Cybersecurity of Traffic Management Systems
NCHRP 03-127
1
Agenda
Program Goals
Stakeholders
Project Team
Program Process
Program Tasks
Schedule
Upcoming Items
2
Program Goals
Improve cybersecurity posture of Traffic Management Systems (TMSs)
How?
– Review State of the art across multiple disciplines
– Assess representative TMS systems and equipment
– “Red Team” high risk equipment
– Develop Guidance for state and local agencies that aids in identifying:
• Risks to their current field networks
• Recommended changes they may implement to reduce those risks
• Implications of CV and AV technologies on the field networks
• Best practices for wide deployment of CV and AV technologies
– Promote adoption and industry participation
3
Program Stakeholders
NCHRP
– State, county, and city transportation agencies
– Metropolitan Planning Organizations (MPOs)
– FHWA Division Office
– Highway service patrol/contractors
– State and local law enforcement
– Fire departments and emergency medical services
– Transit agencies and operators
– Transportation Systems Cybersecurity Framework (TSCF)
4
Southwest Research Institute
– San Antonio, TX
– 70 years R&D
– 25+ years ATMS development
– 40+ ATMS deployments
– Industry leaders in CV/V2X
– Ongoing CS efforts with local TMSs
Praetorian Cybersecurity
– Austin, TX
– Experts in embedded devices, cloud,
cryptanalysis, and IoT
– CS incident response and forensics
– Secure development lifecycles and red
team methodologies
5
Project Team
Program Process
6
TrafficManagementandSignals
CybersecurityGoals
PublishedVulnerabilityResearch
TrafficandInfrastructure
Web-BasedGuidance
SurveillanceandMonitoring
Riskand
Adversarial
Analysis
TailorGuidance
DevelopM
odels
THREATANDNETWORKVULNERABILITYMODELING
RedTeam/PenTesting
Program Process
7
Research and Model Development
– Literature Search
– Model V2X and TMS equipment
– Identify CS Goals
TrafficManagementandSignals
CybersecurityGoals
TrafficandInfrastructure
DevelopM
odels
THREATANDNETWORKVULNERABILITYMODELING
Program Process
Risk and Adversarial Analysis
– Identify high risk equipment
– Evaluate equipment security
– Refine models
– Responsible disclosure
– Red Team Review
8
PublishedVulnerabilityResearch
Riskand
Adversarial
Analysis
THREATANDNETWORKVULNERABILITYMODELING
THREATANDNETWORKVULNERABILITYMODELING
Program Process
Guidance Development
– Use models to develop guidance
– Help TMSs mature System CS
– Tailor to TMSs needs
– Feedback improvements
into models/framework
– Host workshops
– Promote adoption into industry
9
Web-BasedGuidance
SurveillanceandMonitoring
TailorGuidance
THREATANDNETWORKVULNERABILITYMODELING
RedTeam/PenTesting
Program Process
Broken down into following tasks:
T1 – Literature and Ongoing Efforts Review
T2 – Risk Assessment of Typical TMS Designs
T3 – Adversarial Assessment of High-Priority Systems
T4 – Cyber-Attack Mitigation and Response Guidance Tool Development and Workshop
T5 – Cybersecurity Primer Development for Connected Vehicles (CV) and Automated Vehicle (AV) Technology Deployment
10
Task 1 – Literature Review
Review State of the art across multiple disciplines
Can existing works can be leveraged for TMS?
Investigate existing CS maturity models and guidance
Ongoing throughout project period of performance
11
Task 2 – Risk Assessment of TMS
Identify high priority attack threats to
typical TMS
Recommend mitigating strategies
Recommend best practices and
requirements to protect TMS devices
CS Modeling of TMS
Create models of TMS equipment and networks
Integrate into framework for estimating risk
Prioritize CS evaluation of equipment
12
Task 3 –Adversarial Assessment
“Red Teaming” or “White Hat Hacking”
Provide security baseline of high-priority devices
Vulnerability validation of TMS equipment
Recommend mitigating strategies for identified vulnerabilities
Provide reproducible test documentation
Responsibly disclose identified vulnerabilities IAW ISO 29147
Update/refine TMS models
13
Task 4 – CS Guidance Development
Assess security of CV/AV integration
Produce web-based guidance for improving TMS
Adapt to TMS budgets and risk exposure
Configurable for available equipment and system complexity
Produce guided self assessment targeted at non-CS personnel
Recommend countermeasures to improve CS resiliency
Identify security standards for AV/CV integration
Recommend best practices to protect CV/AV infrastructure
14
Task 5 –Attack Mitigation and Response
Provide CS guidance for vehicle-to-infrastructure (V2I) systems
Promote adoption by state and local transportation communities
Evaluate applicability of Transportation Systems Cybersecurity
Framework (TSCF)
15
Q3
Schedule
16
Q1 Q2 Q3 Q4 Q1 Q2Q3 Q4
T1 – Literature Review
T2 – Assessment of TMS
T3 - Adversarial Assessment
T4 – Guidance Development
Planning
Interim F2F
Final Review
NCHRP Review
T5–CS Primer for CV/AV
Guidance Workshop
Project Award
2017 20192018
Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep
Upcoming Items
Kick Off Meeting – September 28, 2017, 2:00pm Eastern (Tentative)
– Review Project Management Plan and Schedule
Following Project Review, Begin:
– T1 – Literature and Ongoing Efforts Review
• Review of security information and activities for report development
– T4 – Cyber-Attack Mitigation and Response Guidance Tool Development
and Workshop
• Requirements gathering for guidance tool development
17
Questions?
For more information please contact:
18
Principle Investigator:Daniel Zajac
[email protected](210)-522-4293
Project Manager:
Marisa [email protected]
(210)-522-3869