Intelligent Traffic Management Systems Security in the IoT ...
Transcript of Intelligent Traffic Management Systems Security in the IoT ...
Intelligent Traffic Management Systems
Security in the IoT Age
September 14, 2018
Darryl Dawson, P. E. I T S Engineering Ltd.
1
Traffic Management System Functions
•Performance Monitoring
• Incident Management
•System Control
•Traffic Signal Management
• ITS Equipment Health Monitoring
•Active Traffic Management
•Managed Lanes
• Integrated Corridor Management 2
TMS – Basic Complexity
•Single host computer and operator displays with integrated sensors and/or 3rd party data services
3
TMS - Moderate Complexity
•Single Center with multiple operator stations, video wall, client/server hardware and OS with most TMS functions and integrated field sensors and communications
4
TMS – High Complexity
•Multiple TMCs networked Center to Center within state or region, integrated with agency IT network, monitoring large numbers of sensors, field VMS and providing real-time mobility information to many customers.
5
Threat Environment 2002 2013
Incident Frequency vs. Severity:
Planned Events
•Public Safety
Minor Incident
•DOTs, Sate & Local Agencies
Major Incident
•More Locals
HAZMAT Event
• Emergency Managers
Natural Disaster
•State Emergency Managers/Feds
Terrorist Incident
• Many Feds
Severity
Threat Sophistication 1990 - 2018
7
Impact of CAVs on the Threat
8
San Francisco Transit Attack
• Started Friday, November 25, 2016
• Most computers restored from backups on Monday, some took 2 days longer. Some data after most recent backup cannot be recovered.
• Damage done • 900 office computers infected
• Revenue Lost – Turned off subway ticket machines and fare gates
• Overtime cost to restore computers.
• Email system disrupted.
• Payroll system offline for weekend.
• Demanded 100 bitcoins. No ransom was paid.
9
Colorado DOT Attack
• Started on February 21, 2018
• Re-infected in March, 2018
• Governor declared disaster and FBI and National
Guard sent in to assist mitigation and restoration
• Damage done • 2,000 computers infected with ransomware
• 80% back by March 23
• Data stored after the February 17 backup was not recovered
• Cost was not disclosed, but average is $3.62 Million per breach.
10
City of Atlanta Attack
• Started March 22, 2018
• Crisis still ongoing 2 months later
• Damage done • All City computers turned off for at least 5 days
• 1/3 of 424 apps still disabled in May
• Mission critical city functions affected
• Cost of recovery estimated at $11.5 Million
11
T3 Webinar 2011 – Volpe TSC
• Increasing dependence on Info systems and networks
• Cyber Risks Growing
• Need a Comprehensive Approach
• Need a culture of cybersecurity
• Necessary for Transportation Mobility and Safety
12
Best Practices
13
Thank You
Darryl Dawson, P. E.
312-731-9030
14