NMFTA has developed the following white papers, reference documents, and bulletins in conjunction with our partners for the benefit of the industry.
VCRWG Truck Matrix Update 2022
A status report and list of next steps for the NMFTA Vehicle Cybersecurity Requirements Working Group's (VCRWG) Truck Matrix.
Download
Commercial Transportation: Truck Hacking Slides
Slides for our presentation on Truck Hacking and how it fits into the larger field of commercial transportation. Includes: truck vehicle networks, public instances of truck hacking, truck hacking tools and how to get involved.
Download
NMFTA Position on WiFi SSID and Password Reuse in Telematics Devices
Curtailing the practice of reuse of WiFi passwords on telematics devices installed in the class 7 & 8 vehicles of our fleet members.
Download
Mitigations Options to J2497 Attacks
Mitigations to J2947 aka PLC4TRUCKS attacks, especially RF induced attacks. Developed and shared privately at the same time as the disclosure (January 13th 2022) and released into the public domain without modification here.
Download
NMFTA Cybersecurity Requirements for Telematics Systems
NMFTA’s Cybersecurity Requirements for Telematics Systems delivers a comprehensive list of cybersecurity requirements that should be met by all components of a telematics device, FMIS, and/or ELD.
Download
Heavy Vehicle Networking Using SAE J1939
Heavy vehicle networking using SAE J1939 presentation, prepared by Dr. Jeremy Daily, Colorado State University.
Download
Disclosure of Confirmed Remote Write to J2497 aka PLC4TRUCKS
In the interest of responsible disclosure, we are writing to you to share a follow-up confirmation of results from our investigation previously disclosed in November 2019.
Download
NMFTA Letter to CARB regarding ROBD Draft Regulatory Concepts
NMFTA’s Letter to CARB regarding proposed requirements in the CARB draft HD/IM Regulatory document for Remote On-board Diagnostics (ROBD).
Download
Power Line Truck Hacking: 2TOOLS4PLC4TRUCKS
Slides for our presentation on Power Line Truck Hacking of J2497/PLC4TRUCKS. Tools for read-write are introduced as is ICSA-20-219-01.
Download
Response to FMCSA Cybersecurity Best Practices
NMFTA Bulletin: Cybersecurity Best Practices for Integration/Retrofit of Telematics and Aftermarket Electronic Systems into Heavy Vehicles by the FMCSA.
Download
Secure Device Provisioning Best Practices: Heavy Truck Edition
Sponsored by and drafted in collaboration with NCC Group, NMFTA, and heavy vehicle industry partners.
Download
Medium and Heavy Duty Electric Vehicle and Charging Infrastructure Cyber Security Baseline Reference Document
A comprehensive review of cyber security for electric medium and heavy duty vehicles, charging stations and the electric grid. This document provides a reference baseline for the various stakeholders in heavy duty electric vehicle charging.
Download
Executive Summary of Medium and Heavy Duty Electric Vehicle and Charging Infrastructure Cyber Security Baseline Reference Document
Medium and heavy duty electric vehicle and charging infrastructure cybersecurity executive summary.
Download
ELD Bulletin
A cyber security awareness bulletin regarding FMCSA Electronic Logging Device (ELD) mandate
Download
Talent Generation for Vehicle Cyber Security
A paper by Dr. Jeremy Daily, Dr. Rose Gamble, and Urban Jonson on how to generate talent for vehicle cyber security presented at ESCAR USA 2017.
Download
Executive Summary of A Survey of Heavy Vehicle Cyber Security
Summary of main survey document
Download
A Survey of Heavy Vehicle Cyber Security
A comprehensive review of cyber security for heavy vehicles for the NMFTA membership.
Download
Tool: PLC4TrucksDuck
A PLC writing tool for the Truck Duck beaglebone based heavy vehicle diagnostic and debugging tool
Download
