Cybersecurity Research

NMFTA has developed the following white papers, reference documents, and bulletins in conjunction with our partners for the benefit of the industry.

wdt_ID Document Name Description Release Date Version # Link
2 A Survey of Heavy Vehicle Cyber Security A comprehensive review of cyber security for heavy vehicles for the NMFTA membership. 09/21/2015 1.0.3.6
59 HVCS Bulletin HVCS Bulletin 09/08/2016 1.5
60 Talent Generation for Vehicle Cyber Security A paper by Dr. Jeremy Daily, Dr. Rose Gamble, and Urban Jonson on how to generate talent for vehicle cyber security presented at ESCAR USA 2017. 06/21/2017 1.0
61 ELD Bulletin A cyber security awareness bulletin regarding FMCSA Electronic Logging Device (ELD) mandate 08/28/2017 1.1
62 Medium and Heavy Duty Electric Vehicle and Charging Infrastructure Cyber Security Baseline Reference Document A comprehensive review of cyber security for electric medium and heavy duty vehicles, charging stations and the electric grid. This document provides a reference baseline for the various stakeholders in heavy duty electric vehicle charging. 05/30/2018 1.2.1
83 NMFTA Position on WiFi SSID and Password Reuse in Telematics Devices Curtailing the practice of reuse of WiFi passwords on telematics devices installed in the class 7 & 8 vehicles of our fleet members. 07/20/2022 1.0
58 Executive Summary of A Survey of Heavy Vehicle Cyber Security Summary of main survey document 11/18/2015 1.0
80 Tool: J1708 Decoder A J1708 sigrok protocol decoder (PD), UART stacked
81 Tool: Python Interface to TruckDuck Python interfaces to TruckDuck network interfaces
79 Tool: PLC4TrucksDuck A PLC writing tool for the Truck Duck beaglebone based heavy vehicle diagnostic and debugging tool
78 Mitigations Options to J2497 Attacks Mitigations to J2947 aka PLC4TRUCKS attacks, especially RF induced attacks. Developed and shared privately at the same time as the disclosure (January 13th 2022) and released into the public domain without modification here. 03/03/2022 9.0
77 NMFTA Cybersecurity Requirements for Telematics Systems NMFTA’s Cybersecurity Requirements for Telematics Systems delivers a comprehensive list of cybersecurity requirements that should be met by all components of a telematics device, FMIS, and/or ELD. 03/02/2022 1.5
75 Disclosure of Confirmed Remote Write to J2497 aka PLC4TRUCKS In the interest of responsible disclosure, we are writing to you to share a follow-up confirmation of results from our investigation previously disclosed in November 2019. 01/13/2022 4.0
74 Commercial Transportation: Truck Hacking Slides Slides for our presentation on Truck Hacking and how it fits into the larger field of commercial transportation. Includes: truck vehicle networks, public instances of truck hacking, truck hacking tools and how to get involved. 11/14/2022 8.0
73 NMFTA Letter to CARB regarding ROBD Draft Regulatory Concepts NMFTA’s Letter to CARB regarding proposed requirements in the CARB draft HD/IM Regulatory document for Remote On-board Diagnostics (ROBD). 02/23/2021 1.0
72 Power Line Truck Hacking: 2TOOLS4PLC4TRUCKS Slides for our presentation on Power Line Truck Hacking of J2497/PLC4TRUCKS. Tools for read-write are introduced as is ICSA-20-219-01. 08/08/2020 1.0
71 Response to FMCSA Cybersecurity Best Practices NMFTA Bulletin: Cybersecurity Best Practices for Integration/Retrofit of Telematics and Aftermarket Electronic Systems into Heavy Vehicles by the FMCSA. 05/13/2020 1.0
67 Participant's Handbook A customizable handbook for tabletop exercise participants. 01/17/2020 2.0
66 Facilitator's Handbook A customizable handbook for tabletop exercise facilitators. 01/17/2020 2.0
65 Secure Device Provisioning Best Practices: Heavy Truck Edition Sponsored by and drafted in collaboration with NCC Group, NMFTA, and heavy vehicle industry partners. 11/21/2019 1.0
64 Ransomware Playbook A customizable incident response plan template. 11/08/2019 1.4
63 Executive Summary of Medium and Heavy Duty Electric Vehicle and Charging Infrastructure Cyber Security Baseline Reference Document Medium and heavy duty electric vehicle and charging infrastructure cybersecurity executive summary. 05/30/2018 1.2
87 VCRWG Truck Matrix Update 2022 A status report and list of next steps for the NMFTA Vehicle Cybersecurity Requirements Working Group's (VCRWG) Truck Matrix. 11/18/2022 1.0