Image: Irdeto

A consortium including America’s National Motor Freight Traffic Association (NMFTA), Irdeto, Geotab and DG Technologies has developed a CAN Data Diode hardware device in collaboration with the University of Tulsa. Created in the university’s Student CyberTruck Experience (CyTex) program, this is said to secure a truck’s electronic logging device (ELD) against remote cyberattack.

The CAN Data Diode effectively acts as a firewall for connected vehicles, and the consortium is looking at other possible commercial applications. It is described as a low-cost network-isolation solution for fleet operators without access to sophisticated management applications, to guard against hackers accessing a vehicle’s controller area network or IT system, such as its software, diagnostics or telematics.

“Some ELDs have been found to contain significant cybersecurity vulnerabilities and more security flaws are expected to be discovered as these devices become more widely adopted,” said Urban Jonson, chief technology officer, NMFTA, in a statement. “In these cases, deploying isolation solutions to keep the connected systems separated from the vehicle network is critical. By bringing together experts in the vehicle cybersecurity industry, we are ensuring that commercial vehicle operators are able to meet ELD requirements while preserving safety and security.”

Niels Haverkorn, general manager, connected transport, Irdeto, added: “The more fleet and heavy vehicle operators rely on connectivity, the more vulnerable they become to cyberattacks. This connectivity makes it imperative to inherently protect the software that runs in vehicle fleets, not just securing the perimeter.”

The SAE International technical standards committee is following the CAN Data Diode project as part of its work on security standards for vehicle diagnostic data links.

-Farah Alkhalisi