Cybersecurity Risks with Autonomous Trucks

Show Notes

Episode 218: Cybersecurity is on the minds of many people today. However, with the continued use and evolution of technology in the trucking industry, are autonomous trucks at risk all from cybersecurity attacks, and if so, what can be done about it?

Show Notes: Visit HeavyDutyPartsReport.com for complete show notes of this episode and to subscribe to all our content.

Disclaimer: This content and description may contain affiliate links, which means that if you click on one of the product links, The Heavy-Duty Parts Report may receive a small commission. 

Sponsors of this Episode: 

Want to look up parts but don’t have a part number or the VIN? Download Diesel Parts for free on Desktop or on your Apple or Android device. 

Looking for high-quality fuel injection for heavy-duty applications? Visit AMBACInternational.com/Aftermarket

Special Offer:

Sign up for our weekly email so you never miss out on an episode: Follow the Show

Transcript

 Jamie Irvine: (00:01)
You're listening to The Heavy-Duty Parts Report. I'm your host, Jamie Irvine. And this is the show where you get expert advice about heavy-duty parts that keeps trucks and trailers on the road longer while lowering cost-per-mile.

Jamie Irvine: (00:15)
You know me as the host of The Heavy-Duty Parts Report, but did you also know that I am a co-host on a radio show on TNC radio called Mind Your Trucking Business. Each week we talk on this radio show about how to help people in the trucking industry make their fleets more professional and operate more efficiently. In one of the recent radio shows that we did, there was a clip that I thought was particularly applicable to the listeners of the heavy-duty parts report. And so I wanted to share that with you, that'll be the basis for today's episode. I hope you enjoy it.

Tom Kelley: (00:48)
So Jamie, we have a lot of stuff on our plate to cover this evening. And one of the things we're gonna talk about is the current status of autonomous trucking.

Jamie Irvine: (01:00)
Cybersecurity. That's really what the heart of what we want to talk about today is, and I think when most people when you think of cybersecurity and you, and you add the word trucking to that the first thing people do think about is this future. That seems to be, it's out there somewhere in the future. We don't know exactly when it's going to be prolific where all of our commercial vehicles are autonomous. I think there's some people that are very bullish on that. And there's a lot of people in the trucking industry who are quite skeptical, but right away the thought is, okay, we've got these autonomous vehicles and they're testing them on the roads. Now, one day in the future, they're going to be in regular use.

Jamie Irvine: (01:46)
I think of a lot of the security and the concerns that North Americans have both in the US and in Canada about things like, for example, you know, mass shootings, right? We're exposed to that. We see that in the news when it happens, it's an absolute tragedy. But when we start thinking about autonomous vehicles and cybersecurity, I start to think of a world where there's some hacker sitting overseas getting control of a autonomous truck and trailer and using it as a weapon against North American citizens. Is that real Tom? Is that something we should be worried about? How susceptible are we to those kinds of massive cybersecurity risks related to autonomous vehicles and telematics?

James Rogers: (02:29)
Yeah, that's the question I have coming, like, kind of from the driver perspective. And as a carrier that I hear a lot, when anytime that subject comes up is how much is this real? And then of course, you know, you hear the myths of everything that was just mentioned, but it's obviously it's more dramatic coming from a truck driver, because it is, it's a serious concern. So what's the reality of it?

Tom Kelley: (02:54)
Okay. Well, okay. So some of the different things that are out there, for instance, you guys might have heard that, it is possible if somebody hooks up the right thing to your truck, that they could from another vehicle, maybe not take control, but do something with your truck, say slam on the brakes or cause it to not be able to shift properly or something like that. And I want everybody to know and it's, you know, you can double check on all this, that's absolutely true.

Jamie Irvine: (03:28)
So we don't even have to wait till autonomous vehicles that that's true today?

Tom Kelley: (03:33)
Right now today, if you have the regular plug in your computer, where they plug in the computer to test your engine and do all the different things that they can do. If you have that plug, there is something that we could put against that that would pick up a signal that we could adjust. Now you can go out and watch these they're only three or four or five minutes, YouTube videos that show them doing this. They do not describe exactly which truck it is as far as brands, because it doesn't matter. It doesn't matter what kind of the point is we already have vulnerabilities just in the computer systems we have on the trucks right now.

Jamie Irvine: (04:20)
We're gonna take a quick break. We'll be right back. Don't have a heavy-duty part number and need to look up a part? Go to parts.diesellaptops.com or download the app on Apple or Android to create your free account. Looking for high-quality fuel injection for heavy-duty applications. Having one supplier for fuel injection allows you to better serve customers by providing them with a complete line, which increases your sales and profitability. Learn more at ambacinternational.com/aftermarket. So Tom let me ask you something about that. So I was doing some, some reading about the diagnostic ports related to some work that we were doing over at The Heavy-Duty Parts Report because of course we're all about parts and maintenance. And I know that there's like the OBD2 and the J1913 and then there's the J1939. So any of you listening today, we're talking about that diagnostic port where people are gonna plug in to be able to get fault codes, to be able to get access to the ECM and see what's going on with your truck. That's the point of entry that creates the security risk? Do I have that right?

Tom Kelley: (05:28)
Correct. Especially the J1913. Because it's been out there for a long time. It has a standard set of the, you can take your truck, um, you know, whether you're in Canada, the us, and whether you live in, if you're in New York, you go to California or California, go to Florida, you can go to a technician and they all use the same standard of equipment to talk to that port.

James Rogers: (05:55)
Oh, so that port, well, every truck's got that port far back as I can remember, I mean, at least 2005. And, and now you can literally plug into that and have control of the truck on the safety systems, like the brakes or what, or even acceleration or even shifting. But then also on top of that in the way technology's going now too, at current time to go with that, is that the ELDs also plug into those ports and then you could also plug something else. So they have complete access?

Tom Kelley: (06:28)
Theoretically. Yes. Has anybody tested it to the level of, could you drive the truck from the diagnostic port? I don't think it has the throughput to fully do that, but can I impact the truck and do something to it to make it that the driver can't do what they want to do with it? Yes. Now, is it already set up in such a way that I can just drive by any truck and do that? No, heavens no. I would have to have physical access to your truck and get in there and do some stuff to it, to be able to impact you and to make change. But it's not to the point where somebody can just, you know, drive up to any, you know, behind any truck and say, Hey, watch, I'm gonna take control of this truck. We're not there.

James Rogers: (07:17)
That's where the truck driver comes in. And I've heard that question ask is what if we were in a shop and somebody put a Bluetooth device in there that we don't see.

Tom Kelley: (07:26)
Yeah. That's a problem.

James Rogers: (07:28)
That's a concern,

Tom Kelley: (07:29)
You know, could they have some, listen, I call it Bluetooth because it could be any, any kind of wireless networking,

James Rogers: (07:36)
Right? Yeah. Okay. Wireless.

Tom Kelley: (07:37)
So could they put some kind of device there that you can't see to impact change on your truck? Is that possible? The answer is yes. It's possible. Could they take control and just like start driving the truck? I don't think neither the technology nor the strength of signal nor the you know, you couldn't do more from that port than you can do from, you know, any diagnostic work that you do now.

James Rogers: (08:09)
What about the signal strength about like how, Volvo and I think now Peterbilt does it and I wanna say Mack, the, some, you know, some of the truck makers, how they have their self identifications thing where they can actually see the codes that are going on with these trucks, they kind of work over a radio signal or some sort of FM signal. I mean, is it possible even through that?

Tom Kelley: (08:33)
Not yet.

Jamie Irvine: (08:34)
Well, James, you bring up a good point though, because as telematics and also as the integration of our 5G network in conjunction with self-driving technology, this is where you're going to have to be able to communicate with the vehicle remotely for all kinds of reasons, all the way from driving, right down to maintenance and repair. So is it, are we that vulnerable yet? No, but that's just because the technology hasn't gotten there yet and it is fast approaching. I mean, every manufacturer that I talk to, this is the future for service and maintenance, the holy grail is to be able to have a customer say I'm having a problem and for you to be able to ping that truck wherever it is. And before that truck gets towed into the repair shop or drives into the repair shop, the parts are waiting. The tech is waiting, knows exactly what to do to fix that truck. Like that's the holy grail of maintenance and service that the truck OEs and service providers and parts providers are chasing. And to me, when you marry that to self-driving technology, this is where this big vulnerability comes in if we don't get the security protocols, right.

Tom Kelley: (09:47)
And that's what they're working on right now and what we're waiting to see the final write up on or they call it the J 1939-91. And there's an, A, B and C, and this is all about securing the network of the truck. Okay. There's a network. Think of your truck as its own network and all the different things that have to talk within the truck, we have to secure that network first, just like if you were gonna secure your home, you secure own locks first, make sure that nobody can get in, then you worry about who's coming up and down the street.

James Rogers: (10:26)
Right. I mean, it does. I mean it reminds me of Skynet when watching the Terminator back in the day, that's what it reminds me of.

Tom Kelley: (10:34)
And it should, yeah. Yeah. It's not that far off.

Jamie Irvine: (10:37)
So Tom, you talk about being able to secure the truck. And I think right now the thing that people need to know is that there is possible vulnerability, but they still need physical access to your truck in the future. As this evolves, we're gonna definitely keep you up to date on what security you need for your truck and for your business.