Road Network Operations
& Intelligent Transport Systems
A guide for practitioners!

You are here

Home // Network Operations // Network Security // Security Planning // Security of ITS

Security of ITS

ITS makes use of technologies such as Bluetooth, mobile phones and licence plate recognition to monitor traffic behaviour, improve traffic flows and road safety. Many of these systems – such as CCTV, video image processing and vehicle licence plate recognition – can sometimes be used specifically for security purposes. (See CCTV)

ITS is also extensively used in emergency situations to support crisis management and enforcement purposes. (See Emergency Response and Policing / Enforcement) These systems have to be robust enough to withstand unintentional, non-directed and unpredicted events.

The latest ITS applications, use connected vehicle technology to offer added-value services and safety support to the driving public. The possibility, though, that they may malfunction – or be subject to cyber-attack – needs to be taken into account by system designers and operator. (See Connected Vehicles)

In order to manage the security risks around greater automation and connectivity, it is vital that security of the whole system is considered. Alongside the security safeguards that are built into road vehicles it is important that the security of traffic management systems is also addressed.

Traffic management systems

With the current levels of automation in vehicles being very low, security breaches of existing traffic management systems are the most likely risk to efficient operations and increased congestion. Any such breach would bring with it a risk of reputational damage to the relevant highway authority or operating company. It may also impact on the safety of road users if the ability to detect and verify incidents is impeded. This is particularly the case during the hours of darkness when a stationary vehicle on the roadway can be difficult for drivers to detect, and when traffic speeds are high.

If control rooms become more automated in the future, the tolerance of risk will need to decrease as the need for assurance around the security of the systems becomes greater. Mitigation measures will need to be reviewed to ensure that the level of residual risk is at an acceptable level and does not exceed the level that can be tolerated by the road operator – or by road users in general.

Connected Vehicles and Automation

Security risks will need to be comprehensively reassessed with the introduction of Vehicle-to-Infrastructure (V2I) communications into traffic management systems. This is especially so when V2I is used in combination with Vehicle-to-Vehicle (V2V) systems and greater vehicle autonomy. There will need to be far greater emphasis on safety and the prevention of incidents, particularly those that could cause injury or loss of life. For example, V2I systems that regulate vehicle speed or lane use may be vulnerable to streaming of incorrect or malicious data from insecure sources (vehicles) or other attacks on the system infrastructure. This could put large numbers of vehicles and their occupants at risk.

Vehicle Automation

There are six defined levels of automation for on-road vehicles, where zero represents a fully manual vehicle, and level five is a fully automated vehicle. (See Warning and Control) At level two, the driver is required to monitor the surrounding environment continuously but is assisted by vehicle systems such as emergency assisted braking, lane warning and assisted parking.

At levels three and four the automation will probably begin to include both V2V and V2I connectivity – to support increasingly automated driving and navigation processes.

As a result of the relatively long life of vehicles compared to the rapid development and deployment of new technologies, there will be a mixed fleet of vehicles using the highway at any one time. This may range from those with the very latest communications and automation features, to those which are older with legacy systems. The road network and its associated infrastructure will need to be able to ensure the safe interaction of vehicles with these varying capabilities.

Security risks

The increasing connectivity of external systems and devices to a vehicle – and the developments in V2V, V2I and vehicle-to-device (V2X) connectivity – provide external access which will create vulnerabilities. If a threat is realised it may impact on the safety and security of:
  • the vehicles occupants
  • other road users
  • and infrastructure on or around the highway.
  • Currently the risk of these attacks affecting a vehicle, its occupants and other road users, is very low. It will increase as more connections are made and the technology is deployed in new vehicle models.

Legal Issues

Increasing automation – ultimately up to a level where a driver (like a passenger) has no control of the vehicle – raises legal questions surrounding:

  • the continuing responsibilities and duty of care of drivers
  • the responsibility of fleet owners
  • the duty of care owed by the manufacturers of the vehicle and the designers and providers of the advanced technology
  • the responsibility of highway authorities, traffic management system engineers and statutory bodies

Advice to Practitioners

To implement a security-minded approach for ITS, it is essential that security risks are understood not only during design stage, but throughout the lifecycle of operations. This requires the development of an ITS Security Strategy that sets out:

  • the security requirements for the system(s)
  • the risk management strategy
  • the mechanisms for maintaining situational awareness
  • the means for reviewing and updating the strategy.

ITS Security Management Plan

Alongside a risk management strategy for the network (See Security Planning), an ITS Security Management Plan is needed to detail the policies, processes and procedures needed to maintain the required level of security with clear roles and responsibilities for the road authority, the road operator, and any other parties that are directly involved in network operations. This should be embedded in other operating policies and reviewed regularly. (See Planning and Reporting)

The policies, process and procedures in the ITS Security Management Plan will need to deliver:

  • continuity of operations, including safety of drivers, passengers, the vehicles, other road users, and the road network (its availability, safety, and resilience)
  • control of access and system operations (issues such as confidentiality and who is controlling the highway)
  • the quality and validity of information, including configuration of the vehicle, road infrastructure and any connected systems (to preserve the integrity, utility, and authenticity of those systems).
  • Failure to address any of these elements can undermine the safety and security of the vehicle, the road network, and/or any connected systems.

 

Reference sources

No reference sources found.

Give us your feedback