Researchers find security flaws in industrial vehicles


At the 2016 Usenix Workshop on Offensive Technologies, researchers from the University of Michigan presented the results of tests that showed that industrial vehicles - a 2006 semi-trailer and a 2001 school bus - were subject to the same security flaws as had already been found in domestic cars. Via digital signals sent within a big truck's internal network, the researchers were able to change the truck's instrument panel readout, trigger unintended acceleration, and even disable part of the semi-trailer's braking system. Via a laptop connected to the vehicles' on-board diagnostic ports they found they were able to look up most commands, as these vehicles adhere to the J1939 open standard for industrial vehicles, making the attacks easier than those on domestic cars. Earlier in the year, a security researcher found thousands of trucks open to internet-based attacks via an insecure telematics dongle tracking petrol usage and location. The average age of a truck of the size they tested is 12 years. In response, the National Motor Freight Traffic Association said it was taking the work seriously and funding further research from the same team.

Writer: Andy Greenberg
Publication: Wired
Publication date: 2016-08-02

Related learning resources