc** platform service. The following example illustrates how to bind to the diag security service. bindings: { clientExe.clientComponent.taf_diagSecurity -> tafDiagSvc.taf_diagSecurity } Copy to clipboard ## Server-service APIs A diag security service reference can be got using [taf\_diagSecurity\_GetService()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1afe66e8ed4063d2d1c4ed25caab5c2875.html#Documentationa00437_1afe66e8ed4063d2d1c4ed25caab5c2875). Use the returned reference for subsequent operations. The following example illustrates how to set up a diag security server-service-instance. taf_diagSecurity_ServiceRef_t svcRef; // Service reference // Get the service reference. svcRef = taf_diagSecurity_GetService(); LE_ASSERT(svcRef != NULL); Copy to clipboard ## Set/get VLAN ID After getting a service reference, an application can set the VLAN ID to the service to filter SessionControl/SecurityAccess requests using [taf\_diagSecurity\_SetVlanId()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1aa3e325992c6e3abf843bb1fcdb989319.html#Documentationa00437_1aa3e325992c6e3abf843bb1fcdb989319). It shall be called before registering the handler for the SessionControl(0x10) and SecurityAccess(0x27) request messages. An application can get the VLAN ID of the request message using [taf\_diagSecurity\_GetVlanIdFromMsg()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1a138c1f5e375ba37e4c7eab5d2f56b698.html#Documentationa00437_1a138c1f5e375ba37e4c7eab5d2f56b698). - [taf\_diagSecurity\_SetVlanId()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1aa3e325992c6e3abf843bb1fcdb989319.html#Documentationa00437_1aa3e325992c6e3abf843bb1fcdb989319) — Sets the VLAN ID. - [taf\_diagSecurity\_GetVlanIdFromMsg()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1a138c1f5e375ba37e4c7eab5d2f56b698.html#Documentationa00437_1a138c1f5e375ba37e4c7eab5d2f56b698) — Gets the VLAN ID of the request message. ## SessionControl(0x10) service After getting the service reference, an application can call [taf\_diagSecurity\_AddRxSesTypeCheckHandler()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1a89745d6c730157e41fdeda892f2dbee9.html#Documentationa00437_1a89745d6c730157e41fdeda892f2dbee9) to register a message handler for SessionControl(0x10) service. Once a diag session control request message is received, the handler will be called with the message reference and received session type passed as input parameters. The application will check condition for the received session type and uses the message reference to send a response message using [taf\_diagSecurity\_SendSesTypeCheckResp()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1af5c02c1bd6f2d1fac5b005d66b1745fe.html#Documentationa00437_1af5c02c1bd6f2d1fac5b005d66b1745fe). // Rx message handler function for SessionControl. void RxSesTypeHandler ( taf_diagSecurity_RxSesTypeCheckRef_t rxSesTypeRef, uint8_t sesCtrlType, void* contextPtr ) { // Process after succesfully receiving message } // Register the message handler. taf_diagSecurity_RxSesTypeCheckHandlerRef_t RxSesTypeCheckHandlerRef taf_diagSecurity_AddRxSesTypeCheckHandler(SvcRef, (taf_diagSecurity_RxSesTypeHandlerFunc_t)RxSesTypeHandler, NULL); LE_ASSERT(RxSesTypeCheckHandlerRef != NULL); // To remove the handler function. taf_diagSecurity_RemoveRxSesTypeCheckHandler(RxSesTypeCheckHandlerRef); // To send a response for condition check of requested session type. le_result_t result = taf_diagSecurity_SendSesTypeCheckResp(rxSesTypeRef, TAF_DIAGSECURITY_SES_CONTROL_NO_ERROR); if (result != LE_OK) { LE_ERROR("Fail to send response."); return result; } Copy to clipboard An application can call [taf\_diagSecurity\_AddSesChangeHandler()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1a27d2b413c76b17eb2634468713a67f89.html#Documentationa00437_1a27d2b413c76b17eb2634468713a67f89) to register a message handler for session type change. Once session type is changed in diag service, the handler will be called with message reference, previous session type and current session type passed as input parameters. Finally call [taf\_diagSecurity\_ReleaseSesChangeMsg()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1a155bd3e4026a76d2eac2d54a1e39c58e.html#Documentationa00437_1a155bd3e4026a76d2eac2d54a1e39c58e) to release the session change message. // Rx message handler function for session type change. void SesChangeHandler ( taf_diagSecurity_SesChangeRef_t sesChangeRef, uint8_t previousType, uint8_t currentType, void* contextPtr ) { // Process after succesfully session type change } // Register the message handler. taf_diagSecurity_SesChangeHandlerRef_t SesChangeHandlerRef taf_diagSecurity_AddSesChangeHandler(SvcRef, (taf_diagSecurity_SesChangeHandlerFunc_t)SesChangeHandler, NULL); LE_ASSERT(SesChangeHandlerRef != NULL); // To remove the handler function. taf_diagSecurity_RemoveSesChangeHandler(SesChangeHandlerRef); // To release the session change message. le_result_t result = taf_diagSecurity_ReleaseSesChangeMsg(SesChangeHandlerRef); if (result != LE_OK) { LE_ERROR("Fail to release msg."); return result; } Copy to clipboard An application can select the VLAN ID by calling [taf\_diagSecurity\_SelectTargetVlanID()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1a3414248374fe5b10142fab97ef4f02c1.html#Documentationa00437_1a3414248374fe5b10142fab97ef4f02c1). If the service is bound to multiple VLANs, the application needs to select a VLAN ID for subsequent operation on target VLAN, otherwise the last VLAN ID set using [taf\_diagSecurity\_SetVlanId()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1aa3e325992c6e3abf843bb1fcdb989319.html#Documentationa00437_1aa3e325992c6e3abf843bb1fcdb989319) is considered. // Select the VLAN ID. uint16_t vlanId = 10; le_result_t result = taf_diagSecurity_SelectTargetVlanID(SvcRef, vlanId); if (result != LE_OK) { LE_ERROR("Fail to select vlan Id."); return result; } Copy to clipboard An application can get the current session type by calling [taf\_diagSecurity\_GetCurrentSesType()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1a016d0bd5ba9d46099fd2be551acb13af.html#Documentationa00437_1a016d0bd5ba9d46099fd2be551acb13af). If the service is bound to multiple VLANs, then the application needs to select a VLAN ID first to get the session type of selected VLAN, if VLAN ID is not selected then it will provide the session type of the last VLAN ID set by [taf\_diagSecurity\_SetVlanId()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1aa3e325992c6e3abf843bb1fcdb989319.html#Documentationa00437_1aa3e325992c6e3abf843bb1fcdb989319). // Get the current active session type. uint8_t currentSesType; le_result_t result = taf_diagSecurity_GetCurrentSesType(SvcRef, ¤tSesType); if (result != LE_OK) { LE_ERROR("Fail to get current session type."); return result; } Copy to clipboard ## SecurityAccess(0x27) service After getting the service reference, an application can call [taf\_diagSecurity\_AddRxSecAccessMsgHandler()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1ac441e199fc07433cbcc6b2c9ea3e1999.html#Documentationa00437_1ac441e199fc07433cbcc6b2c9ea3e1999) to register a message handler for SecurityAccess(0x27) service. Once a diag security access request message is received, the handler will be called with the message reference and received security accessType passed as input parameters. The application performs the requested security operation based on the received security accessType and uses the message reference to send a response message using [taf\_diagSecurity\_SendSecAccessResp()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1a33cfda95bbfbc45c65b6649ec61bad8b.html#Documentationa00437_1a33cfda95bbfbc45c65b6649ec61bad8b). Finally call [taf\_diagSecurity\_RemoveSvc()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1a838f7b25a6e1c6ba7c7df060d946422a.html#Documentationa00437_1a838f7b25a6e1c6ba7c7df060d946422a) to remove the created service. // Rx message handler function for SecurityAccess. void RxSecAccessMsgHandler ( taf_diagSecurity_RxSecAccessMsgRef_t rxMsgRef, uint8_t accessType, void* contextPtr ) { // Process after succesfully receiving message } // Register the message handler. taf_diagSecurity_RxSecAccessMsgHandlerRef_t RxSecAccessMsgHandlerRef = taf_diagSecurity_AddRxSecAccessMsgHandler(SvcRef, (taf_diagSecurity_RxSecAccessMsgHandlerFunc_t)RxSecAccessMsgHandler, NULL); LE_ASSERT(RxSecAccessMsgHandlerRef != NULL); // To remove the handler function. taf_diagSecurity_RemoveRxSecAccessMsgHandler(RxSecAccessMsgHandlerRef); Copy to clipboard The following APIs are provided to get the security access payload. The payload can be either securityAccessDataRecord or securityKey based on the accessType input of the registered RxSecAccessMsgHandler. The payload of requestSeed(0x01) acessType is securityAccessDataRecord and sendKey(0x02) accessType is securityKey. - [taf\_diagSecurity\_GetSecAccessPayloadLen()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1ada64ef9d3e9dd612836426b5e0e498f7.html#Documentationa00437_1ada64ef9d3e9dd612836426b5e0e498f7) — Gets the security access payload length. - [taf\_diagSecurity\_GetSecAccessPayload()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1aac1a1d4f5710d8ed7e36c96e31b39eaa.html#Documentationa00437_1aac1a1d4f5710d8ed7e36c96e31b39eaa) — Gets the security access payload. An application can send a response by calling [taf\_diagSecurity\_SendSecAccessResp()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1a33cfda95bbfbc45c65b6649ec61bad8b.html#Documentationa00437_1a33cfda95bbfbc45c65b6649ec61bad8b). le_result_t result = taf_diagSecurity_SendSecAccessResp(rxMsgRef, TAF_DIAGSECURITY_SEC_ACCESS_NO_ERROR, NULL, 0); if (result != LE_OK) { LE_ERROR("Fail to send response."); return result; } Copy to clipboard An application can remove the diag security server service by calling [taf\_diagSecurity\_RemoveSvc()](https://docs.qualcomm.com/doc/80-41102-2/topic/function_a00437_1a838f7b25a6e1c6ba7c7df060d946422a.html#Documentationa00437_1a838f7b25a6e1c6ba7c7df060d946422a). le_result_t result = taf_diagSecurity_RemoveSvc(svcRef); LE_ASSERT(result == LE_OK); Copy to clipboard Last Published: Jun 09, 2026 [Previous Topic Diag Routine Control Service](https://docs.qualcomm.com/bundle/publicresource/80-41102-2/topics/page_c_tafDiagRoutineCtrl.md) [Next Topic Diag Update Service](https://docs.qualcomm.com/bundle/publicresource/80-41102-2/topics/page_c_tafDiagUpdate.md)