The exponential growth of ITS devices on the side of the highway, coupled with the advent of connected and autonomous vehicle (C/AV) technologies, is stretching the limits of traditional ITS networks in agencies big and small. With this growth, agencies must assess the maturity of their infrastructure and subsequently identify gaps and prioritise needed enhancements to their fibre/communications network, ITS management and monitoring and cybersecurity.
Up until recently, the traffic/ITS infrastructure – a mixture of communications and field technology such as variable message signs, CCTV, traffic signals and advanced traffic management systems (ATMS) - was considered a separate space to the business infrastructure supported by the IT departments of departments of transportation (DoTs). These infrastructures were governed differently and were typically not as well understood by agency chief information officers (CIOs).
Due to the different operational models, traffic networks have traditionally been allowed to function relatively autonomously because they’ve been viewed as doing only ‘traffic things’ and their level of maturity is often vastly different to that of the business infrastructure.
Now, as technologies evolve that allow agencies to maximise the efficiency of their roadways and eventually the steering or braking of a vehicle, field networks/devices are becoming internet protocol (IP)-based with remote access and are now networked into a much larger architecture than just 10 years ago. The rules of cybersecurity, monitoring and architecture known very clearly for the business networks are now applicable to ITS networks which are usually much larger geographically with different access points and operational needs.
Trusted and reliable
Just as with business networks/infrastructure, agencies must ensure that their ITS data and networks are trusted and reliable. This convergence of operational traffic (OT) technologies and business network (IT) is changing the way technology is managed in the transportation space.
When evaluating your infrastructure maturity, there are three main areas to evaluate:
1) How well understood and optimised is your ITS network?
2) What is the availability and resiliency of your monitoring and management systems?
3) Does your agency have a comprehensive cybersecurity plan?
As DoTs embrace the need for change and cost economies, they are moving away from siloed, purpose-built infrastructures in favour of a common infrastructure. Because of the purpose-built nature of many ITS systems, it is common for agencies to not have a comprehensive understanding of the number and type of devices in their networks or the underlying network capacity. Device inventories are often saved in spreadsheets with no correlation to the underlying network. And these systems often have excess capacity that often is underutilised.
As a step toward ITS infrastructure maturity, agencies can start by building a common, highly resilient multi-purpose backbone network – versus a siloed single-purpose network – allowing them to achieve higher capacity and resiliency at a lower operational cost.
DoTs can overlay the common network with other logical networks like tolling, signal control or lane control, utilising common resources for a wide variety of ITS and end devices while maintaining the specific operational, financial and cybersecurity requirements for each. Even those legacy ITS devices that seem to run for decades but are not ‘securable’ can be isolated and locked down using logical networks.
Further, many DoTs possess an extremely valuable resource that they are not leveraging – thousands of miles of field communications’ fibre infrastructure. This is one of the few assets DoTs have that appreciate in value over time. DoTs need to understand the capacity and topography of their fibre architecture to maximise the return on investment (ROI) on their existing assets and potentially leverage their fibre for partner agencies and public/private partnerships.
Little understanding
Many DoTs are facing the same challenges regarding cybersecurity and infrastructure availability. They have limited network management and monitoring, and they rely on the traffic management centre (TMC) or phone calls from constituents to tell them something is wrong. There is often little understanding of how devices are performing, nor any basis for analysis and proactive management. Many DoTs still have ‘superhero support’ in place, where only one or two employees appear to know everything, and they are in the office or on call every day. Without them, an agency’s institutional operational knowledge would be lost. The ideal operating model includes a mixture of people, processes and tools to systematically capture an understanding of the ITS infrastructure.
In the business network space of the DoTs, many CIOs have already leveraged services management frameworks, such as ITIL, to understand the key services and underlying technology, and to manage the delivery of that technology (versus the legacy ITS device-centric level). A more mature ITS infrastructure has moved away from a superhero model in favour of a service-level management model.
As you consider your approach, develop a policy that promotes understanding the key ITS services you are supporting and leverages a suite of tools designed to help you understand what is going on in your environment. These tools will enable you to scan, monitor and assess your current environment, the number and type of devices within your network, and which ones need to be replaced. In addition, these tools will help with design and planning to support the continued expansion of devices in the future.
Being able to monitor all systems together creates end-to-end visibility of the ITS network. This is critical to the maturity of your ITS infrastructure because it enables you to better understand the downstream impacts to your services due to a component outage. By capturing performance data from a variety of sources, you can achieve a level of granularity that allows you to identify trends in performance, measure reliability of services and make more informed decisions on budgeting and design based upon performance data.
Achieving understanding
Once you achieve an understanding of what you have within your network environment through effective monitoring and inventory and see all controls in one space, then you need to secure it appropriately and assess the overall health of your cybersecurity posture.
DoTs are facing a significant challenge with the simultaneous growth of the number of IP-based field devices being deployed (exponentially increasing the cyber-risk surface area) coupled with the increase in the roadside infrastructure that supports vehicle safety controls platforms like Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I). This duality significantly increases the complexity and need for good cybersecurity practices as DoTs are no longer just providing information, they are also inherently connected to public safety.
To address the evolving cybersecurity requirements, agencies need to develop a transportation infrastructure-centric cybersecurity programme that includes a governance model and policies, engineering and deployment of key cyber tools and configurations, and operations with strong incident detection and response. It’s much more than addressing the problem of the ubiquitous No. 2 key and vulnerable cabinets. With IP-based networked devices increasing in number, identifying all access points and vulnerabilities and creating complementary effective cyber controls and policies is key to securing your system effectively.
Governance will also be critical to maturing your ITS infrastructure. Governance helps an agency decide where to invest in cyber technologies and how to effectively prioritise limited resources. Governance can also maintain the configuration and standardisation of your network. Implementing effective governance and controls will ensure the security of your network over the long term.
Ultimately, ITS network maturity requires a fully integrated network architecture with proactive monitoring tools and a cybersecurity programme designed to address vulnerability across your entire network. A mature network provides the operational effectiveness, resiliency and security that enables advanced ITS and C/AV technologies that allow for maximum efficiency and safety on our roadways and ultimately the ability to ‘let go of the wheel’.
