The complexities of the heavy truck ecosystem poses challenges to the security of the ECU networks contained within the vehicles. This paper describes some of the major sources of complexity, and how each can be addressed to design and implement a secure robust ECU provisioning system. Such a system is required in order for the various ECUs to form and maintain trust relationships with each other and with external devices, for the entire lifespan of a truck. Many of these problems are well studied elsewhere by the security community, but here we apply these long-established security concepts to the heavy truck industry.
This paper was sponsored by, and drafted in collaboration with, National Motor Freight Traffic Association, Inc.