I Like Big Trucks and I Cannot Lie … But My Hacking Threat Fears Aren’t Belied

Big Truck

Semis loaded with hazardous cargo controlled not by their drivers but by unknown forces seeking to do harm sounds like a Stephen King plot. But researchers recently told the USINEX Workshop on Offensive Technologies that trucks, including school buses, are as susceptible to the same kind of hacking as are in connected cars.

University of Michigan scientists discussed their new research paper showing the real possibility of “safety critical attacks that include the ability to accelerate a truck in motion, disable the driver's ability to accelerate, and disable the vehicle's engine brake.” 

The researchers explained that a single technical standard for internal communications networks is used to connect components inside U.S. heavy duty trucks. The Society of Automotive Engineers standard SAE J1939 is also now widely used in the rest of the world, they said. 

“We find that an adversary with network access can control safety critical systems of heavy vehicles using the SAE J1939 protocol,” the researchers said. So potentially a hacker could gain access to a trucking company’s system used to communicate with drivers and force a school bus full of kids to speed up or cause the gauges on a truck hauling gasoline to misreport speed or silence brake safety warnings.

“It is imperative that the trucking industry begins to take software security more seriously,” the research paper concluded, noting that in 2013 there were over 6.5 million heavy trucks in the U.S.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.