From October 22-25, NMFTA hosted its annual Digital Solutions Conference on Cybersecurity in Houston, TX. The presentations contained powerful information for any company in the trucking industry that’s concerned about cybersecurity for its enterprise and/or assets. Of course, that needs to be the entire industry. This is part of a series of blogs that summarize the information presented for those who could not be there.
TOPICS: What Trucking Can Gain From ICS Cybersecurity Measures, Plus Upcoming Initiatives
Presenter: Ben Gardiner, NMFTA
Earlier this year, Ben Gardiner, NMFTA’s senior cybersecurity researcher, encouraged Chloe Cunningham of Peninsula Truck Lines to research an interesting question:
With respect to cybersecurity, how does the trucking industry compare to industrial control systems (ICS)? And how does it differ?
We reported back in August on Chloe’s presentation that stemmed from that challenge. During the NMFTA’s recent Digital Solutions Conference on Cybersecurity, Gardiner expanded on the question, suggesting that an overlay between the two kinds of systems could benefit the trucking industry.
Both have critical interfaces. In ICS, these are known as human/machine interfaces. In trucking, that is simply the cabin controls and the dashboard – the things that allow the driver to control the truck.
By the same token, both have controllers that allow for automation. In ICS this is called the logic controller. In trucking, it’s called the electronic control unit (ECU). Both allow for the automation that’s involved with operating the machine, or the vehicle.
In ICS, remote access is needed to allow for things like remote management, remote business cases and processes, OEM/vendor updates and controls. In trucking, remote access is needed for things like remote diagnostics or remote business such as dispatching, monitoring, and regulatory compliance. This is where electronic logging devices (ELDs) often come into play.
But ICS tends to have some security protections that are not as common in trucking, such as network segmentation, which prevents attackers from making their way through the entire enterprise.
Trucking also tends to lack some other protections that are common in ICS, including telematics firewalls, forensic visibility, authentication of remote commands, backup telematics and logging remote controls. Trucking also tends to lack a data historian, which keeps a history of things like performance, trends, and maintenance on the vehicle.
So, can trucking gain insight from ICS to improve its cybersecurity protections?
“The key to this whole presentation is the overlay,” Gardiner said.
An overlay is the idea that groups in a common industry can share the process of developing communitywide and specialized sets of security controls. This is not to say the trucking industry can simply plug in the security controls used in industry. Some things don’t translate. But the very discussion holds promise.
“Maybe we could start with this overlay and tweak it into a trucking-specific overlay,” Gardiner said.
These are the kinds of ideas that stem from the conference and often lead to innovative solutions.
Additionally, some of the cybersecurity initiatives NMFTA is working on for the coming year include the securing of legacy maintenance software, fleet enterprise penetration testing, and distribution center vulnerability assessment.
Another priority for 2024 is the continued development of the Ultimate Truck Hacking Platform–a Yocto Linux-based distribution that unifies as many truck hacking tools as possible.
There’s much to be done in the year ahead to keep the trucking industry safe from, and prepared for, cyberattacks.
To learn more about our upcoming cybersecurity initiatives, or to participate in upcoming research projects, email email@example.com.
To view photos from the conference, access our event photo album.