The Department of Homeland Security Science and Technology Directorate (DHS S&T) has teamed up with the Department of Transportation’s (DOT) Volpe National Transportation Systems center to create a cybersecurity implementation and operational primer for telematics systems in federal vehicles.
The new requirement was part of Executive Order (EO) 13693, also known as “Planning for Federal Sustainability in the Next Decade.” The EO called for government vehicle fleet managers to “collect and utilize as a fleet efficiency tool…agency fleet operational data (i.e., fuel consumption, emissions, maintenance, utilization, idling, speed and location data) through deployment of vehicle telematics as a vehicle asset level for all new passenger and light duty vehicle acquisitions and for medium duty vehicles where appropriate.”
As part of the joint project, DHS S&T’s team contracted the DOT’s Volpe Center to develop a vehicle telematics cybersecurity primer for fleet managers.
“DHS has one of the largest civilian vehicle fleets, with primarily law enforcement vehicles, and this project has provided a great opportunity to help improve our cybersecurity posture and safety of our officers and agents in the field,” said Chase Garwood, cyber physical systems security program manager. “We are working closely to support DHS fleet and with our counterparts in other federal, defense and state, local, tribal and territorial fleet and cybersecurity organizations and value our ongoing relationships.”
At the project’s outset, cybersecurity experts from the Volpe Center and the Software Engineering Institute’s CERT Division from Carnegie Mellon University in Pittsburgh conducted cybersecurity testing of vehicle telematics devices that are connected to an external network and could be subject to cyberattacks. Based on the test findings, the Volpe Center developed the “Telematics Cybersecurity Primer for Agencies,” which provides fleet managers at the Customs and Borders Protection, Federal Bureau of Investigation, military, federal and state law enforcement agencies, and other federal agencies essential guidelines they need to safeguard vehicle telematics from cyberattack.