Securing Transportation

Managing the nation’s infrastructure means various vital roles

• By S. Guerry Bruner
• Jan 23, 2019

In today’s connected world, Intelligent Transportation Systems (ITS) play vital roles managing our Nation’s critical infrastructure including roadways, interstates, intersections, ports, mass transit lines, city traffic, and urban mobility. As Connected Infrastructure, roadways with Vehicle-to-Infrastructure (V2I) and Vehicle-to-Vehicle (V2V) connectivity, and Connected Autonomous Vehicles (CAV) have become a reality, securing our infrastructure both through physical and cyber security measures is an absolute requirement. This higher level of security is critical, yet it continues to be overlooked and undervalued.

So, what are these security concerns? First and foremost is protecting and securing the ITS network infrastructure—city, county, state, and federal—from outside attack or unauthorized entry. Either of these can cause potentially devastating consequences:

• Cyber-attack with ransom-ware or denial of service, which could create chaos and disruption of normal operations.
• Disruption of traffic signal operations that could result in vehicle accidents, putting our mobile citizens at risk.

Where Do We Begin?

Taking a layered approach to securing this infrastructure, one must start at the edge and work inwards. In the case of the transportation infrastructure, that edge is network devices deployed on our roadways and highways. One need only look left or right at their next traffic intersection stop to see that silver aluminum cabinet with the ubiquitous “Dial 511” blue sticker brightly affixed. Inside these cabinets are intelligent devices and connectivity that if left unprotected, leaves our country’s infrastructure and citizens exposed for critical safety risks.

Securing access to our infrastructure and managing key/card holders is critical as we are now exposed to an entire gamut of risk from seemingly harmless vandalism to more malicious physical and cyberattacks. Used to store and protect complex equipment that connects and controls traffic signals, vehicles, communications, digital road signage and more, traffic cabinets are critical for road and highway safety and most with access to a live network…and all with little to no secure access or security monitoring. This is our starting point.

Despite the fact that physical access to traffic infrastructure can have an immediate and widespread impact, the vast majority of cabinets are secured with a simple unsecure mechanical key. Hundreds of thousands of key-holders currently have access to a piece of the country’s critical infrastructure. This presents a serious threat as we continue to rely more on technology to operate and control our vehicles, signal and communications systems.

Securing the transportation infrastructure and ITS starts with eliminating the use of uncontrolled and unaccountable mechanical keys.

Collaborative Partnering

Through collaboration and education, a community is being formed to impart knowledge and take action securing transportation’s critical infrastructure. A small circle of established industry-leading solutions providers have been brought in to move the technology development effort forward.

Door opening solutions for the physical security industry and typical door security hardware technology are now being developed specifically for transportation and ITS solutions as well.

“Offline” Access Control

Intelligent Keys and eCylinder Traffic Cabinet Locks offer a significant increase in security over the common #2 mechanical lock and key. eCylinder Traffic Cabinet Locks can be installed quickly and easily, providing an affordable option to upgrade the security of traffic cabinets.

This solution includes intelligent keys and cylinders, both assignable to specific DOT personnel and specific cabinets, bringing a higher level of access control and audit capability for those securing the ITS “edge”. Unlike the obsolete #2 mechanical key, intelligent keys have designated access rights and schedules by user and can be expired or revoked to meet daily security needs. Software applications (either on premises or in the Cloud) enable DOT management to control who goes where (and when), and then evaluate their operations through highly specialized software analytics. This is what is termed an “offline” solution, ideal when live monitoring, remote access, and door security alarm features are not essential.

“Online” Access Control

Real-time online ITS edge protection applies physical security technology to create a solution that allows DOT agencies to actively monitor and control cabinet doors at any location on the ITS infrastructure network. Initial versions of this solution are now being deployed with industry-leading innovative access control technologies.

This true “online” access control provides critical high-level security by enabling real-time monitoring and remote lock or unlock capability at the traffic cabinet, leveraging pre-existing cabinet network connections. The industry’s first “online” solution for traffic and ITS cabinets is now available. This active traffic lock system adds security intelligence to existing ITS cabinets and provides full management and control capabilities of the traffic infrastructure. Combining innovation from a group of global leading security solution providers, assets are protected using secure encrypted card readers, vandal proof heavy duty locks and intelligent controllers connected to high-end systems integrated into the ITS infrastructure, providing security and access control with multiple credential technologies including secure encrypted card, PIN or mobile access (BLE and NFC).

Best of Both Technologies?

Can Intelligent Keys and eCylinders be used in conjunction with online powered card readers and locks? Leading solution providers say yes, utilizing a combination of active “online” access control with Intelligent Key override provides the safest, most secure solution possible.

With this combination even in the event of system or power failure, access to the cabinet is always allowed but only to authorized personnel, controlled and recorded to maintain security and audit history.

Infrastructure Security Management

So the question is: do you know who has access to your ITS devices and traffic cabinets? Physical access to traffic infrastructure exposes agencies to both physical and cyber related attacks. With connected vehicle technology and more IoT connected devices than ever before, legal and liability issues are a reality for agencies operating these assets. Entry into an ITS cabinet must be controlled, managed and monitored to maintain safety and security. Now more robust solutions exist in both “offline” and “online” options.

Management of critical infrastructure and access control must be handled efficiently and securely. Centrally managed software combining access control with video verification, asset management, and work flow operations allows increased awareness and response times for transportation agency operations. Knowledge of who is inside your cabinets or how long a contractor was onsite is now available through one single pane of glass, creating not only a secure infrastructure but operational efficiencies as well. Agencies should have the ability to remotely lock down every cabinet on the network, grant permissions or open a cabinet with a stroke of a key if needed.

The time is now to be taking steps to ensure the security of our critical infrastructure systems. Cyber security attacks are a real threat for transportation infrastructure as we depend on the digital world more with every passing day. It is time to take an active approach to securing our ITS devices. Secure the edge. Secure your traffic.

This article originally appeared in the January/February 2019 issue of Security Today.