Using Private Data Ecosystems for Secure Intelligent Transportation Systems

The future of roadway operations is rapidly being shaped by the rise of digitally enabled Intelligent Transportation Systems (ITS) that are powered by new types of transportation data technologies.  These technologies create an opportunity to understand roadway behaviors and reach and inform the traveling public at a scale never before possible.

STV’s mobility team continually champions a future in which these technologies are actively deployed to save lives and improve roadway conditions and is working closely with state and local transportation agencies to navigate and implement these evolving technologies.

However, the formula to fully leverage these new technologies remains unsettled. Across the country, we are seeing transportation departments launch applications like intelligent traffic signals that use varying degrees of cloud-connected services, edge devices, cameras and other roadside sensors for adaptive traffic control in varying degrees of mixture between private and public infrastructure, software and devices. 

One thing that remains clear is the need for coordination and connection between traditionally very closed network traffic operations systems developed and maintained by the public sector, and new private sector devices and networks.

STV has partnered with ITS America for a course on Digital Roadway Infrastructure that addresses the possibilities, logistics, and challenges of these advancements in transportation technology. As technology evolves, one thing that remains clear is the need for coordination and connection between traditionally very closed network traffic operations systems developed and maintained by the public sector, and new private sector devices and networks.

This connectivity keeps security information technology professionals up at night.  With the creation of interconnected transportation networks, every new device on the edge of an intelligent data network becomes a potential weak link for the ever-increasing threat of cybersecurity attacks. In 2018, the Colorado Department of Transportation was the target of multiple ransomware attacks that cost the state over $1.7 million in recovery efforts. In 2020, the Texas Department of Transportation swiftly responded to a similar incident that threatened the functionality of public websites and came on the heels of a coordinated attack on local governments statewide. Once the attackers get within the primary network of a public agency, their attack can cause system-wide effects and impact everything from permitting and public meetings to business operations.

STV is advising DOTs to improve data safety and operations by engaging a private sector cloud intermediary between the department’s systems and third-party data providers and consumers.

As transportation agencies seek to leverage new digitally enabled infrastructure, agencies must weigh the benefits of deploying new connected devices against the necessary resource costs associated with securing these new devices in the face of potentially catastrophic cyberattacks. STV’s team guides agencies on balancing the implementation of real-time data capture and dynamic mobility applications within an architecture that appropriately sizes the direct exposure of agency systems to edge devices. Additionally, STV is advising DOTs to improve data safety and operations by engaging a private sector cloud intermediary between the department’s systems and third-party data providers and consumers. Besides having the advantage of being a streamlined architecture that can be scaled to accommodate new applications, this sort of infrastructure can offer minimal (and sometimes zero) direct interfaces between crucial DOT networks and the enabled world of digital technology operating on private networks and devices.

One operating model that illustrates this possibility is a real-time big data exchange that leverages a Google Cloud instance for data sharing. Instead of building internal APIs (application programming interface), live data can be collected from sources like traffic sensors, doppler radar, social media, and more, flowed into Google Cloud for real-time processing, and pushed to external and public applications and dashboards. Using a Google API can not only provide proven data encryption, but it also allows outside entities, such as universities and other jurisdictions, to easily and securely interact with an agency’s data, while shifting security risk to a private cloud.

Incorporating stronger cybersecurity efforts within a transportation agency’s IT systems requires significant time and resources, but the risk of data exposure and hacking will grow as new ITS technology advances.  There’s no one-size-fits-all for security controls around data infrastructure, but leveraging private systems and vendors provides a more secure track for digital transformation on our roadways. As agencies move to advance their systems and data, STV continues to connect agencies with vendors and solutions that best fit the security and accessibility needs of each community.

James Kuhr is STV’s Texas mobility and data solutions leader. Based in Austin, TX, he has extensive experience in the public sector where he most recently led an enterprise initiative to deploy and support emerging transportation technologies, including autonomous vehicles and infrastructure, electric vehicles, digital roadway infrastructure and big data.