Next-Gen Cybersecurity for Trucking

Next-Gen Cybersecurity for Trucking

The transportation industry is midway through the CALSTART 2018 Cyber Truck Challenge, and Heavy Duty Trucking (HDT) has announced that the University of Tulsa (TU) is working to develop a truck cybersecurity device.

Cyber Truck Challenge, established to help develop the next generation of the trucking workforce, runs through 15 June. CALSTART, in conjunction with the Michigan Economic Development Council (MEDC), TARDEC and the National Motor Freight Traffic Association (NMFTA) are working to raise cybersecurity awareness in the trucking and transportation industry.

“Cyber security awareness and action is critical as electrification and connectivity grows across the industry and we are working to establish a community of interest for heavy vehicle cyber that transcends individual companies or departments and reaches across disciplines and organizations to make a more universal and experienced base of engineers and managers,” CALSTART wrote.

This week more than 35 students from across the country have gathering in Warren, Michigan. Students have gone through two days of instruction and are in day two of the cybersecurity assessment of five medium- and heavy-duty trucks. The week will culminate with a student report.

They aren't the only students actively working to secure trucking fleets, though. A group of students from the University of Tulsa, along with faculty from the department of mechanical engineering, is also joining forces with NMFTA in an effort to improve the security of electronic logging devices (ELDs) through the use of a controller area network (CAN) data diode hardware device, HDT reported. 

According to the Federal Motor Carrier Safety Administration (FMCSA), new mandatory ELD regulations are “intended to help create a safer work environment for drivers, and make it easier and faster to accurately track, manage, and share records of duty status (RODS) data. An ELD synchronizes with a vehicle engine to automatically record driving time, for easier, more accurate hours of service (HOS) recording.”

The ELD final rule was published 16 December 2015 and continues to be implemented with the end goal of full compliance and the mandatory use of ELDs set for 16 December 2019.

ELDs with weak cybersecurity safety measures can often be used as points of entry to critical systems of a truck, and the CAN diode is intended to mitigate this risk. The CAN data diode will deliver a low-cost network isolation solution, which is good news for commercial vehicle operators with limited resources.

The device “will help carriers comply with mandatory ELD regulations while also protecting onboard vehicle networks that could be compromised by a cracked ELD,” Jeremy Daily, TU associate professor whose technology designs the CAN data diode is based on told HDT.

Source: Information Security Magazine