Can Big Trucks be Hacked?
By Jim Park
If you have read any of the headline stories about the trio of researchers from the University of Michigan who successfully hacked into the J1939 databus of a 2006-model-year truck, you might now believe that it’s discouragingly easy. While the researchers did manage to seize control of the truck’s throttle and engine brake controls, they used a laptop computer connected directly to the truck’s dataport (OBD port) to pull off their experiment.
A YouTube video accompanied several of the online reports about the hacking attempt showing the vehicle lurching along a test track, the would-be hacker in the back seat of the club-cab truck with his laptop, while the driver and a passenger (presumably the trio or researchers) comment on the performance of the truck.
It’s one thing to hack into the J1939 databus from onboard the vehicle. But the question the U of M researchers were keen to delve into is the likelihood of carrying out the same type of hack, or perhaps a more serious disruption of the vehicle controls, remotely via the telematics links now emerging as a popular maintenance management option.
The research paper is titled “Truck Hacking: An Experimental Analysis of the SAE J1939 Standard,” published by Yelizaveta Burakova, Bill Hass, Leif Millar, and Andre Weimerskirch of the The University of Michigan. The paper was presented Monday in Austin, Texas at 10th Usenix Workshop on Offensive Technologies. It’s available to download here.
It focuses on what an adversary could accomplish while physically connected to the truck’s internal network, and analyzes the impact of insecure electronic control units in heavy vehicles by exploiting the inherent openness of the J1939 architecture — which is something common to all heavy trucks in North America and a great deal more diesel-powered equipment as well. read more at truckinginfo.com