IT security? Get your head in the cloud

Cloud-based operations have been around for a decade or so - and Andy Souders of All Traffic Solutions suggests they are increasingly viable solutions for the transportation sector
GIS/ Mapping & Location Based Systems / January 23, 2020 4 mins Read
By Andy Souders
© Tzogia Kappatou | Dreamstime.com
© Tzogia Kappatou | Dreamstime.com

Many discussions over the benefits of moving from an on-premise IT solution to a cloud-based platform still tend to centre on the newness of the latter. These deliberations fail to recognise the reality: that cloud platforms, and the technologies and devices capable of connecting via them, have now been around for at least a decade.

Viewed against that context, ongoing suspicion or even overt hostility seem rather quaint. It perhaps says rather more about some organisations’ and industry sectors’ inherent conservatism than the maturity of the cloud or its ability to deliver. Conservatism is no bad thing, incidentally. Where safety and guaranteed connectivity are paramount, it is in fact a very good thing. Nevertheless, it is valid to challenge presumptions.

A good first step is to see the cloud for what it is. Essentially, it is a wireless, distributed mainframe. A central hub is connected with a range of devices and feeds. These can report directly or, where necessary to avoid information deluge, by exception to achieve Big Data-type fusion and analysis.

An example of how this might work in an ITS context involves the transportation management centre (TMC). At present, backhaul and processing of data is an on-premise solution — it is the TMC which acts as the hub. Although intuitive, this places the onus on the TMC owner/operator to ensure that it has the necessary devices, protocols/connectivity and IT security in place. It can take very protracted periods — there are examples which have taken years — to achieve a comprehensive and fully functioning system, and updating is an ongoing process.

SaaS route

A more astute decision might be to engage a Software as a Service (SaaS) provider. By going down the SaaS route, a large part of the TMC’s data responsibilities can be taken off-premise and placed in the hands of an expert partner whose task it is to ensure that all necessary software and security updates are in place.

The result, certainly in terms of speedier and more robust service delivery, is a more profound understanding of both real-time and historic events, leading to the development of better-informed traffic management strategies and more effective real-time or even proactive actions on the part of transportation network managers. The results address the prime policy aims of increasing safety, improving environmental performance and reducing congestion.

If we can agree what the cloud is, we can then move on and think about some of the things which might affect its more accelerated uptake.

A commonly cited reason for timidity over cloud adoption is security. Again, there is enduring thinking which colours the discussion. Too many people in too many organisations – and particularly those with authority over procurement decisions – continue to visualise security in physical terms. Language reinforces this. Despite the electronic nature of IT, we still use words like ‘firewall’ or ‘shield’. This can have the unconscious effect of reinforcing certain perceptions; think of the 300lb gorilla on the door rather than the more likely reality of the fast-typing, highly knowledgeable geek.

In many instances, therefore, security remains about the lock on the door of the IT room or main-frame cabinet. There is rather less acknowledgement or acceptance of the harmful potential effects of the line(s) which connect to the telephone junction box on the corner of the street, or of wireless connectivity via any number of different protocols, not exclusively cellular. This mindset also fails to acknowledge the fact that most IT security breaches or issues are caused by organisations’ own staff illegally or ill-advisedly installing software and applications on their own devices.

High integrity

The reality is that cloud-based solutions provide very high levels of integrity. Cloud service providers would be unable to successfully market the concept were that not the case; it is their ability and the resources that they put into keeping up with the pace of change which is one of their major selling points. From a cloud users’ perspective, meanwhile, there is the opportunity to divest at least some of the responsibility for their electronic security to a trusted partner. They can also successfully manage out obsolescence and risk by not having to delay investment because of having to justify the past investments in legacy systems and the perceived high price of change.

© Siarhei Yurchanka | Dreamstime.com
© Siarhei Yurchanka | Dreamstime.com

One well-tested way of addressing conservatism is to think big but start small when it comes to initial deployments. A ‘Big Bang’ approach is wrong for any number of reasons, not least because perceived ‘failure’ or (more likely) progress which is slower than anticipated or desired will only entrench existing attitudes. Starting with a few applications within a discrete geographical area will serve to prove the cloud’s principle benefits — greater speed and enhanced security.

That such an approach is valid is underlined by the fact that we are already seeing it being taken in the ITS sector. It is being used, for instance, in the rollout of connected and automated vehicle

(C/AV) services. A small number of relatively simple Day One applications are helping to build both network operators’ and road users’ familiarity and confidence. These will be complemented over time by a greater number of increasingly sophisticated ones. This approach can be used for both C/AV and non-C/AV applications in the ITS and smart city arenas and, over time, as a means by which to achieve greater symbioses between the two.

Another area which continues to give rise to confusion is communications protocols. Everyone has an eye on 5G and the promise it holds, with some stakeholders even going as far as to claim they are ‘5G-ready’. This is perhaps somewhat premature, as much still remains at the standards definition stage.

Near-term releases of more complete 5G standards will take us closer to the near-zero-latency performance necessary for C/AV connectivity and operations, and probably sooner than many people realise, not least because of the investment power of the significant number of large organisations with an interest in its development.

Monetising investments

Nevertheless, we should not assume that all our eggs will end up in one basket. Definition of a standard does not mean an immediate in-service capability; infrastructure and the relevant chipsets all need to be built and/or integrated, and that will take time. We need only look at the protracted periods taken to roll out previous generations of cellular telephony for some indication of perhaps how long. Crucially, we can expect roll-out to more remote geographical areas to take longest, as cellular network operators look at how best to monetise their investments — large population centres tend to be the most lucrative for leisure services such as streaming video. For ITS and road safety in particular, this means that some of the areas which will benefit the most will also benefit last.

We should expect to see the continuing use of a range of protocols in support of cloud services, therefore. This is especially so in the case of at-the-edge devices, where different protocols’ innate capabilities will keep them current for quite some time to come. Short-range, low-power, low data-rate protocols such as Zigbee have been joined by various other low-power wide-area network (LPWAN) protocols such as Sigfox and NB-IoT. LPWAN protocols’ rollout is also dependent on the ongoing upgrading and geographic growth of existing generations of cellular, in particular 4G, but they will continue to find application in smart buildings and also in on-street detection/presence solutions for parking, for instance.

Nor can we dismiss RFID. The debate over its continuing use has raged for years, with the advent of satellite-based technology as an alternative for wide-area tolling applications in particular, and 5G as an alternative for Vehicle to Vehicle and Vehicle to Infrastructure connectivity. The fact remains that RFID is a mature and very well-understood technology. It is very widely deployed for a large number of applications across many different road schemes around the world. It will continue to offer a relevant and readily utilisable capability for many years yet. The recent agreement over RFID fitment to vehicles between GM and a major North American tolling specialist only reinforces this point.

A discussion of protocols illustrates how well-supported both the cloud and the traffic-monitoring and management devices which might utilise it are. Low cost of ownership, especially by comparison with on-premise solutions, speed of deployment, high levels of security and guaranteed performance make the cloud a viable if not the go-to solution for many agencies, jurisdictions and private-sector operators… if we can successfully debunk some of the myths and misinterpretations.

Companies in this article