Modern commercial vehicles are required by law to be equipped with Electronic Logging Devices (ELDs) in an effort to make it easier to track, manage, and share records of duty status (RODS) data. Research has shown that integration of third-party ELDs into commercial trucks can introduce a significant cybersecurity risk. This includes the ability of nefarious actors to modify firmware on ELDs to gain the ability to arbitrarily write messages to the Controller Area Network (CAN) within the vehicle. Additionally, a proof-of-concept self-propagating truck-to-truck worm has been demonstrated.
This dataset was collected during controlled testing on a Kenworth T270 Class 6 truck with a commercially available ELD, during which the firmware on the ELD was replaced remotely over a Wi-Fi connection from an adjacently driving passenger vehicle. The compromised ELD then gained the ability to perform arbitrary CAN message writes of the attacker’s choice. The dataset contains CAN traffic in the `candump` format collected using the Linux `socketcan` tool.
After taking control of the ELD, the attacker writes Torque Speed control messages onto the CAN network, impersonating the Transmission Control Module (TCM). These messages command the Engine Control Module (ECM) to request 0% torque output, effectively disabling the driver’s control of the accelerator and forcing the truck to idle.