Case Study
Top 50 City Secures Traffic Signal System and Connected Vehicle Technology with Mission Secure
City Traffic Management System | North America
As a leader in urban transportation technologies, this North American city proactively looked to ensure their traffic signal system network was secure and could support a connected infrastructure. In this case study, you’ll learn how they worked with Mission Secure to assess their baseline cybersecurity risks, gain visibility into their OT traffic management system network, and improve overall cybersecurity and network performance.
The Customer
The customer is a Top 50 city in one of the three most populous states in the United States. This city boasts a total population of over 400,000, in a metropolitan area of over three million. The customer is committed to providing first-class services to its citizens. They’ve developed an extensive performance management framework to provide measurable accountability and transparency. Noteworthy aspects of this framework include detailed traffic management and advisory information.
As a leader in the implementation of new transportation technologies and connected vehicle applications and technologies, the city embarked on a Connected Vehicle Pilot, which employs innovative vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication technology to improve safety and traffic conditions across the city. Vehicles that are equipped with connected vehicle technology can communicate wirelessly to other vehicles, traffic signals, crosswalks, and other equipment to:
- prevent crashes,
- alleviate morning backups,
- optimize traffic flow,
- improve transit trip times,
- and reduce greenhouse gas emissions.
The Challenge
The customer had historically addressed their security issues by air gapping their systems to isolate them physically from unsecured networks. But, as their systems became more connected, they found themselves attempting to retrofit traditional IT security solutions in hopes of providing coverage for the roadside cabinets across their traffic signal system network. The roadside cabinets’ equipment is unique to traffic signal systems, such as a malfunction management unit (MMU) that manages malfunctions affecting traffic light control cabinets. The customer needed a solution that would ensure that the cabinets’ components were protected against malicious threats that could trigger an MMU to take over and potentially cause traffic congestion and/or accidents.
Before the pilot launch, the customer engaged with Mission Secure to conduct a comprehensive network data assessment to determine the state of their traffic signal system network and assess significant risk areas. In addition to finding some general network infrastructure inefficiencies, the joint team discovered a considerable amount of superfluous traffic consuming bandwidth. Additionally, there was a substantial amount of communications coming from unknown external networks as a result of some misconfigurations. Several network routing issues, as well as cross-subnet direct connections and cross-subnet broadcast traffic, were found that could potentially pose a threat across the flat network.
Our traffic signal system network wasn’t originally designed with cybersecurity in mind, and we could not risk deploying this unique connected technology on top of an unsecured network. We knew we needed to be proactive so that security wouldn’t be a factor with the pilot.
—Chief Traffic Management Engineer
The Interconnected Solution
Based on Mission Secure's recommendations for their connected vehicle pilot, the customer deployed inline protection for their traffic controllers and the MMUs. They also set up monitoring on a span port to listen to all of the traffic on the switch. Anything that attempted to reach to or from the traffic controller would go through Mission Secure Console Appliances first, including any connections coming from their operations center or other devices that may be plugged into the local switch. The customer worked with the Mission Secure team to design a cybersecurity solution for the city’s pilot traffic signal system network to support the additional demands of the connected vehicle technologies. With the Mission Secure Platform, the city is now able to:
- Deliver inline protection to critical traffic controllers and malfunction management units
- Restrict unauthorized communications to and from the traffic signal system network
- Conduct a comprehensive analysis of OT network operations to determine security risks
How OT Network Visibility and Improved Cybersecurity Accelerated Smart Cities Technology Adoption
-
Comprehensive OT Network Visibility
-
Improved OT Cybersecurity and Performance
-
Renewed Confidence to Accelerate New Technology Adoption
Comprehensive OT Network Visibility
The customer can now analyze and map network connections and activity across all roadside cabinets in the traffic signal system network. The customer can also block unauthorized communications through the Mission Secure Platform. Through comprehensive network monitoring, the customer can now:
- Regularly review network IP addressing
- Map their traffic network and continually inventory and discover assets on the network
- Log and alert on unauthorized and unidentified connection attempts and network scans
The Mission Secure Platform gave us extensive visibility into what was on our traffic signal system network. We were able to take action on some of the key findings to reduce the risk of malicious traffic compromising the systems in our roadside cabinets.
Improved OT Cybersecurity and Performance
The customer can now observe and map network connections and activity, eliminate network infrastructure inefficiencies, and significantly improve network performance by blocking unauthorized network communications. The customer was also able to rectify network routing failures as well as cross-subnet direct connections and cross-subnet broadcast traffic— all of which could have posed threats across their network.
By blocking the unnecessary traffic that was on our traffic signal system network, we were able to prioritize the good network traffic and optimize performance.”
–Chief Traffic Management Engineer
Renewed Confidence To Accelerate New Technology Adoption
Like many cities, the customer found themselves attempting to fit traditional IT security solutions into their OT network infrastructure, only to find themselves without adequate protection and a sound OT cybersecurity strategy. With Mission Secure, the customer quickly assessed significant risks, gained a comprehensive understanding of all of the assets in their traffic signal system network, and defined the most appropriate security approach to align with their unique control system environment.
Mission Secure has helped us establish our cybersecurity baseline for our OT network and has given us the confidence to deploy our Connected Vehicle Pilot. Working with Mission Secure’s platform protecting our traffic signal system network and their responsive support team during our deployment has been crucial for us, and we’re looking forward to a continued relationship.
Chief Traffic Management Engineer
Due to the success of the initial Mission Secure deployments in the city’s connected vehicle pilot, they are now working with Mission Secure to deploy cyber protection throughout the city’s entire traffic systems network.
Mission Secure Products and Services Used in this Smart City’s State & Local Government
-
OT Cybersecurity Platform
This platform was purpose-designed and quickly installed with no disruption to operations to support the city’s traffic signal system, inventory assets in the roadside cabinets, and protect the connected vehicle pilot.
Learn More » -
Managed Services
The customer leverages Mission Secure for 24/7 Managed Services to manage visibility, protection, threat hunting, and incident response support for the customer’s deployment across its entire traffic signal system.
Learn More » -
Full Onsite OT Network Assessment
This assessment included network monitoring, packet capture and analysis; network penetration testing; documentation of findings and recommendations; executive presentations; and go-forward design guidelines.
Ready to learn more about the Mission Secure platform?
Let's talk! Our OT cybersecurity experts are standing by to help you identify your needs and find the right solution for your organization.