As intelligent transportation systems (ITS) undergo rapid digital transformation, the benefits are clear: smoother traffic flow, enhanced road safety, and significant strides toward achieving climate goals. Yet, amidst these advancements, a critical challenge remains at the forefront – ensuring the security of this increasingly connected infrastructure.
With the increasing number of connected systems, the attack surface grows, raising concerns about the vulnerability of critical infrastructure. The World Economic Forum has emphasized this risk, noting that cyber-attacks on ITS can result in far-reaching impacts. These range from traffic control failures causing widespread congestion to heightened accident risks and disruptions in emergency response services.
As the future of transportation becomes more connected, ensuring the security of these systems is paramount to realizing their full potential. Cyber-attacks on ITS equipment can have an extensive impact in terms of road user safety, costs and reputation.
ITS cybersecurity vulnerabilities and challenges
Cybersecurity in ITS spans multiple areas, with vulnerabilities often starting at the physical level. Poor physical security in roadside or trackside enclosures which contain devices can allow attackers to damage equipment or install rogue devices on the network, creating significant risks for the entire ITS infrastructure.
In addition to physical access, traffic operations teams often require remote access to ITS equipment. For instance, when a traffic signal malfunctions, remote reconfiguration may be necessary to avoid traffic disruptions. However, this remote connectivity also opens the door for cyber criminals, who can exploit these access points to compromise the system and the equipment it controls.
Protecting roadway operations from cyber threats means securely connecting hundreds of thousands of systems in geographically diverse locations. Equipment includes many different types of devices, which may in turn support different communication protocols. This scale and complexity make it difficult to identify and address vulnerabilities.
The cyber threat landscape is constantly evolving, with malicious actors continually innovating and creating new attack strategies. Therefore, roadways operators need to stay ahead of potential threats and implement effective countermeasures. However, this task is becoming more difficult due to labor shortages and a lack of skilled resources, adding further complexity to the challenge.
How can cyber risks be mitigated?
Digitizing roadways and securing ITS applications at scale demands more than just modern networking equipment and providing diverse connectivity options. It also requires robust cybersecurity solutions with centralized management to effectively address the challenges posed by such a vast and complex infrastructure.
For example, because street cabinets and enclosures are physically accessible to anyone, each network port on equipment inside must be secured using a zero-trust approach. This requires roadways systems – whether connected using private or public networks – to leverage advanced firewall capabilities to secure the WAN infrastructure across potentially hundreds of thousands of distributed devices. Addressing these vulnerabilities also requires a comprehensive, up-to-date inventory of connected systems, providing visibility into what devices are connected, their security postures, and data flows.
When remote experts or contractors need to configure connected systems, ensuring that they can easily access the assets they need – without exposing the entire network – can be challenging. VPNs, due to their always-on nature, often provide all-or-nothing access and require complex configurations to limit user permissions and capabilities. A more effective approach is implementing an automated Zero Trust Network Access (ZTNA) solution, which simplifies the creation and enforcement of remote access policies across all systems and sites, ensuring secure and targeted access.
Further, to secure multiple systems at scale across all sites, creating policies to protect equipment needs to be automated, and the management, monitoring, and configuration of network devices needs to be centralized.
Given the limited space in roadside cabinets, cybersecurity features must be embedded directly within the networking equipment. Using additional point hardware solutions not only takes up valuable space but also introduces unnecessary cost and complexity for managing and securing the system effectively.
Start your journey to secure ITS
For more than 20 years, Cisco has been helping organizations including DOTs and roadway operators around the globe digitize their operations and deploy ITS applications. The importance of digital transformation in connected roadways is recognised through extensive global funding opportunities including the IIJA and within the EU. To understand how to develop a strong and secure foundation for digitization of your roadways infrastructure, check out 5 steps to cyber-resilient roadways.
Join our upcoming webinar to learn from the experience of your peers. We’ll be sharing best practices, insights and recommendations based on real-world examples, in a fireside chat between Cisco experts and Paul Lennon of Skyline Technology Solutions. The webinar will be moderated by Adam Hill of ITS International and will take place on October 23, 2024: Shielding the Future: Defending ITS and Roadways from Cyber Threats. Register here. We look forward to seeing you there!
Share: