Commonly known amongst traffic operations engineers, these signs cannot be operated remotely. Hacking portable dynamic message signs require a physical assault by breaking locks and re-programming messages on-site. The Memorial Day episode is not the first, and certainly not the last. A simple internet search turns up numerous and too frequent occurrences, including articles like “23 Great Hacked Roads Signs” to step-by-step instructions on how to hack an electronic road sign.
Source: https://www.parsons.com/Media%20Library/Cybersecurity-Transportation.pdf |
Transportation infrastructure is essential to the safe, efficient movement of billions of people daily. As the transportation industry continues to shift towards technology-driven designs, the threat of cyber attacks continues to climb. The Repository of Industrial Security Incidents reports of the most targeted global industries, Transportation ranks third in frequency of cybersecurity attacks.
Common targets of road-side hacking include portable DMS, CCTV cameras, sensors, and lighting - even traffic signaling can become subject to road side security attacks. In the big picture, far more damage to life and property can occur when those traffic operation devices, operated remotely by software, are not kept up to date. Imagine a single metropolitan area with one piece of software compromised, affecting thousands of devices and millions of people, at any one minute. The involved and passionate transportation engineer is troubled daily with what this means - in the most major of ways.
Potential Consequences of an Transportation Cybersecurity Attack:
Fortunately, DOTs are aware of the many threats hacked road signs can pose to drivers and transportation industry workers, alike. Cybersecurity is a topic for preventative solution rather than a reactive result, most recently noted at the New England Annual ITS conference attended by hundreds last month in Boston.
Source: https://www.ntcip.org/library/protocols/ |
With each remotely managed transportation device based on the NTCIP Framework, cyber security breaches could happen at a variety of levels. While situational, the assessment "what level of vulnerability are we at" is an everyday thought that doesn't always have an answer. Traffic Operations professionals with remotely operated devices are laying in the comfort nest of "I have the current NTCIP protocol, I'm covered." This is all good - until the nest falls from the tree. What is the second tier safety net? Is there advanced warning protection or tiered security with indicators? Would it be prudent to hire a hacker first and IT programmer second? Do most transportation officials and professionals really know how NTCIP works? I would place a good bet on this over-under!
While the roadside attacks are problematic and create a higher concern for localized cyber vandalism, the question remains - how do we know our more sophisticated remotely operated ITS devices are not inching closer to the "living-in-my-mothers-basement hacker"? How much do we understand about NTCIP and its relationship to remote devices? Is there a plan B we should employ? I certainly haven't kept up and rely on the brilliant few engineers who do. It the entire community's responsibility to share what we know, what we've learned, and how we share this information. ITS device manufacturers are in no way exempt any more than traffic operators, transportation engineers, and planners. It is after all, an Intelligent Transportation Society, right?
Interested in reading more about NEMA TS4 standards?
Check out our most recent blog post about the minimum hardware and functional characteristics of electronically controlled DMS.