154742479 | Pop Nukoonrat | Dreamstime
Dreamstime Xxl 154742479 Cybersecurity

Advanced truck technologies create new cybersecurity concerns

Sept. 16, 2021
An American Trucking Associations' TMC taskforce is updating the organization's cybersecurity measures and recommended practices to help motor carriers pinpoint and prevent vulnerabilities to cyber attacks.

CLEVELAND, Ohio—As the world moves toward more advanced driver-assistance systems (ADAS) and connected vehicle technologies, the trucking industry is expected to realize added safety and efficiency benefits. But with those benefits come new opportunities for cyber-attacks.

In more traditional trucks, the driver has typically been considered the single point of failure for the vehicle’s safety and security while on the road, noted Wally Stegall, technical fellow and director at The Morey Corporation, during the American Trucking Associations’ Technology & Maintenance Council’s 2021 fall meeting. Moving forward, however, ADAS and automated systems are creating multi-points of failure for cyber safety and security.

“The important thing to note is cybersecurity is extremely important,” Stegall, a participating member of ATA’s cybersecurity taskforce, said. “In our future world it’s not about a driver having a bad day because something went wrong from a maintenance standpoint; you’ve got an entire fleet having a bad day, week, or month. As we look at cybersecurity, safety, condition-based maintenance, and integrated vehicle health management, we need to tear down the institutional and operational divisions between design, enterprise, maintenance, and IT.”

Stegall stressed the importance of including cybersecurity and safety in the design of all commercial vehicle systems.

“It will take a significant amount of energy for the industry to change because instead of having a 10-year design cycle for a vehicle platform, we’re now looking at a much shorter design cycle and newer technologies coming at us,” Stegall pointed out. “While we advance cybersecurity, we also need to be proactive in our recommended practices to give feedback to the rest of the industry in a timely manner, so that we’re part of the design process as well as the recommended practice process.

During the TMC meeting, ATA announced it is updating Fleet CyWatch, a TMC and Transportation Security Council program that assists fleet members in reporting information about trucking-related cybercrimes and attacks. According to Dan Horvath, ATA’s VP of safety policy, a benefit of the program is intelligence sharing.

“Instead of you being responsible for tracking cybersecurity incidents and threats and trying to figure out how it could impact trucking operations, Fleet CyWatch is a subscription service where we do the work on our end and get it over to you,” he explained. “It helps you stay aware of the issues and offers training solutions and awareness in how to prevent vulnerabilities to particular attacks.”

ATA has also ramped up talks and involvement with the Transportation Security Administration to share the issues fleets are experiencing on the cybersecurity front. One potential issue that Horvath mentioned is cybersecurity vulnerabilities with electronic logging devices. Horvath also pointed out that acceleration to 5G networks is a concern.

“While this isn’t necessarily a cybersecurity issue, there are a number of ELD providers out there that rely on 3G to transmit ELDs,” he said. “This is becoming problematic on the ELD front, and we have an ELD taskforce talking about that issue to see how we can rectify that problem.”

ATA has also partnered with Hudson Analytix to deliver CyMetrics, a cyber-risk management program for the trucking industry. CyMetrics aims to help trucking companies enhance the oversight and management of their cybersecurity program by identifying factors contributing to and determining the company’s overall risk. The program assesses a company’s cybersecurity preparedness and evaluates whether preparedness is aligned with cyber risks. CyMetrics then helps fleets determine risk-management practices and actions to be taken to achieve the desired state of cybersecurity preparedness.

William Elkins, CTO for Hudson Analytix, was quick to point out that one solution does not solve all the cybersecurity issues that the trucking industry faces. He emphasized the importance of creating a bridge between a carrier’s IT department and management team to better identify where cybersecurity gaps exist in practices, technology, controls, or incident management.

“It’s not just an IT problem, but it typically falls on IT and technical departments within your organization to identify these gaps,” Elkins said. “Management sometimes struggles with why it’s important to do these things. Our goal here is to create the path to closing those gaps.”

Sponsored Recommendations

Heavy-Duty Maintenance Checklist

A maintenance checklist can help ensure you hit everything necessary during an inspection. Check out our free downloadable checklist to help streamline your repairs.

Five Ways a Little Data Can Save Your Company Millions

While most trucking and logistics companies rely on cellular to keep their work fleet connected, satellite has the ability to connect anywhere and through small data transmission...

Fleet Case Study: 15% YOY Growth for ITDS

Learn how this small trucking company scaled significantly and maintained outstanding customer service without adding additional people. Sylectus TMS can automate operations and...

Unlocking Fleet Safety & Efficiency: The Managed Service Advantage

Want to boost your fleet's safety and efficiency? Tune in now to discover the power of Managed Services in optimizing your safety program, streamlining operations, and making ...

Voice your opinion!

To join the conversation, and become an exclusive member of FleetOwner, create an account today!