Forget people stealing packages off the porch during the holidays. Hackers attacking delivery trucks is the more apocalyptic scenario, says Systems Engineering Professor Jeremy Daily.
“Trucks are part of our critical infrastructure,” Daily said. “The things you use every day are there because of trucks. Fuel delivery, medical supplies, food and all of our online shopping is supported based on the ability to move goods around the country on trucks.”
Daily brought the CyberTruck Challenge to CSU with him last fall as a new associate professor in the Systems Engineering department in the Walter Scott, Jr. College of Engineering. Daily co-founded the event in his previous position at the University of Tulsa.
Each June, around 40 students from universities around the country and Canada (so far) travel to Michigan to learn from professional hackers and cybersecurity experts and diagnose potential vulnerabilities in heavy trucks. CSU sends students to the challenge events, which exposes students to a broader understanding of all systems including electrical and mechanical engineering and computer science.
Good role for a university
“That’s where a university fits well – developing the talent to solve those problems,” said Daily, who recruited two of his former students into CSU’s Systems Ph.D. program. “It takes a systems approach. These are big heavy computers running down the street with engines in them.”
This year’s CyberTruck Challenge will be June 21-26 in Warren, Michigan.
Daily started the program while he was at Tulsa and wound up collaborating with Karl Heimer who ran the CyberAuto Challenge in Michigan to provide an event specific to heavy duty vehicles.
Daily’s interest in engineering systems started with the family business. His dad was an engineer who worked in law enforcement. Daily went into the U.S. Air Force, obtained a Ph.D. from Wright State University and began to focus his research on traffic crash reconstruction and digital forensics for vehicles. Father and son co-wrote a book with Nathan Shigemura titled “Fundamentals of Traffic Crash Reconstruction” in 2006.
A niche based at CSU
Daily found his niche researching the digital forensics of network process control systems with an emphasis on heavy trucks. Then he got a call from the National Motor Freight Traffic Association after some high-profile automotive cybersecurity breaches including the hacking of a Jeep in 2015.
“That really put the transportation industry on notice,” Daily said. “Original architectures to the vehicles did not include these wireless interfaces.”
Companies participating in the CyberTruck Challenge are there to learn, not because they’re especially at risk of cyberattacks, Daily added. The event is sponsored by many of the well-known companies in the industry, so he is sensitive to publicly exposing any vulnerabilities of participants.
Students have helped implement new technical controls and fix vulnerabilities in trucks as a result of the competition, he said.
“Hackers continue to find new vulnerabilities and exploit them so you’re always playing this cat-and-mouse game,” Daily said. “Industry recognizes it has to be proactive in pursuing cybersecurity solutions.”