Let’s be clear: You need to start asking questions about how the data your trucks are generating is being used—because even if you’re not using it, someone is.
Data-driven solutions will soon predict when components on your trucks will fail based on your spec, duty cycle, application, driver behavior, service practices and more. These aren’t general predictions for all of the trucks on the road; they’re predictions tailored for you.
“Data helps fleets optimize themselves in a number of ways, such as predictive maintenance, the right vehicle for the right purpose—based on analysis of drive pattern, real world fuel economy, etc.—and range prediction and suitability assessments for EVs,” confirmed Glenn Atkinson, Geotab’s vice president of product security, and Geotab Executive Vice President Dirk Schlimm. “Data value does not decay with use and increases in value with useful processing. There is tremendous power in data from large volumes and varieties of vehicles when artificial intelligence is applied.”
Regular readers will know I’m fond of quoting famed science-fiction writer Arthur C. Clarke: “Any sufficiently advanced technology is indistinguishable from magic.” But data isn’t magic. It’s science. And you need to start having conversations with equipment and solution providers about how that science using your data is being applied.
Starting the conversation
Before you pick up the phone to call your OEM, supplier and technology partners and ask them about their data transparency policies, you have to have a goal in mind.
“The data rights conversations should revolve around who has what rights to do specific things with the data and data sharing agreements,” said Rob Bradenham, Decisiv’s senior vice president of commercial vehicles. “There should be a value exchange along with granting of specific data rights, which might often involve reciprocal data sharing or some sort of payment.”
Today, there are no standards. The only data rights you do have are defined in your end user license agreements (EULAs), and you likely have multiple agreements from OEMs, suppliers, technology and maintenance providers. Lay all of your EULAs out on a table, and you’ll start to see the complicated web of data permissions and rights to which you’ve already agreed. Some companies, reputable companies, go to great lengths to ensure your data is protected and used transparently. Other companies, also reputable companies, don’t give you much control over when your data is collected and how it’s used.
Going forward, part of your conversation should focus on creating common data rights ground between equipment and solutions providers.
“If each party negotiates non-standard data sharing agreements with each other party, the overall ecosystem will return less value to its participants due to the friction of ensuring compliance with a multitude of different data sharing agreements,” Bradenham said. “Fleets should ensure they have visibility and transparency into their entire fleets of assets—where they are operating, where they are being serviced, what they cost to operate, what the maintenance/service cost is for each of those, what the drivers of operations and maintenance costs are , etc.”
Today, there are no data rights standards. The only data rights you do have are defined in your end user license agreements (EULAs), and you likely have multiple agreements from OEMs, suppliers, technology and maintenance providers.
“As the owner of the vehicle,” began Dave Covington, chief technology officer with Noregon, “there is an inherent right to say, ‘I don’t want my data sent to this group,’ but not agreeing to the other party’s terms of service could cause that owner to forgo emerging technologies or services.
“For example, if a vehicle owner is determined not to let his collision avoidance data be sent back to the OEM, it may be impossible to have that technology on his vehicles without reaching the agreement.”
What data do you need access to? What data do you need to be able to restrict? To share? To use? The answers are up to you, but you have to start talking about it with your industry partners before the choices are made for you.
Why data access changes are coming
As trucks become more connected, there is a need for increased security in how and when certain truck systems are accessed and who can access them.
“Consider a PC as an example,” Noregon’s Covington said. “On a PC, areas at risk of being attacked include USB ports, CD drives, the internet, and other networks or aspects of hardware that allow someone with malicious intent to gain access to the device. On a truck, entry points or threat vectors include tools and software that connect to vehicle ports, telematics devices, over-the-air programming and more. Equipment manufacturers, telematics companies, aftermarket suppliers, and many others in the industry must protect any device or method that could allow someone to gain invalid access to the truck.”
We can all agree that security is a must, but who decides who can access the information and how they can access it?
“OEMs in the automotive industry have begun to restrict access by implementing more secure protocols, adding security gateways on their vehicles and components that require anyone who wishes to access the vehicle to register with them, restricting access of unrecognized parties,” Covington said. “We will likely see similar measures adopted by the trucking industry to ensure only authorized parties such as approved telematics services or in-shop tools can connect to and interact with the vehicle.”
But we’ve also established the power of truck data driving everything from telematics to how the trucks of tomorrow are designed and built. Is there danger of a company controlling access to data so tightly that not even you, the fleet manager, can access the data?
“It’s certainly conceivable that access to data will be limited enough that the end user often does not receive it all,” Covington said. “Hackers are allowed to thrive in an anonymous environment, so the goal will be to only allow authorized users to access or modify data. This will ultimately come down to a balancing act between limiting the access to ensure that trucks operate as designed and making sure that the end users can still have the tools and services to run their business in an effective manner.”
RELATED: Navigating end-user license agreements
What OEMs are doing about it
OEMs are the front line of data security. They are keenly aware of data’s potential and the clear and present threats to its security. Going forward, they will be the ones setting the data access standards.
“There are, I would say, upwards of 20 different third-party telematics providers that we are connected to through the back office, and we also have our own telematics device that allows us to access all that data,” said Darren Gosbee, Navistar’s vice president of powertrain.
As a fleet, you have to be wary of what devices you plug into your truck. The ELD Mandate caused an explosion of third-party providers to come onto the scene. A few of those entrants have already folded and some devices that entered the market even interfered with truck operation. OEMs are hyper-aware of the threat.
“We have seen some very unusual behavior when some third-party telematics providers are plugged into the network,” Gosbee said. “And part of that is because we have an open architecture with J1939.
“J1939 is designed to be plug-and-play, and it works great for us as a vehicle manufacturer because we can work with our various suppliers to add and take away systems depending upon what the customers are looking for,” he continued. “Unfortunately, it also gives third-party companies the ability to do what they think to be correct, and in some cases that proves to be not correct.”
Call it a consequence of technology, but the J1939 interface will likely evolve from an open port to a security screening access point. Like data rights, there’s no standard for how this will work across OEMs at this point.
Call it a consequence of technology, but the J1939 interface will likely evolve from an open port to a security screening access point. Like data rights, there’s no standard for how this will work across OEMs at this point.
“Later this year, Navistar will release our next generation of telematics device that is fully integrated into the vehicle,” Gosbee said. “It will have built-in cybersecurity, and because it will be engineered by us into the vehicle, it will be a complete communications hardware module with cellular, Bluetooth and Wi-Fi. It will also allow us to access the vehicle as if we were standing next to it, but it will prevent the dangerous or bad behavior of a third party.”
What does this mean for third-party devices and data access?
“We are not going to prevent access,” Gosbee said. “The customer’s solutions provider will still be able to plug their device into the diagnostic port or connect it through a factory pre-wire option.
“The diagnostic port is the point where you can access the nervous system of the vehicle externally, but our fully integrated system is actually part of the nervous system, so we don’t need to attach anything additional to the diagnostic port,” he explained. “Not only will you get the same amount of vehicle data because you are part of the nervous system, but you’ll actually be in a position to get more data now because you are basically part of the vehicle.”
In terms of how other OEMs may approach data security, Daimler Trucks North America, Volvo Trucks North America, and Peterbilt Motors Co. declined to comment.
How this could impact third-party providers
Some third-party providers are concerned that their access to the truck—access that they have built their businesses upon—will be turned off or limited, reducing the effectiveness of their future solutions.
“We understand that some truck manufacturers are implementing a ‘gateway’ on the truck diagnostic port, and in some of these cases the port would transmit regulated emissions-related data and would restrict bi-directional communication to the vehicle network only to trusted, authenticated tools,” Geotab’s Atkinson and Schlimm stated.
“Fleets who purchase new trucks from OEMs that have closed the diagnostic port to all but licensed OEM tools are seriously disadvantaged due to huge advances in fleet management arising from innovation over the past five years,” they continued. “Fleets who purchase trucks from OEMs that have closed the port to unsecured aftermarket devices, but who have the capability to authenticate and authorize ‘secured’ and responsible aftermarket telematics devices, are advantaged. Their vehicles are protected against nuisance—or worse, security breaches and vehicle damage—while at the same time availing their fleet of state-of-the-art fleet management and aftermarket interoperability and contributing to an ecosystem of mixed vehicle make innovation.”
Noregon’s Covington echoed that sentiment:
“The bottom line is that when it comes to safeguarding vehicle data, all parties—including telematics, OEMs, vehicle owners, and others—should agree as to the necessity of securing vehicle data so only those who need the data have access to it. To accomplish this goal, the OEMs and the third-party solution providers must work together to make sure that current tools and services that the fleets count on today don’t go away, and future innovation that drives operational efficiencies don’t dry up.
“It is critical that privacy agreements and security measures control who gets access to that data in an effort to thwart potential attacks on the vehicle.” Covington reiterated. “For any device on the vehicle capable of transmitting data, the vehicle owner will execute an agreement to grant permissions for access to that data. The owner of the truck needs to ensure there is complete transparency about the data’s intended uses and who will have access, including strict restrictions on selling or providing the data to any unauthorized person or organization.”
What you can do to shape the future
Just like the trucks rolling off OEM lines, there’s likely no one data rights solution that will fit everyone’s data needs. The important takeaway is that you need to be an active participant in the conversation. Start talking about the way data is accessed and used with everyone you work with—OEMs, suppliers, technology providers, the people you work with in your office, in your shop—everyone. Then focus on what you need to grow your fleet and the best way to protect those data opportunities.
