highway overpass

Case Study

Top 50 City Secures Traffic Signal System and Connected Vehicle Technology with Mission Secure

City Traffic Management System | North America

As a leader in urban transportation technologies, this North American city proactively looked to ensure their traffic signal system network was secure and could support a connected infrastructure. In this case study, you’ll learn how they worked with Mission Secure to assess their baseline cybersecurity risks, gain visibility into their OT traffic management system network, and improve overall cybersecurity and network performance.

Comprehensive OT Network Visibility
+
Improved OT Cybersecurity and Performance
=
Renewed Confidence to Accelerate New Technology Adoption

electric-traffic-sign-two-col

The Customer

The customer is a Top 50 city in one of the three most populous states in the United States. This city boasts a total population of over 400,000, in a metropolitan area of over three million. The customer is committed to providing first-class services to its citizens. They’ve developed an extensive performance management framework to provide measurable accountability and transparency. Noteworthy aspects of this framework include detailed traffic management and advisory information.

As a leader in the implementation of new transportation technologies and connected vehicle applications and technologies, the city embarked on a Connected Vehicle Pilot, which employs innovative vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication technology to improve safety and traffic conditions across the city. Vehicles that are equipped with connected vehicle technology can communicate wirelessly to other vehicles, traffic signals, crosswalks, and other equipment to:

  • prevent crashes,
  • alleviate morning backups,
  • optimize traffic flow,
  • improve transit trip times,
  • and reduce greenhouse gas emissions.

The Challenge

The customer had historically addressed their security issues by air gapping their systems to isolate them physically from unsecured networks. But, as their systems became more connected, they found themselves attempting to retrofit traditional IT security solutions in hopes of providing coverage for the roadside cabinets across their traffic signal system network. The roadside cabinets’ equipment is unique to traffic signal systems, such as a malfunction management unit (MMU) that manages malfunctions affecting traffic light control cabinets. The customer needed a solution that would ensure that the cabinets’ components were protected against malicious threats that could trigger an MMU to take over and potentially cause traffic congestion and/or accidents.

Our traffic signal system network wasn’t originally designed with cybersecurity in mind, and we could not risk deploying this unique connected technology on top of an unsecured network. We knew we needed to be proactive so that security wouldn’t be a factor with the pilot.”
—Chief Traffic Management Engineer

Before the pilot launch, the customer engaged with Mission Secure to conduct a comprehensive network data assessment to determine the state of their traffic signal system network and assess significant risk areas. In addition to finding some general network infrastructure inefficiencies, the joint team discovered a considerable amount of superfluous traffic consuming bandwidth. Additionally, there was a substantial amount of communications coming from unknown external networks as a result of some misconfigurations. Several network routing issues, as well as cross-subnet direct connections and cross-subnet broadcast traffic, were found that could potentially pose a threat across the flat network.

The Interconnected Solution

Based on Mission Secure's recommendations for their connected vehicle pilot, the customer deployed inline protection for their traffic controllers and the MMUs. They also set up monitoring on a span port to listen to all of the traffic on the switch. Anything that attempted to reach to or from the traffic controller would go through Mission Secure Console Appliances first, including any connections coming from their operations center or other devices that may be plugged into the local switch. The customer worked with the Mission Secure team to design a cybersecurity solution for the city’s pilot traffic signal system network to support the additional demands of the connected vehicle technologies. With the Mission Secure Platform, the city is now able to:

  • Deliver inline protection to critical traffic controllers and malfunction management units
  • Restrict unauthorized communications to and from the traffic signal system network
  • Conduct a comprehensive analysis of OT network operations to determine security risks

How OT Network Visibility and Improved Cybersecurity Accelerated Smart Cities Technology Adoption

OT Network Visibility icon

Comprehensive OT Network Visibility

smart city icon

Improved OT Cybersecurity and Performance

icon-ot-field-operations-lead green

Renewed Confidence to Accelerate New Technology Adoption

Comprehensive OT Network Visibility

The customer can now analyze and map network connections and activity across all roadside cabinets in the traffic signal system network. The customer can also block unauthorized communications through the Mission Secure Platform. Through comprehensive network monitoring, the customer can now:

  • Regularly review network IP addressing
  • Map their traffic network and continually inventory and discover assets on the network
  • Log and alert on unauthorized and unidentified connection attempts and network scans
The Mission Secure Platform gave us extensive visibility into what was on our traffic signal system network. We were able to take action on some of the key findings to reduce the risk of malicious traffic compromising the systems in our roadside cabinets.”
–Chief Traffic Management Engineer
Improved OT Cybersecurity and Performance

The customer can now observe and map network connections and activity, eliminate network infrastructure inefficiencies, and significantly improve network performance by blocking unauthorized network communications. The customer was also able to rectify network routing failures as well as cross-subnet direct connections and cross-subnet broadcast traffic— all of which could have posed threats across their network.

By blocking the unnecessary traffic that was on our traffic signal system network, we were able to prioritize the good network traffic and optimize performance.”
–Chief Traffic Management Engineer
traffic lights
Renewed Confidence to Accelerate New Technology Adoption

Like many cities, the customer found themselves attempting to fit traditional IT security solutions into their OT network infrastructure, only to find themselves without adequate protection and a sound OT cybersecurity strategy. With Mission Secure, the customer quickly assessed significant risks, gained a comprehensive understanding of all of the assets in their traffic signal system network, and defined the most appropriate security approach to align with their unique control system environment.

Mission Secure has helped us establish our cybersecurity baseline for our OT network and has given us the confidence to deploy our Connected Vehicle Pilot. Working with Mission Secure’s platform protecting our traffic signal system network and their responsive support team during our deployment has been crucial for us, and we’re looking forward to a continued relationship.”
–Chief Traffic Management Engineer

Mission Secure Products and Services Used in this Smart City’s State & Local Government

MISSION SECURE OT CYBERSECURITY PLATFORM:

This platform was purpose-designed and quickly installed with no disruption to operations to support the city’s traffic signal system, inventory assets in the roadside cabinets, and protect the connected vehicle pilot.

Mission Secure 24/7 Managed Services:

The customer leverages Mission Secure for 24/7 Managed Services to manage visibility, protection, threat hunting, and incident response support for the customer’s deployment across its entire traffic signal system.

Mission Secure Full Onsite OT Network Assessment:

This assessment included network monitoring, packet capture and analysis; network penetration testing; documentation of findings and recommendations; executive presentations; and go-forward design guidelines.

Protect traffic management, utilities, and water systems from high-impact attacks.

Stop cyber threats head-on and safeguard your operations
with 24/7 military strength and industrial-grade protection.

Get a Demo