If you believe a truck should be as secure as a bank website from cyberattacks, it’s worthwhile to consider how many security protocols operate on the Internet keeping the exchange of information between machines secure.
There are a lot of them. And they rely on a combination of technological sophistication and trust. They’re far ahead of what the trucking industry has put in place, although we finally have some capable companies working on that.
We are starting to see the day when authentication, encryption and certificate protocols secure our truck diagnostics every bit as much as they secure the websites we visit. But first, let’s consider how this works on the Internet.
People who work with websites are familiar with security certificates. These online data structures provide assurance that the site is safe to visit, and that you won’t be the object of some sort of cyber-sabotage as a result of clicking on it.
When was the last time you performed a banking transaction online? Did you think about the security of that transaction? Some people might, but most don’t give it a thought because they simply trust their bank has been diligent in taking care of security.
If you really wanted to look into it, you can see the security certificate chain that assures your activity is safe.
Of course, most people don’t check the security certificate when they visit a website. And those who do may not ask the question: Who provided the certificate at the end of the chain? Can we trust this certificate authority?
This relates to a concept known as the root of trust.
The secure sharing of information between machines usually relies on an encryption scheme with shared keys. This is fairly easy to do if you can exchange key between friends, but it is really hard to scale to the Internet when people are needing to share keys, but never met before. The solution to this problem comes from a concept known as the Diffie-Hellman Key Exchange, which was developed in the 1970s. It’s a mathematical method of securely exchanging cryptographic keys over a public channel.
Without getting too deeply into the esoteric details, the system requires each party produces an asymmetric key pair with a secret private key and public key. Parties can share the public key. When the other person’s public key is combined with your private key, a new secret key is derived. This is the same secret that is derived from your public key and the other person’s private key. That public key is paired with a private key. This gives a unique shared secret with ability to decode and read all the information that’s being exchanged.
However, there is a fundamental flaw with this approach, which is establishing the authenticity of the public key you have received. To establish this authenticity, we have to use a root of trust to digitally sign the shared public key and ensure the public key is trustworthy.
The emergence of some bad actors in the cyber world, including some who are acting on behalf of malevolent foreign governments, challenges that root of trust. It’s an example of why we can never become complacent about cybersecurity.
The trucking industry trusts these certificates just like any other, and for the most part their IT systems use similar protocols.
But vehicle diagnostics are a different story. The various components within a truck communicate with each other using a controller area network, or CAN bus. It’s a message-based protocol, and the concept was originally designed by Bosch in the 1980s. Its purpose back then was to save copper by using multiplex electrical wiring. It has been updated several times, but the concept is still used for on-board diagnostics.
The CAN bus doesn’t have any of the cybersecurity controls we take for granted on the Internet. There is no verification, authentication or encryption as part of the protocol. These have to be added by the applications. When diagnostic software is deployed, the industry tends to simply trust it came from the right vendor, and that nothing untoward is going on. The main security protocol is based simply on proximity to the vehicle.
That’s not good enough. But we’re seeing some new protocols under development.
Unified Diagnostic Services (UDS) is a communication protocol used in automotive Electronic Control Units (ECUs) to enable diagnostics, firmware updates and other such activities. Several new protocols are now being created to establish the root of trust in truck maintenance and diagnostics, similar to what we take for granted on the Internet.
One is UDS service 0x29, which is a certificate-based authentication. It establishes a much stronger basis for trust than mere proximity. Another is UDS service 0x84, which is an encryption process designed to provide another layer of security.
This year Sharika Kumar, engineer at Cummins, and I have written a couple papers on this topic [1,2]. We have published the work with SAE International and the ESCAR USA conference. to advocate for the successful advancement of this effort.
We also shared this information in June at the 2023 CyberTruck Challenge, at which 41 students from around the country learned about issues like this. As many of them move toward careers in truck cybersecurity, we want to make sure they understand these issues and advocate for them in the industry.
The trucking industry needs its assets every bit as secure as your online bank transactions. Many of the systems trucks rely on were not developed with cybersecurity in mind, so we’ve got some catching up to do.
And we’re doing it.
 Kumar, S., Daily, J.S., Ahmed, Q. and Arora, A., “Cybersecurity Vulnerabilities for Off-Board Commercial Vehicle Diagnostic Sessions,” SAE Technical Paper 2023-01-0040, SAE World Congress Experience (WCX), https://doi.org/10.4271/2023-01-0040, 11 April 2023.
 Daily, J. and Kumar, S. “Securing Vehicle Diagnostics Communication” 10th Escar USA – The World’s Leading Automotive Cyber Security Conference, Plymouth, MI, June 21-22, 2023.