Cybersecurity of Traffic Management Systems

NCHRP 03-127

1

Agenda

Program Goals

Stakeholders

Project Team

Program Process

Program Tasks

Schedule

Upcoming Items

2

Program Goals

Improve cybersecurity posture of Traffic Management Systems (TMSs)

How?

– Review State of the art across multiple disciplines

– Assess representative TMS systems and equipment

– “Red Team” high risk equipment

– Develop Guidance for state and local agencies that aids in identifying:

• Risks to their current field networks

• Recommended changes they may implement to reduce those risks

• Implications of CV and AV technologies on the field networks

• Best practices for wide deployment of CV and AV technologies

– Promote adoption and industry participation

3

Program Stakeholders

NCHRP

– State, county, and city transportation agencies

– Metropolitan Planning Organizations (MPOs)

– FHWA Division Office

– Highway service patrol/contractors

– State and local law enforcement

– Fire departments and emergency medical services

– Transit agencies and operators

– Transportation Systems Cybersecurity Framework (TSCF)

4

Southwest Research Institute

– San Antonio, TX

– 70 years R&D

– 25+ years ATMS development

– 40+ ATMS deployments

– Industry leaders in CV/V2X

– Ongoing CS efforts with local TMSs

Praetorian Cybersecurity

– Austin, TX

– Experts in embedded devices, cloud,

cryptanalysis, and IoT

– CS incident response and forensics

– Secure development lifecycles and red

team methodologies

5

Project Team

Program Process

6

TrafficManagementandSignals

CybersecurityGoals

PublishedVulnerabilityResearch

TrafficandInfrastructure

Web-BasedGuidance

SurveillanceandMonitoring

Riskand

Adversarial

Analysis

TailorGuidance

DevelopM

odels

THREATANDNETWORKVULNERABILITYMODELING

RedTeam/PenTesting

Program Process

7

Research and Model Development

– Literature Search

– Model V2X and TMS equipment

– Identify CS Goals

TrafficManagementandSignals

CybersecurityGoals

TrafficandInfrastructure

DevelopM

odels

THREATANDNETWORKVULNERABILITYMODELING

Program Process

Risk and Adversarial Analysis

– Identify high risk equipment

– Evaluate equipment security

– Refine models

– Responsible disclosure

– Red Team Review

8

PublishedVulnerabilityResearch

Riskand

Adversarial

Analysis

THREATANDNETWORKVULNERABILITYMODELING

THREATANDNETWORKVULNERABILITYMODELING

Program Process

Guidance Development

– Use models to develop guidance

– Help TMSs mature System CS

– Tailor to TMSs needs

– Feedback improvements

into models/framework

– Host workshops

– Promote adoption into industry

9

Web-BasedGuidance

SurveillanceandMonitoring

TailorGuidance

THREATANDNETWORKVULNERABILITYMODELING

RedTeam/PenTesting

Program Process

Broken down into following tasks:

T1 – Literature and Ongoing Efforts Review

T2 – Risk Assessment of Typical TMS Designs

T3 – Adversarial Assessment of High-Priority Systems

T4 – Cyber-Attack Mitigation and Response Guidance Tool Development and Workshop

T5 – Cybersecurity Primer Development for Connected Vehicles (CV) and Automated Vehicle (AV) Technology Deployment

10

Task 1 – Literature Review

Review State of the art across multiple disciplines

Can existing works can be leveraged for TMS?

Investigate existing CS maturity models and guidance

Ongoing throughout project period of performance

11

Task 2 – Risk Assessment of TMS

Identify high priority attack threats to

typical TMS

Recommend mitigating strategies

Recommend best practices and

requirements to protect TMS devices

CS Modeling of TMS

Create models of TMS equipment and networks

Integrate into framework for estimating risk

Prioritize CS evaluation of equipment

12

Task 3 –Adversarial Assessment

“Red Teaming” or “White Hat Hacking”

Provide security baseline of high-priority devices

Vulnerability validation of TMS equipment

Recommend mitigating strategies for identified vulnerabilities

Provide reproducible test documentation

Responsibly disclose identified vulnerabilities IAW ISO 29147

Update/refine TMS models

13

Task 4 – CS Guidance Development

Assess security of CV/AV integration

Produce web-based guidance for improving TMS

Adapt to TMS budgets and risk exposure

Configurable for available equipment and system complexity

Produce guided self assessment targeted at non-CS personnel

Recommend countermeasures to improve CS resiliency

Identify security standards for AV/CV integration

Recommend best practices to protect CV/AV infrastructure

14

Task 5 –Attack Mitigation and Response

Provide CS guidance for vehicle-to-infrastructure (V2I) systems

Promote adoption by state and local transportation communities

Evaluate applicability of Transportation Systems Cybersecurity

Framework (TSCF)

15

Q3

Schedule

16

Q1 Q2 Q3 Q4 Q1 Q2Q3 Q4

T1 – Literature Review

T2 – Assessment of TMS

T3 - Adversarial Assessment

T4 – Guidance Development

Planning

Interim F2F

Final Review

NCHRP Review

T5–CS Primer for CV/AV

Guidance Workshop

Project Award

2017 20192018

Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep

Upcoming Items

Kick Off Meeting – September 28, 2017, 2:00pm Eastern (Tentative)

– Review Project Management Plan and Schedule

Following Project Review, Begin:

– T1 – Literature and Ongoing Efforts Review

• Review of security information and activities for report development

– T4 – Cyber-Attack Mitigation and Response Guidance Tool Development

and Workshop

• Requirements gathering for guidance tool development

17

Questions?

For more information please contact:

18

Principle Investigator:Daniel Zajac

Daniel.Zajac@SwRI.org(210)-522-4293

Project Manager:

Marisa RamonMarisa.Ramon@SwRI.org

(210)-522-3869