The University of Michigan made news in August 2016 when researchers at a conference presented results from their experiments with the vulnerability of big rigs’ electronic systems. As reported in Wired magazine ahead of the conference, researchers plugged into a 2006 tractor’s OBD II port and largely commandeered the truck’s internal network. In this hack simulation, researchers “were able to do everything from change the readout of the truck’s instrument panel, trigger unintended acceleration, or to even disable one form of the semi-trailer’s brakes.”
The experiment followed previous high-profile researcher hacks of consumer vehicles, exploiting vulnerabilities in the cars’ over-the-air-connected infotainment systems. Researchers were able to disable acceleration, brakes and more in a Jeep Cherokee.
These incidents have sparked continuing discussions inside and outside the trucking community. They are part of a growing concern over vulnerabilities in “internet of things” (IoT) devices. These are not only phones and computers, but also modern home appliances, vehicles and the like that open connections to the Internet.
The impending Dec. 18 electronic logging device mandate puts more focus on potential hacking in trucking. Most ELDs open up a connection to the cellular data network, whether directly or through paired smartphones or tablets. (The notable exception is the base version of the Continental VDO RoadLog.)
ELD makers partially downplay the threat. They say their devices aren’t set up to write to the engine’s electronic control module – only to receive and transmit data from it and that they have various security measures in place. Nevertheless, scanning for vulnerabilities in IoT devices has been on the rise in recent years as hackers look for ways to turn problems into opportunity. Much more hacking is expected, possibly via ELDs.
