Entire Electronic Driving Files Modified to Disguise Rest, Drive Times
Noel Fletcher
Roadside inspectors are considering a new out-of-service rule to combat a growing trend to tamper with electronic logging devices by falsifying a commercial driver’s rest and driving times.
The Commercial Vehicle Safety Alliance revealed in recent months that inspectors in many states are reporting new ELD falsification methods by either drivers, carriers or other third parties that are making it difficult for roadside safety inspectors to identify when driving and rest breaks occurred.
“The falsifications are often many hours or days off from what actually occurred. For example, a fuel receipt and bill of lading may say the driver was in Fargo, N.D., on Jan. 1 at 11 a.m., but the record of duty status shows the driver picked up in Fargo on Dec. 30 and was in Santa Fe, N.M., on Jan. 1,” revealed Jeremy Disbrow, CVSA roadside inspection specialist.
“The inspector can prove the ROD is false but cannot determine when the driver was actually driving or resting because the entire record is inaccurate,” he added. “Many of these ELDs are not showing any indication they were edited, which is required by federal regulations. As inspectors are learning of this tactic, they are discovering these types of falsifications on a regular basis.”
Some drivers falsify records to conceal hours and extend driving time limits. “These falsifications may result in fatigue or delayed driver reaction times, which significantly increases the risk of a collision,” he said. “A fatigued driver of a vehicle weighing 80,000 pounds is an imminent hazard to everyone sharing the road around that vehicle.”
Disbrow said previous falsifications generally were created by either claiming an incorrect duty status (driving or fueling while off duty), incorrectly applying an exception (personal conveyance, adverse driving) or using multiple logbooks or nonexistent co-drivers. Inspectors were able to determine when a driver was actually resting or driving by comparing supporting documents to the record of duty status.
“The current OOSC [out-of-service criteria] requires an inspector to prove the falsification concealed the driver being over the 11/14/60 or 70-hour rules at the time of the inspection,” he explained. “An inspector can only determine if the driver was over hours at the time of inspection if they can determine when the rest breaks and driving occurred.”
The current OOSC cannot be applied in ELD tampering because the entire electronic file has been modified. CVSA aims to keep the current language for traditional falsifications and add another OOSC for ELD tampering when an inspector is unable to determine driving/resting times.
CVSA has drafted an inspection bulletin with the new OOSC violation that must be approved this fall. It will require a driver to be prohibited from driving for 10 consecutive hours to ensure adequate rest before resuming the trip.
Oregon has been consistently catching truckers with these new falsified ELDs during inspections after the truckers drove past weigh stations and were turned around by law enforcement officers. Many commercial vehicles driving through Oregon are heading into or out of Idaho and California.
Carla Phelps, interim division commerce and compliance administrator in the Oregon Department of Transportation, told Transport Topics that inspectors are finding in ELDs “manipulation of data, data sent out of country and being manipulated or showing different drivers who are not driving. Individuals in Middle Eastern countries are manipulating data.”
From April to late May, ODOT and law enforcement conducted an operation to nab truckers for illegally bypassing an open weigh station. Tickets were issued to 122 drivers, with 25% placed out of service for regulatory and safety violations.
“Inspectors discovered false logs and multiple electronic logging devices that had been tampered with and were producing fictional logs,” ODOT stated. “Commercial truck drivers use logs to record their daily activities, specifically their time spent driving, on duty, off duty and in sleeper cabs. Driver logs are crucial for ensuring compliance with federal hours-of-service regulations, which limit how long drivers can work without taking breaks.”
Oregon officials conducted an earlier weigh station operation March 3-7. Of the 464 commercial vehicles inspected, 23% were placed out of service. Inspectors found evidence of 65 truckers with ELD/logs that were altered and scrubbed.
Kenneth Oke, ODOT commerce and compliance division safety coordinator, said some tampering may delete a couple of days so inspectors at first will see hours available when they are not. Now electronic file records are being checked “against hard data points, scale crossings, fuel receipts, bills of lading, repair receipts,” he added.
Washington law enforcement officers also are seeing this new tampering trend.
“We are experiencing the same logbook violations reported in Oregon. However, our tracking system doesn’t track the type of logbook violations, just that they occurred,” said Sgt. Jermaine Walker, Washington State Patrol spokesperson. “So, we are unable to provide any direct numbers for these falsifications. With every change or advancement in technology, there must also be advancements in investigatory systems. Our team is working with our partners in the CVSA on strategies to counter these types of violations.”
The American Transportation Research Institute has released its annual Operational Costs of Trucking report looking at costs for 2024, which serves as a benchmarking tool for fleets for industry costs, key performance metrics and revenue.
It’s probably not surprising to most in trucking that all-in trucking costs were mostly flat in 2024 from 2023, falling by just 0.4% to $2.26 a mile. If you take the cost of fuel out of the equation, however, costs actually increased by 3.6% from 2023 to $1.78 a mile. Click on link below to see video.
https://youtu.be/QvTslNd_NpI
By Eric Teoh, Director of Statistical Service, Insurance Institute for Highway Safety
The commercial motor vehicles (CMV) industry is a key component of America’s economy, transporting over $700.4 billion worth of goods each year. While the safe operation of CMVs clearly has economic benefits, perhaps more important is that those CMV drivers are also entrusted with the lives of those they transport and those they encounter on our nation’s roads. Due to the size and weight of many CMVs, there is an inherent risk involved in their operation. As such, it is important for all stakeholders to take actions that improve CMV safety. Of note, data collection is crucial in enhancing the safety of the commercial motor vehicle industry by enabling monitoring of driver behavior, vehicle maintenance, and compliance with safety regulations.
A key reason for accurate and comprehensive record-keeping is to hold drivers who operate these large vehicles accountable for bad driving behaviors. Our justice system plays a critical role in ensuring that the drivers and companies operating these large vehicles obey the rules of the road and the rules of their commercial operation. Enforcing these rules translates into real-world reductions in crash risk, as shown in a study, Crash risk factors for interstate large trucks in North Carolina, my colleagues and I completed several years ago and is still relevant today.
For this study, we partnered with the University of North Carolina’s Highway Safety Research Center and with the North Carolina Highway Patrol. Additional data were obtained from a brief questionnaire form for truck drivers and from the Federal Motor Carrier Safety Administration, which regulates trucking companies engaged in interstate commerce.
This study identified factors that increase large trucks’ crash risk by assessing large trucks involved in crashes and comparing them to control trucks. Trucks involved in crashes were eligible to be in the study if:
- the crash involved a fatality or injury with medical transport,
- and 2) if a Commercial Vehicle Safety Alliance Level 1 post-crash inspection was conducted.
For each crash-involved truck in our sample, we selected a control truck of the same type at approximately the same location as the crash and about the same time of day and part of the week (weekend vs. weekday). Each control truck selected also was subjected to a Level 1 inspection. This is known as a matched case-control study design. To ensure consistency in vehicles and in the rules they are subject to, we restricted the sample to trucks with gross vehicle weight ratings over 26,000 pounds and operated by interstate trucking companies.
A key reason for accurate and comprehensive record-keeping is to hold drivers who operate these large vehicles accountable for bad driving behaviors. This type of study in which the goal is to identify factors that increase large trucks’ crash risk is different than a crash causation study. For example, consider a situation where a car passes a truck, enters its lane, and slows rapidly. Arguably, the car’s maneuver is the main causal factor, but the presence or absence of truck brake defects could be the difference between a crash and an avoidance maneuver. So, if we are able to compare trucks with brake defects and those without, then we may be able to identify this as a risk factor. Using this theory, we employed a more statistically efficient way to do this by comparing crash-involved trucks with a control sample to look for differences in brake defects and other types of violations.
A common theme of the study’s findings was that violating rules was associated with increased crash risk. For instance, having inspection violations for vehicle defects (e.g., out-of-adjustment brakes, defective tires, inoperable lights) tripled the risk of crashing. For vehicle defect violations severe enough to put the truck out of-service, crash risk more than quadrupled. These results align with a similar study we published in 1989.
We found it was not just the truck’s history that mattered; the record of the driver and the company mattered as well. Drivers with one or more moving violations per year, on average, had a 30% higher crash risk than drivers with fewer moving violations. Drivers with out-of-service logbook violations had 50% higher crash risk. Drivers working for companies with histories of violations and crashes also had elevated crash risk. For instance, drivers for companies in which at least 10% of their roadside inspections resulted in trucks being placed out-of-service had 31% higher crash risk, and those driving for companies with over 100 crashes per 1,000 power units in the past two years had 71% higher crash risk.
Research studies like this and the development of appropriate interventions are only possible with accurate and robust recordkeeping. Moreover, for these efforts to be successful, records must accurately represent driver and motor carrier behavior. Charges that are adjudicated in such a manner that do not allow the behaviors to be accurately reflected on the driver and motor carrier records preclude studies from accurately measuring the association between specific violations and crash risk. Holding CDL holders and motor carriers accountable for their dangerous behaviors is just one step, albeit a vital one, in preventing large truck crashes.
Recognizing that enforcement alone cannot prevent crashes and their tragic outcomes, the Department of Transportation has adopted the Safe System Approach to address and mitigate risks in our transportation system. Acknowledging that humans make mistakes, the Safe System Approach addresses this by building and reinforcing multiple layers of protection to both prevent crashes and minimizing harm when crashes occur. Beyond rules and enforcement, other aspects of a Safe System for trucking would include addressing speed with technologies such as speed limiters and intelligent speed assistance and by setting and enforcing reasonable speed limits, equipping large trucks with strong rear and side underride guards, equipping trucks with crash avoidance technology, equipping other vehicles with crash avoidance technology that appropriately detects trucks, and establishing policies at every level that prioritize safety. Holding CDL holders and motor carriers accountable for their dangerous behaviors is just one step in preventing large truck crashes.
None of these are new ideas, but they are essential if we are to address the more than 4,000 lives lost each year due to large truck crashes—and the more than 40,000 people killed in all motor vehicle crashes. Road safety is a shared responsibility, and to that end, IIHS recently put forward a vision called 30×30 to reduce traffic fatalities 30% by 2030.5 This goal is ambitious but achievable and would put us closer to the ultimate goal of eliminating traffic fatalities. It involves doing the things we know are effective and doing them broadly. No single organization can achieve 30×30 alone. Please join us in working toward this vision and help ensure that more people arrive safely at their destinations.
In 1980, there were about 18,000 motor carriers in the U.S. The Motor Carrier Act of 1980 removed the cumbersome process of becoming a motor carrier.
Cliff Abbott
It was the beginning of what P. Sean Garney, co-director of Scopelitis Transportation Consulting, describes as “the rise of the small carrier.” By 1986, more than 200,000 carriers were operating. As of 2025, that number has grown to over 466,000 for-hire carriers, plus another 175,000 private carriers.
Determining which of those carriers should be targeted for regulatory intervention is a daunting task.
The Federal Motor Carrier Safety Administration (FMCSA) hopes that upcoming changes to its Compliance, Safety and Accountability (CSA) program will help the agency zero in on carriers that present a safety risk while providing clearer insight to all carriers about how they compare to others.
The FMCSA implemented the CSA program in 2010. As modernization of computerized information systems was making sharing of trucking industry data faster and more universal, CSA used data taken from crash reports, vehicle and driver inspections, and carrier audits to identify high-risk carriers.
Why change CSA?
From the beginning, carriers complained about the way safety scores were calculated, questioning whether scores really related to crash risk. After all, insurance rates, customer decisions and driver employment decisions are all impacted by CSA scores, so carriers can be negatively impacted by their scores even without FMCSA intervention.
The Fixing America’s Surface Transportation (FAST) Act, signed into law in December 2015, required a comprehensive study of the CSA program’s Safety Measurement System (SMS), conducted by the National Academies of Sciences, Engineering and Medicine. The Act directed that CSA scores not be publicized until revisions were made. The proposed CSA program revision is the agency’s response.
Say bye-bye to the ‘BASICs’
One of the most noticeable of the FMCSA’s proposed changes is the elimination of the seven familiar BASICs (Behavioral Analysis and Safety Improvement Categories). They will be replaced with six “Compliance Categories.” The current “Controlled Substance and Alcohol” BASIC will now be a part of the “Unsafe Driving” category, as will all Out of Service (OOS) violations.
The Vehicle Maintenance category will see changes as well. The 410 potential violations listed under the category will be divided into two groups, with 312 of them (78%) listed in the “Vehicle Maintenance: Driver Observed” subcategory. These violations are generally those that the driver could identify during a pre- or post-trip inspection, without crawling under the truck.
“This will require carriers to double down on the DVIR (Driver-Vehicle Inspection Report) process, and that’s sometimes difficult to impose on drivers,” Garney noted.
A list of Compliance Categories and the violations listed under each is available as an automatic download here.
Violation severity ratings
Perhaps of greater interest to many carriers are proposed changes in violation severity ratings. Currently they’re rated on a scale of 1-10, with more serious violations earning higher scores. According to Garney, some of those scores seem arbitrary.
“A seat belt violation is a seven?” he asked. “Some carriers might wonder how a driver not wearing a seat belt increases their risk of a crash.”
Under the revised CSA, violations will be assigned one point each — with the exception of violations that result in the driver being placed out of service (OOS). Those more serious violations will be assigned two points.
“This could impact fleets that have a pattern of committing minor violations and how they compare to fleets that commit more severe ones (albeit less frequently),” explained Rob Abbott, vice president at Fleetworthy Solutions.
Additionally, carriers currently receive points for violations that occurred in the past two years. Under the proposed program, the violation must have occurred within the preceding 12 months, with the exception of violations in the Unsafe Driving and Crash categories, which will continue to have a longer history tracked.
“This is a small victory for fleets that have deliberately addressed their prior deficiencies and improved their performance from the previous year,” Abbott said.
Violation ‘grouping’
Another change that could benefit carriers is the grouping of similar violations. Multiple violations in one category will be assigned one total point, rather than scored individually. The current 973 violations will be consolidated into 116 violation groups.
In a January webinar hosted by FMCSA, Wesley Russell from the agency’s Compliance Division used the example of a driver who receives violations for the 14-hour rule, the 11-hour rule, a rest break and a 70-hour rule.
“If all of those are in the same group, we’re going to issue only one point — even if the inspection has all of those on it,” he explained.
More changes
The way carriers are categorized by type will change as well, with clearer differentiation between carriers that primarily operate straight trucks and those that run combination vehicles.
The miles cap for the Unsafe Driving and Crash categories will move to 250,000 miles, and intervention thresholds are changing too. The threshold for general freight carriers — currently 80% — will rise to 90%, with hazmat carriers rising from 75% to 85%.
However, Garney cautions, “data quality and sufficiency is the key to accuracy, so carriers should remain vigilant.”
When will all this happen?
While the FMCSA has released information about what’s in the revised CSA program, when it will take effect is still in question. Scheduled agency webinars in March and April were cancelled.
In addition, on March 21 Adrienne Camire, the FMCSA’s previously announced acting administrator, was abruptly removed from the agency website. On March 24, President Donald Trump nominated Derek Barrs for the spot.
Once the FMCSA’s leadership is settled, perhaps the agency will move forward on the final ruling, which is expected to contain few changes from the information already issued.
Phase 3 of the process will include the new methodology and a revised website, and the final ruling will allow a time period until implementation.
“As with all changes to the scoring system, there will be some winners and losers — especially when you consider that the scores reflect comparative performance,” Abbott acknowledged. “But, for the most part, these adjustments will address some common objections and subdue some criticisms of the program.”
NMFTA
- We’d face catastrophic food shortages in just 3 days.
- Gas stations would run dry in the same time.
- Water supplies, hospitals, manufacturing, banking, and waste collection would all stop.
- If trucking stops, America stops.
Almost every sector is truck dependent. And if we aren’t careful, bad actors might just succeed.
Watch the video now to discover how NMFTA can help prepare you and your teams against cyberthreats.
Why Cybersecurity Is
Important to Us
NMFTA represents over 500 carriers who collectively operate over 200,000 power units generating approximately $100 billion in freight revenue. Our members perform a vital service to our nation’s economy by delivering the goods necessary to keep commerce flowing. Protecting both the digital networks and the physical assets that support the delivery of goods throughout our supply chain is essential to all.
Why Are We Vulnerable?
In addition to the cybersecurity risks faced across all industry verticals, the transportation industry faces some unique cybersecurity challenges:
Commercial transportation carriers operate a diverse fleet of vehicles. These vehicles are designed and built with both OEM factory equipment, as well as aftermarket telematics units.
Using common communication interoperability standard SAE J1939, OEMs can offer vehicles in different configurations using parts such as brakes, transmissions and engines outsourced from 3rd parties, which increases supply chain cybersecurity risks.
Additionally, the extensive impact of transportation disruptions creates particular concern regarding potential outages. These characteristics make the commercial transportation security risk profile substantially different than passenger automobiles.
https://youtu.be/Y-V0zEWomQ4
Joe Ohr
Cybersecurity is no longer just a concern for the largest carriers—mid-sized fleets are increasingly finding themselves in the crosshairs of cybercriminals. That’s why the National Motor Freight Traffic Association (NMFTA) ™ has released its latest Cybersecurity Guidebook for Mid-Sized Fleet, expanding its Roadmap to Resilience initiative to support fleets with up to 3,000 assets.
Like NMFTA’s previous guidebooks for owner-operators and small fleets, this new resource offers practical, easy-to-follow steps. But what sets this version apart is the depth of coverage: it walks fleet operators through core cybersecurity best practices and then builds on that foundation with more advanced technical and operational controls.
Once this foundation is covered, additional layers of technical and operational controls are introduced to bring the overall resilience of the organization to an advanced level and to prepare them to consistently and effectively address the ever-changing threat landscape present in the trucking industry.
The guidebook emphasizes starting with the basics—strong passwords, access management, and regular software updates—before introducing scalable strategies to help fleets respond to today’s fast-evolving threats. It’s all about boosting resilience and creating a proactive security culture tailored to the unique challenges faced by mid-sized trucking operations.
For fleets that don’t have full-time IT security staff, this guidebook offers a clear and actionable roadmap to help them stay ahead of cyber risks—and stay on the road.
To view all guidebooks in this series, click here.
To support this guidebook, NMFTA hosted its latest cybersecurity webinar on this subject which featured Artie Crawford, director of cybersecurity and Ben Wilkens, cybersecurity principal engineer for NMFTA, as well as Robert Gray, director of information assurance for AAA Cooper Transport. The group talked through the concepts and controls addressed by this guidebook.
If you missed it, the on-demand version is worth a watch—full of practical tips on how to launch and scale a security program rooted in real-world trucking experience. Access the recording here.
We also just wrapped up our call for abstracts for the 2025 NMFTA Cybersecurity Conference—thank you to everyone who submitted! We were humbled and thrilled by the level of interest we received this year, and we’re looking forward to sharing the speaker lineup and session topics soon. Be sure to sign up for updates at www.nmftacyber.com—this event is expected to sell out fast.
Looking ahead, the NMFTA’s Cybersecurity team will be shifting gears to take a deep dive into the intersection of cybersecurity and cargo crime in the trucking and logistics industry. As incidents like fraudulent pick-ups, and illegitimate double-brokering scams rise, we’re launching a new research initiative focused on how cyber protections can help prevent cargo theft. The prevention guide will first focus on defining the role that cybersecurity plays in reducing an organization’s risk from cyber-enabled cargo crime as well as the intersections between cybersecurity, operational security and physical security specific to the transportation sector.
Everyone in the transportation sector—from carriers to drivers, to brokers and third-party logistics providers (3PLs)—wants to stop cargo theft, but it’s not as straightforward as preventing a bad actor from unloading freight off of the back of a truck. The NMFTA cybersecurity team will be digging into the complex relationships between the multiple business units within and between trucking and logistics organizations, between private industry and the various law enforcement agencies involved in responding to and investigating cargo crime, and the various local, state, and federal jurisdictions that become involved due to the widespread geographic areas often covered by a single cargo theft event. If this isn’t enough, the various local, state and federal prosecutors all maintain their own thresholds when it comes to which cases are “worth prosecuting.”
Once the scope of the issue and complex nature of the relationships and entities involved in preventing, investigating and prosecuting cargo crimes have been defined and researched thoroughly, the Guide will provide clear, concise guidance for controls that organizations can implement to directly address the costly threat of cargo crime facilitated by cybersecurity gaps in their operation.
Throughout this project, the NMFTA cybersecurity team will be conducting webinars, research papers, and articles sharing their findings. The team will be working across the industry and with multiple law enforcement agencies to establish a comprehensive body of research, resources, and relationships that will enable organizations to more effectively prevent, report, and investigate cargo crime.
We look forward to sharing this work with our industry peers in the coming months.
Overwhelmed by ensuring your operations are cybersecure? Talk with like-minded peers at the trucking industry’s only cybersecurity conference: NMFTA Cybersecurity Conference, set Oct. 26-28 in Austin, Texas.
Access our free resources and learn more about the cybersecurity conference by visiting www.nmfta.org/cybersecurity.
