Presentation is loading. Please wait.

Presentation is loading. Please wait.

Robert Arnold Federal Highway Administration Director, Office of Transportation Management.

Published byMerryl Ramsey Modified over 8 years ago

Similar presentations

Presentation on theme: "Robert Arnold Federal Highway Administration Director, Office of Transportation Management."— Presentation transcript:

1 Robert Arnold Federal Highway Administration Director, Office of Transportation Management

2 Transportation Systems Cyber-Security Framework A process to Monitor – Alert – Advise Owner/Operators of ITS deployments

3 From just annoying To becoming serious DMS on publicly accessible IP address with an unchanged default password Unlocked or easily accessed control panels with uncomplicated or unchanged default passwords.

4 Proposed Current

5 Purpose Provide transportation system owners/operators a resource for: –Identifying, alerting, and advising on cybersecurity incidents specific to transportation systems and infrastructure –Investigating potential system vulnerabilities –Education and awareness training/information

6 Dimensions of Threat Malicious attack Non-malicious operational error Lack of system reliability Untrustworthy practices by the operator

7 Governing Assumptions Make every effort to provide confidentiality of findings due to the sensitivity of: Inadvertently assisting cyber attackers through dissemination of unresolved vulnerabilities; Potential of shutting down information gathering within the ITS and owner/operator community due to receiving unfavorable and critical reports from media sources; and Work with existing organizations internal to the transportation industry and externally with the cybersecurity and ICS communities.

8 Organizational Platform Multi-organizational cyber security workgroup – Federal, State, and local / public & private sector Use the National Operations Center for Excellence for: – reporting and alert function – information and expert advice gateway, and – education/awareness portal.

9 Functions Monitoring - Provide stakeholders a secure method to notify the CS WG of events, incidents, or vulnerabilities without exposing observed or suspected activities to the public. There are two reasons to have this more limited communication verses a list serve or other more public discussion forums; 1) assure confidentiality of the owner/operator who’s system was attacked and 2) avoid exposing unresolved vulnerabilities. Regularly monitor other sources such as Homeland Security’s ICS-CERT and MS-ISAC for attacks and advisory alerts. Provide these same resources with findings as appropriate while not violating confidentiality & exposure principles. Alert - Develop an alert network of system owners, operating professionals, manufactures, and oversight/stewardship agencies (i.e. FHWA Divisions). This would be for quick reaction to on-going events and providing initial remedial advice. This might include directions on how to handle and distribute this information (e.g. confidential, general dissemination, etc.). Advisory - Form expert sub-teams to develop/disseminate advice and solutions to attacks/threats, identify and manage needed research, and develop education and awareness products for stakeholder groups. Coordinate with other appropriate non- transportation specific organizations (ICS-CERT, MS-ISAC, DHS, etc.).

10 Beyond Roadway ITS Tolling Transit Communication Freight Size & Weight inspection Border Crossing Inspection Connected Vehicles

11 Membership: Primary and secondary contacts/resources Federal Highway Administration (FHWA) FHWA Division Offices Other USDOT Modes (FTA, FRA, FMCSA, etc.) USDOT Cyber Security Action Team (Subgroup of the USDOT’s Safety Council) Industrial Control System – Computer Emergency Response Team (ICS-CERT) U.S. Department of Homeland Security / Federal Bureau of Investigation AASHTO State DOT’s Toll Authorities Multi-State Information Sharing and Analysis Center (MS-ISAC) NACTO City DOT’s Department of Public Works ITE Transportation Professionals Standards Development Organization ITSA Equipment manufacturers Academia / Researchers NEMA Equipment manufacturers Standards Development Organization Transportation Research Board (TRB) Committee on Critical Transportation Infrastructure Protection

12 Way Forward Actions Core organizations brief leadership and obtain by-in (AASHTO, ITE, ITSA, NEMA, FHWA) Coordination with USDOT Cyber Security Action Team and other USDOT modes (FHWA) Outreach to potential membership (AASHTO, ITE, ITSA, NEMA, FHWA) Coordinate with NOCoE (AASHTO, FHWA) Draft multi-organizational agreement/governance (AASHTO, ITE, ITSA, NEMA, FHWA) Timeline Core organizations confirm commitment to move forward – Jan 2015 Associated membership outreach effort – Jan/Feb 2015 Charter/agreement/governance/responsibilities developed & in place – Feb/March 2015 Advisory/Alert system activated – March 2015 Research roadmap established – April 2015 Awareness and Education activities defined – April 2015

Download ppt "Robert Arnold Federal Highway Administration Director, Office of Transportation Management."

Similar presentations

The U.S. Department of Transportation 9-1-1 and the Next Generation Jenny Hansen, Contractor – NG9-1-1 Project Coordinator USDOT/NHTSA.

The U.S. Department of Transportation and the Next Generation Jenny Hansen, Contractor – NG9-1-1 Project Coordinator USDOT/NHTSA.
Homeland Security Information Network-Emergency Management (HSIN-EM) Fire Service Community Overview Technologies for Critical Incident Preparedness Conference.

Homeland Security Information Network-Emergency Management (HSIN-EM) Fire Service Community Overview Technologies for Critical Incident Preparedness Conference.
Bernie Arseneau, Co-Chair. The Minnesota Guidestar Board provides strategic direction and advice for the statewide application of advanced technology.

Bernie Arseneau, Co-Chair. The Minnesota Guidestar Board provides strategic direction and advice for the statewide application of advanced technology.
Khammar Mrabit Director Office of Nuclear Security

Khammar Mrabit Director Office of Nuclear Security
Community Based Cyber Security Program Technical Assistance Package Nicholas Corea Program Director G&H International Services for Donald Lumpkins, Program.

Community Based Cyber Security Program Technical Assistance Package Nicholas Corea Program Director G&H International Services for Donald Lumpkins, Program.
National Incident Management System (NIMS)  Part of Homeland Security Presidential Directive-5, February 28, 2003.  Campuses must be NIMS compliant in.

National Incident Management System (NIMS)  Part of Homeland Security Presidential Directive-5, February 28,  Campuses must be NIMS compliant in.
1 Pipeline Security Presented to: Pipeline Safety Trust New Orleans, Louisiana November 5, 2010.

1 Pipeline Security Presented to: Pipeline Safety Trust New Orleans, Louisiana November 5, 2010.
Transit Security: An Overview of Activities Since 9/11 Eva Lerner-Lam President Palisades Consulting Group, Inc. ITE 2003 Annual Meeting August 24-27,

Transit Security: An Overview of Activities Since 9/11 Eva Lerner-Lam President Palisades Consulting Group, Inc. ITE 2003 Annual Meeting August 24-27,
ESW 7 - FCC Jeff Cohen Senior Legal Counsel Public Safety Bureau FCC Interests & Policy Around Geolocation.

ESW 7 - FCC Jeff Cohen Senior Legal Counsel Public Safety Bureau FCC Interests & Policy Around Geolocation.
Traffic Incident Management (TIM) Mark Meints NDOR Emergency Program Specialist.

Traffic Incident Management (TIM) Mark Meints NDOR Emergency Program Specialist.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Partnership for Critical Infrastructure Security PCIS Mission: The mission of the Partnership for Critical Infrastructure Security (PCIS) is to coordinate.

Partnership for Critical Infrastructure Security PCIS Mission: The mission of the Partnership for Critical Infrastructure Security (PCIS) is to coordinate.
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.

National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
NCHRP 20-59 (48) 2014 TRB ANNUAL MEETING Effective Practices for the Protection of Transportation Infrastructure from Cyber Incidents Dave Fletcher, Co-PI.

NCHRP (48) 2014 TRB ANNUAL MEETING Effective Practices for the Protection of Transportation Infrastructure from Cyber Incidents Dave Fletcher, Co-PI.
Asia Pacific Economic Cooperation Transportation Working Group ITS Experts Group Chicago, Illinois September 2002 Walter Kulyk, P.E. Director, Office of.

Asia Pacific Economic Cooperation Transportation Working Group ITS Experts Group Chicago, Illinois September 2002 Walter Kulyk, P.E. Director, Office of.
Alabama GIS Executive Council November 17, 2009. Alabama GIS Executive Council Governor Bob Riley signs Executive Order No. 38 on November 27 th, 2007.

Alabama GIS Executive Council November 17, Alabama GIS Executive Council Governor Bob Riley signs Executive Order No. 38 on November 27 th, 2007.
Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.

Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.

Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.
AASHTO Subcommittee on Rail Transportation Sept. 18, 2012 Kevin Chesnik.

AASHTO Subcommittee on Rail Transportation Sept. 18, 2012 Kevin Chesnik.

Similar presentations

Ads by Google