Building Digital Security into Autonomous Tractors - The Dirt

posted on Thursday, April 28, 2022 in The Dirt

Security by Design mindset keeps the farmer in control

To increase our cybersecurity posture and promote the security of John Deere’s systems, we have made cybersecurity a critical component of our new machines. We have added protective features to our hardware and software and updated the way new vehicles are engineered. Employees are thinking about security through every step of the development process and continuously evolving cybersecurity processes and solutions to minimize vulnerability to cyber-attack.

"In 2019, we established a Product Cybersecurity Organization which is providing the necessary expertise to protect vehicle software systems and customer data," said James Johnson, Chief Information Security Officer. "This allows us to build the right security controls into our vehicles as our teams are developing them. This is a culture change and a journey, and we’re excited about the partnership between our cybersecurity and product development teams."

The process for building security into all new Deere technologies begins with a risk assessment. The teams use the data obtained through the assessment to evaluate potential threats, such as possible safety concerns, and loss of customer data.

The assessment is especially critical for autonomous vehicles and understanding how to mitigate the risk of malicious attempts to access the tractors remotely. The results of the risk assessment funnel directly into the prioritized work of product development and software engineer teams, which leverage the information to modify and update the system’s software code.