Keeping Traffic Signal Communications Secure
January 18, 2017 — One question we’re often asked is whether connecting traffic management systems to the cloud to make real-time signal data widely available compromises security. After all, it’s not as if the Internet of Things is inherently any more secure than other aspects of our on-line lives that are constantly under attack. And it seems everyone involved in traffic management has seen The Italian Job.
From Connected Signals’ point of view, signal security means two things: first, foremost, and absolutely, nothing we do can be allowed to compromise an agency’s Traffic Management System (TMS) security, and, second, we must be able to ensure the validity of signal information we distribute.
To address the first concern, cities send us data using the connectionless, one-way, User Datagram Protocol (UDP). Using UDP, data is sent from the TMS to our cloud without handshakes, requests, or acknowledgments being sent to back. The cloud servers take what is sent, and must be able to handle missed or out of order packets without recourse to the sender. Cities open an outbound-only port in their firewall for the outgoing UDP datagrams. There is no possibility of compromise of a city’s systems because no outside data enters the city’s network.
To ensure the validity of information we receive and distribute, data sent from the city can be cryptographically signed and encrypted. This ensures that the data stream cannot be “spoofed” or compromised by a “man-in-the-middle” attack that somehow alters the data stream without Connected Signals being able to detect and reject the polluted data.
Distributing traffic signal information offers the potential for significant fuel, safety, and convenience benefits, but only if system and data security are designed in from the ground up.