Security Threats
Security threats can be divided into those which:
- have the capability to cause damage or disruption to the construction, operation or maintenance of the highway infrastructure (the physical infrastructure)
- could damage or disrupt the infrastructure operating systems and associated information (the ITS infrastructure).
Threats can also be unintentional, non-directed or unpredicted – for example:
- severe weather events
- pandemics
- incidents involving hazardous materials
- road traffic collisions
- fall-out from disruption to other transport modes
- the jamming or interference with navigation signals caused by natural factors
- malware infection on an IT system.
The potential level of impact will depend on the criticality of the asset, system or information affected. An example is shown in the photo below.
Physical infrastructure
Damage or disruption to the construction, operation or maintenance of the road infrastructure may arise from a number of threats.
Civil protests and strikes
Civil protests and strikes are most likely to arise from social unrest and civil disobedience. Sometimes this is in response to the construction of assets that are sensitive for environmental, social, economic or political reasons. They have the potential to disrupt or delay operations and can be expensive to manage – and expensive in relation to the final cost of the work being undertaken.
Malicious attack
A malicious attack can occur through a range of external and internal/insider threats. These include damage caused by malware, hackers, disaffected personnel or blast. The result of an attack – in relation to the construction, operation and maintenance of the road network – is likely to centre on physical damage/sabotage to the infrastructure, plant or equipment, or disruption to road users.
Severe weather events
Severe and adverse weather – such as periods of rain, flooding, hard frost, snow, prolonged dry weather, excess heat, high winds, dust storms and earthquakes can cause serious disruption and dangerous driving conditions – as well as considerable damage to the network, in particular:
- the pavement surface condition and structural strength
- the stability of surrounding and underlying ground and earthworks
- sensors embedded within the network.
- The risks of adverse weather can be mitigated to a degree by the installation of road sensor and weather stations at locations that have a high level of exposure. (See.Weather Monitoring)
Pandemics
Pandemics can affect humans, agricultural livestock and wildlife. They can impact on:
- a population’s capability to travel and to access needed facilities
- the willingness and ability of staff and external resources – such as contractors and maintenance staff – to enter an area to undertake work.
Theft of equipment
Depending on the type of equipment, theft can impact directly on traffic operations and on the ability of an authority, and the cost to it, of constructing, maintaining and improving transport infrastructure. It can also have a direct influence on road user safety – and the capability of an authority to manage traffic behaviour and enhance a network’s capacity.
Hazardous materials
Hazardous materials (solids, liquids and gases that can be flammable, corrosive or toxic) are frequently transported by road. They are also used within highway construction and management – and may be stored, processed, or used adjacent (or in close proximity) to the road network. An incident involving hazardous materials can lead to closure of the highway – or damage to it and its supporting systems.
Collisions
Road traffic collisions can cause damage to:
- pavement surface condition
- structures such as bridges
- infrastructure such as gantry signs and traffic management equipment
- sensors embedded within the network.
- Incidents can also lead to prolonged closure of the highway and have significant social and economic costs. (See Incident Response Plans)
Fall-out from disruption to other modes (rail, ports, airports)
Disruption to other modes of transport can have a significant effect on road traffic. It can force users to make alternative travel arrangements or – where this is not possible or cost effective (for example, in the case of transportation of freight) – to wait until the disruption has been resolved. Contingency plans may be necessary for parking vehicles that are held up by disruption.
Global Navigation Satellite Systems (GNSS)
The jamming of, or interference with, navigation signals may be caused by human factors, such as intentional or malicious acts/attack, or natural factors such as solar flares and disturbance to the ionosphere. It can result in the loss of precision location information, failure of in-vehicle navigation systems and/or loss of accurate timing signals for area-wide systems.
its infrastructure
Damage or disruption to the ITS infrastructure, operating systems and associated information may arise from:
- similar threats to those facing the physical infrastructure – although with different impacts
- and from threats directly associated with digital technology
Malicious attack
A malicious attack can occur through a range of external and internal/insider threats. For example, damage may be caused by malware, hackers or disaffected personnel. Physical damage may be caused to:
- IT equipment and sensors within the highway boundary
- communications infrastructure or processing systems located outside the highway boundary (such as control centres, data centres, etc.)
- logical damage to system software, operating systems and stored data or information
- road users
- These attacks can lead to loss of communications or network connectivity – and the corruption or loss of information and traffic disruption.
Theft of equipment
Theft of IT equipment, sensors or cables within the highway boundary can lead to loss of functionality or system resilience. It can also impact on the ability of the infrastructure system to perform as efficiently as it would otherwise. Repair and replacement can be disruptive and problematic.
Cyber-threats
Cyber-threats can arise in several ways including:
- eCrime – such as the interference with road charging or toll systems, can lead to loss, or corruption, of data on charging, revenue or usage
- loss of communications and power supplies – which can be accidental or due to deliberate damage to cables and/or distribution system components within the highway boundary or supplying systems outside. The impact will be reduced performance of the infrastructure
- loss or corruption of software systems – which can impact on the system’s availability or integrity, leading to loss of functionality and/or loss or corruption of data.