Less traffic congestion. Lower carbon emissions. Fewer injuries and fatalities. Higher quality of life. These are among the promises of modernized roadways infrastructure and Intelligent Transportation Systems (ITS). These outcomes are made possible through investments in connected equipment ranging from traffic signal controllers and weather stations to cameras, variable message signs and pedestrian detectors.
Whether installed throughout a city or an even larger jurisdiction, these devices must be implemented, maintained and operated across hundreds of square miles. Keeping track of them can be challenging. Enabling technicians and authorized third parties to remotely perform routine maintenance or troubleshoot issues across diverse, dispersed environments is key to maintaining uptime and controlling costs.
It’s also essential to another form of safety: cybersecurity. Without proper protection, any device in a connected roadways infrastructure could become a weak link – falling prey to pranksters, hackers or simple user error.
What does it take to address cybersecurity across a vast roadways infrastructure? We just published a solution overview to highlight the key capabilities you should implement. Whether you’re just creating a roadmap or are well on your way, look for these“signals” of effective cybersecurity.
Signal #1: Visibility
The first step to roadway security is having an accurate, detailed and continuously updated inventory of what’s connected. You need to know your own attack surface. That starts with identifying all your assets. It extends to documenting even the smallest details, such as device types, vendor references, serial numbers, firmware and software versions. You can now build a plan to improve your security posture and drive compliance with security regulations.
It would be difficult, if not impossible, to use a manual process to achieve and maintain such visiblity at scale. It becomes manageable when automated visibility capabilities are embedded in your industrial routers and switches – whether installed at intersections, in street cabinets, along highways or in your datacenter. With Cisco Cyber Vision, there’s no need to purchase, install or maintain additional security appliances; your infrastructure simply “sees” everything that connects to it.
Signal #2: Zero-trust Security
Network equipment powering connected roadways operates from inside street and roadside cabinets. That means your security must start there – where roadway devices physically connect to the network. How can you prevent bad actors from successfully breaching these cabinets and gaining access to your network? Trust no one.
To put it more technically, use zero-trust security principles for operational technology (OT). Secure every port of your field network equipment. Only devices and users you specify can connect to the network – and only to do what you allow them to. Then continuously monitor all communications to verify trust and isolate devices that may have been compromised.
When combined with Cisco Identity Services Engine (ISE) and Cisco Cyber Vision, Cisco industrial network equipment offers a simple, powerful way to define and enforce zero-trust policies. And it makes it easy to scale those policies across massive roadways infrastructures.
Signal #3: Secure Remote Access
Your roadways are designed for mobility, but you shouldn’t have to physically travel to each connected device to configure them, troubleshoot issues or perform routine maintenance. Remote access to devices is key. It must be highly secured to safeguard the infrastructure. To avoid shadow IT solutions in the operational environment, it must also be simple to configure and use.
Cisco Secure Equipment Access offers a highly secure, easy-to-implement, simple-to-use option. It leverages your Cisco industrial routers and switches so there is nothing extra to install on site. It’s a cloud service so it’s very easy to deploy, configure and scale. Because it’s a security solution, it lets you control who can access what, when and how. Multi-factor authentication (MFA) is built in to verify user identity and their device hygiene to meet compliance goals. It’s the ideal alternative to punching multiple holes in firewalls or configuring port-forwarding in from the public internet.
Move ahead with confidence
As your community works to accelerate transportation infrastructure modernization, look for visibility, zero-trust security and secure remote access as three signals of secure roadways. They’re your greenlights to security and manageability at scale – so you can realize the full potential of connected roadways over time.
For more details on how to best secure your roadways infrastructure, read our solution brief,
and register for our webinar on September 14, 2023, Cybersecurity for Intelligent Roadways.
Learn more about Cisco solutions for securing connected roadways
- Cisco IoT Solutions for Connected Roadways
- Cisco Cyber Vision
- Cisco Identity Services Engine (ISE)
- Cisco Secure Equipment Access
- Demo: Secure Equipment Access for Roadways