NMFTA raises the bar on ELD security standards

Article Published by Geotab
Author: Denise Rondini, President, Rondini Communications, Trucking industry contributor

The National Motor Freight Traffic Association (NMFTA) is raising the bar on cybersecurity in the trucking industry with two new initiatives.

NMFTA Open Telematics APIR (OTAPI)

In July, NMFTA announced release 1.0 of the Open Telematics API (OTAPI) to enable business resiliency for motor freight carriers with tight integrations into telematics service providers. 

OTAPI facilitates interoperability between telematics service providers’ interfaces and motor freight carriers’ systems by standardizing the data format and methods for retrieving telematics logs and data.

Release 1.0 focuses on the most business critical use cases, as identified by motor carrier contributors, to promote business continuity and a carrier’s ability to meet hours of service (HOS) reporting requirements in case of an extended business interruption/termination from an electronic logging device (ELD).

OTAPI will benefit the heavy vehicle industry by:

  • Raising awareness of cybersecurity among motor carriers;
  • Establishing baseline cybersecurity standards for telematics devices connected to commercial trucks, used by drivers of commercial vehicles and integrated into fleet operations/management systems.

Telematics procurement RFP templates for carriers

In addition, NMFTA released v1.0 Request for Proposal Templates (RFP) templates for use by motor freight carriers during the telematics system procurement process. The templates are provided in a collection of Word and Excel files, and are intended to be distributed to telematics solution providers so they can respond with details about which requirements their products satisfy.

NMFTA is a nonprofit membership organization headquartered in Alexandria, VA, whose membership is comprised of motor carriers operating in interstate, intrastate and foreign commerce. It publishes the National Motor Freight Classifications, as well as assigns the Standard Carrier Alpha Codes and the Standard Point Location Codes.

See alsoGeotab achieves FIPS 140-2 validation for GO devices

Making ELD security a priority

While price, ease of installation and functionality are often key considerations during ELD procurement, security is another factor that should be heavily considered.

It can be a challenge for fleet managers to ascertain what exactly they should look for when trying to assess the security policies and measures related to their telematics platform. 

When evaluating an ELD solution, ask your provider about its security measures and procedures:

  • How secure is the ELD?
  • What overall security measures — from manufacturing, to hardware and software, data transfer and data storage — does the provider have in place? 
  • What happens in the event of a security breach?

As the December 16 ELD compliance deadline approaches, fleets are focused on compliance. During this time, cybersecurity should also be a priority. No longer confined to the IT experts, cybersecurity is a key responsibility of all fleet executives

Geotab’s role

Geotab is proud to have partnered with NMFTA to help develop these telematics initiatives. NMFTA also worked with motor carriers and cybersecurity experts on use cases, feasibility and security services.

“Working with NMFTA to help develop these guidelines was an opportunity for Geotab to help raise telematics cybersecurity standards for fleets and solution providers,” said Ryan Brander, Associate Vice President, Security for Geotab. “The telematics industry worked with OEMs, commercial fleet owners, cyber professionals, and government representatives to develop the telematics template, with NMFTA coordinating the effort.”

“In the same way you expect your Windows computer, iPhone or Android to be secure, you should have the same expectations when buying a telematics solution. Thanks to NMFTA, fleets and owners/operators now have the tools they need to make an informed decision about the security of the product they are buying,” he said.

Geotab takes a rigorous approach to data security following the principle of continuous improvement, and is constantly reviewing, improving and validating our security mechanisms and processes so our systems remain resilient to intrusion and disaster. Geotab collaborates with leading stakeholders to advance security across the industry. Visit the Geotab Security Center for more information.

The future digital landscape is continually changing, but one thing is sure — the need for cybersecurity will never diminish. 

NMFTA resources

The API Blueprint for Open Telematics API and RFP templates (Release 1.0) are both available on GitHub. Access these resources here. 

NMFTA also offers a Heavy Vehicle Cyber Security (HVCS) list service, as well as HCVS workshops, documents and more. You also can learn more about cybersecurity for heavy vehicles at the NMFTA website


15 Security Recommendations for Building a Telematics Platform Resilient to Cyber Threats  

Securing the Future of Connected Mobility

White Paper: Preserving Privacy And Security In The Connected Vehicle: The OBD Port on the Road Ahead