Investigating Cybersecurity Issues In Active Traffic Management Systems

TL;DR

This paper evaluates cybersecurity vulnerabilities in Active Traffic Management systems, develops a prototype with real-time monitoring, and demonstrates how cyberattacks can disrupt traffic flow, highlighting the need for more resilient designs.

Contribution

It introduces a prototype ATM system with a cyberattack monitoring component and assesses its effectiveness in detecting and mitigating cyber threats through simulation.

Findings

Cyberattacks reduced mean traffic speed by 15%.

Monitoring system enabled ATM to revert to safe states.

Cyberattack impact was mitigated by the proposed monitoring system.

Abstract

Active Traffic Management (ATM) systems have been introduced by transportation agencies to manage recurrent and non-recurrent congestion. ATM systems rely on the interconnectivity of components made possible by wired and/or wireless networks. Unfortunately, this connectivity that supports ATM systems also provides potential system access points that results in vulnerability to cyberattacks. This is becoming more pronounced as ATM systems begin to integrate internet of things (IoT) devices. Hence, there is a need to rigorously evaluate ATM systems for cyberattack vulnerabilities, and explore design concepts that provide stability and graceful degradation in the face of cyberattacks. In this research, a prototype ATM system along with a real-time cyberattack monitoring system were developed for a 1.5-mile section of I-66 in Northern Virginia. The monitoring system detects deviation from expected operation of an ATM system by comparing lane control states generated by the ATM system with lane control states deemed most likely by the monitoring system. In case of any deviation between two sets of states, the monitoring system displays the lane control states generated by the back-up data source. In a simulation experiment, the prototype ATM system and cyberattack monitoring system were subject to emulated cyberattacks. The evaluation results showed that when subject to cyberattack, the mean speed reduced by 15% compared to the case with the ATM system and was similar to the baseline case. This illustrates that the effectiveness of the ATM system was negated by cyberattacks. The monitoring system however, allowed the ATM system to revert to an expected safe state and reduced the negative impact of cyberattacks. These results illustrate the need to revisit ATM system design concepts as a means to protect against cyberattacks in addition to traditional system intrusion prevention approaches.