A consortium of industry leaders in vehicle cybersecurity has come together to develop a hardware device that prevents communication from a truck’s Electronic Logging Device (ELD) to external systems, virtually eliminating its potential as a cyberattack entry point.
The non-profit National Motor Freight Traffic Association (NMFTA) has brought together industry leaders in vehicle cybersecurity to enhance protection for ELDs, which are commonly used in North America.
The vehicle cybersecurity consortium has developed the CAN Data Diode, a creative development from the University of Tulsa’s Student CyberTruck Experience (CyTeX) program under the direction of Dr Jeremy Daily. The NMFTA, the University of Tulsa, Irdeto, Geotab, DG Technologies and other industry experts are collaborating to identify and validate possible commercial applications, such as securing ELDs.
The CAN Data Diode is a hardware device that prevents communication from the ELD to a commercial vehicle, virtually eliminating the connected logging device as a remote cyberattack surface, creating what is essentially a hardware firewall for connected vehicles.
ELDs are now mandatory for most freight carriers operating in the USA and will soon be required in Canada. With more countries adopting the technology, it is critical to protect it from tampering and attacks from hackers who will look for weak entry points in current connected vehicles. Mandatory, connected ELDs could be a common target for cyberattacks, as many typically do not include even basic cybersecurity. The CAN Data Diode is designed exactly for this type of ELD-specific device installation, as it eliminates all possible communication to the vehicle network from the ELD device, and restricts data from the vehicle to only devices that meet the ELD mandate.
The CAN Data Diode project ensures that commercial vehicle operators who do not have sophisticated fleet management applications can keep their vehicles secure from mandated ELDs connecting into the vehicle’s diagnostic port, using a low-cost, network-isolation solution. It also protects onboard vehicle data networks from the risks that ELDs would pose when connected directly to the vehicle. Without cybersecurity in place, hackers can easily exploit ELDs and use them as an entry point to access a vehicle’s controller area network (CAN) or IT systems.
“Unfortunately, not all ELDs are created equal,” noted Urban Jonson, chief technology officer at the NMFTA. “Some ELDs have been found to contain significant cybersecurity vulnerabilities and more security flaws are expected to be discovered as these devices become more widely adopted. In these cases, deploying isolation solutions to keep the connected systems separated from the vehicle network is critical. By bringing together experts in the vehicle cybersecurity industry, we are ensuring that commercial vehicle operators are able to meet ELD requirements while preserving safety and security.”
Niels Haverkorn, general manager of connected transport at cybersecurity developer Irdeto, added, “The more fleet and heavy vehicle operators rely on connectivity, the more vulnerable they become to cyberattacks. This connectivity makes it imperative to inherently protect the software that runs in vehicle fleets, not just securing the perimeter.
“Fleet and heavy vehicle operators need to keep cybersecurity top-of-mind to ensure that their drivers, vehicles and systems are safe from cyberattacks by securing ELDs, telematics systems and other in-vehicle software from tampering.”