Homeland Security Agenda Control Systems Security Program Transportation Sector ICSJWG 2011 Spring Conference David Sawin John A. Volpe National Transportation.

Slides:



Advertisements
Similar presentations
Protective Security Advisors Securing the Nations critical infrastructure one community at a time.
Advertisements

U.S. Department of Transportation Pipeline and Hazardous Materials Safety Administration U.S. Department of Transportation Pipeline and Hazardous Materials.
1 Pipeline Security Presented to: Pipeline Safety Trust New Orleans, Louisiana November 5, 2010.
Facilitating a Dialog between the NSDI and Utility Companies J. Peter Gomez Manager, Information Requirements, Xcel Energy.
Returning to Our National Waterways Dabney Hegg U.S. Senate Committee on Commerce, Science and Transportation.
FLORIDA DEPARTMENT OF TRANSPORTATION AASHTO Spring Meeting Transportation Economics and Logistics MAY 30, 2014 | LOUISVILLE KY.
David A. Brown Chief Information Security Officer State of Ohio
Terminal Safety. Objectives Identify main causes Outline terminal safety organization State the safe working practices.
Introduction to Cyber Security Issues for Transportation T3 Webinar – December 7, 2011 Michael G. Dinning.
Partnership for Critical Infrastructure Security PCIS Mission: The mission of the Partnership for Critical Infrastructure Security (PCIS) is to coordinate.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
Asia Pacific Economic Cooperation Transportation Working Group ITS Experts Group Chicago, Illinois September 2002 Walter Kulyk, P.E. Director, Office of.
June 9, 2003 Updated July 2004 Slide 1 Critical Infrastructure Assurance: The US Experience.
Dubai Government Policies for Enhancing the Competitiveness of Multimodal Transportation and Logistics Cluster June 2014.
Empowering Business in Real Time. © Copyright 2009, OSIsoft, LLC. All rights Reserved. Regional Seminar Series Houston October 28, 2009 Flowserve’s Technology.
Version Control : released 2011 December 7 U.S. Department of Transportation Federal Highway Administration Cyber Concerns for Transportation Organizations.
CUSTOMER RELATIONS IN THE TRAVEL INDUSTRY 6.06 Recognize the importance of safety and security in the travel industry.
Robert Arnold Federal Highway Administration Director, Office of Transportation Management.
1 st Ireland TETRA Conference, Dublin 13 th April 2005 Opportunities for TETRA in the Utilities Industry Chris Venemore – Technology Manager 1 st Ireland.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
The U. S. National Strategy for Global Supply Chain Security Neema Khatri Office of International Affairs U.S. Department of Homeland Security.
Seán Paul McGurk National Cybersecurity and Communications
Network Security Resources from the Department of Homeland Security National Cyber Security Division.
Envisioned Role for NTI Concerning ITS Deployment in Egypt by Dr. Mahmoud EL-HADIDI Professor of Telecommunications at Cairo U & Consultant at NTI 3 rd.
13 Nov 2007 National & Homeland Security Critical Infrastructure Protection/Resilience National Association of Regulatory Utility Commissioners Annual.
1 © 2003 Cisco Systems, Inc. All rights reserved. CIAG-HLS Security For Infrastructure Protection: Public-Private Partnerships KEN WATSON 15 OCT.
1 Information System Security Assurance Architecture A Proposed IEEE Standard for Managing Enterprise Risk February 7, 2005 Dr. Ron Ross Computer Security.
1 We’ve been p0wn’d? Review of 2015 Surface Transportation Cybersecurity Incidents 2015 TRB Session 850 Edward Fok USDOT/FHWA – Resource Center.
CRITICAL INFRASTRUCTURE & CONTINUITY OF OPERATIONS IN A POST 9/11 WORLD Presented by: Dr. Pamela Collins, EKU/JSC.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
A Military Logistics and Transportation Security Application.
USDOT, RITA RITA: Oversight of USDOT’s R&D programs  University Transportation Centers $100M  UTC Consortia $80M  UTC Multimodal R&D $40M  Intelligent.
Roadway Safety Panel How can ITS assist in bridging vehicle technology with roadway design and function?
ITS Program Update Moving Towards Implementation of Wireless Connectivity in Surface Transportation Talking Freight Webinar January 19, 2011.
U.S. Department of Transportation Federal Highway Administration 1 Critical Transportation Assets, and Sensitivity to Climate Change Gulf Coast Study,
1 IntelliDrive SM Research, Development and Emerging Technologies National ITS Perspective Panel Joseph I. Peters, Ph.D. Federal Highway Administration.
V ehicle I nfrastructure I ntegration Jeffrey F. Paniati Associate Administrator for Operations and Acting Program Manager for ITS Joint Program Office.
Presentation of projects’ ideas. 1. Madrid Network “A public-private network which aim is to contibute actively to position Madrid Region in the top.
Smart Cars + Smart Roads Safety, Mobility, Telematics and Operations ITS Oregon Annual Meeting February 1 st, 2005 Jim Wright, American Association Of.
Standardized Awareness Authorized Training, Train-the-Trainer Prevention and Deterrence.
INTELLIGENT TRANSPORTATION SYSTEM BY – ANTARA DEY SIKDAR M.T.R.P, Ist SEMESTER B.E.S.U.
ITS ePrimer Module 14: Emerging Opportunities and Challenges September 2013 Intelligent Transportation Systems Joint Program Office Research and Innovative.
Engaging State DOT’s Engaging State DOT’s 2008 ITS America State Chapters Council Annual Meeting and State Chapters Strengthening Workshop Bernie Arseneau,
1 State Homeland Security: Priorities and Funding R. Chris McIlroy Homeland Security and Technology Division National Governors Association.
A-16 Data Theme Gaps for Homeland Security and Homeland Defense Mike Lee - FGDC Homeland Security Working Group January 15, 2008.
Security and the National ITS Architecture ITS America 2003 Session 19: The State of the Practice: ITS and Homeland Security May 19, 2003 Minneapolis,
2005 ITS Georgia Annual Meeting 1 MDOT VII Vision and Test Bed Plan States and OEM’s Working Together Gregory D. Krueger, P.E. MDOT ITS Program Manager.
1 Washington State Critical Infrastructure Program “No security, No infrastructure” Infrastructure Protection Office Emergency Management Division Washington.
Governor’s Office of Homeland Security & Emergency Preparedness LOUISIANA BANKERS ASSOCIATION 2010 Louisiana Emergency Preparedness Coalition Meetings.
The Role of The ISACs in Critical Infrastructure Protection and Resiliency Denise Anderson Vice Chair-National Council of ISACs Vice President FS-ISAC,
Cyber Attacks Threaten: privacy reliability safety resiliency 2.
Recent Trends of ITS in China Xiaojing WANG Director, China National ITS Center Chief Engineer, RIOH of Ministry of Transport Oct. 7, 2015 Workshop of.
What is “national security”?  No longer defined only by threat of arms  It really is the economy  Infrastructure not controlled by the government.
SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 2: 25 March 2006.
1. The production, processing, marketing, distribution, financing and development of agricultural commodities and resources including food, fiber, wood.
Homeland Security CJ 355 Unit 6 Professor David R. Thompson.
AASHTO Standing Committee on Rail Transportation Partnering with Suppliers September 21, 2009.
Intelligent and Non-Intelligent Transportation Systems 32 Foundations of Technology Standard 18 Students will develop an understanding of and be able to.
Department of Transportation. About the DOT – Founded: The Department of Transportation was established by an act of Congress on October 15, The.
Protection of Transportation Infrastructure from Cyber Attacks EXECUTIVE BRIEFING.
Freight Railway Integration Strategy For Inter-American Development Bank Transport Week 2009 by Transportation Technology Center, Inc. (TTCI) Subsidiary.
ADVANCED TRANSPORTATION AND CONGESTION MANAGEMENT TECHNOLOGIES DEPLOYMENT (ATCMTD) PROGRAM 1 Bob Arnold, Director Office of Transportation Management,
Ken Watson 9 Sep 2003 Critical Infrastructure Assurance: Business Case for Public-Private Partnership Ken Watson 9 Sep 2003
Vehicle to Infrastructure Deployment Coalition (V2I DC) & SPaT Challenge Overview January 8, 2017.
AIRLINE TRANSPORTATION AERO 4100 / 5100
SAE DSRC Technical Committee work and outlook
The U.S. Department of Homeland Security
Adding security to your ICS environment? Fine! But how?!
Presentation transcript:

Homeland Security Agenda Control Systems Security Program Transportation Sector ICSJWG 2011 Spring Conference David Sawin John A. Volpe National Transportation Systems Center

Homeland Security Agenda Industrial Control Systems (ICS) in Transportation Risk Areas, Progress, Accomplishments Major players Feedback 2

Homeland Security Transportation is Increasingly Dependent on Net- centric Operations and Wireless Communications 3

Homeland Security E-enabled vehicles are now the norm… 4

Homeland Security …for all of us! Source: aa1car.com 5

Homeland Security We’re Demanding & Exploiting Connectivity 4G Technology at 2011 Consumer Electronics Show “We’re redefining what it means to be a really fast computer” Audi Chairman Rupert Stadler Access vehicle diagnostics Unlock doors Slow cars down with geofencing Limit driving speed of teens thetorquereport.com 6

Homeland Security Control Systems Security Challenges SECURITY TOPICINFORMATION TECHNOLOGYCONTROL SYSTEMS Anti-virus & Mobile Code Common & widely usedUncommon and can be difficult to deploy Support Technology Lifetime 3-5 yearsUp to 20 years OutsourcingCommon/widely usedRarely used (vendor only) Application of PatchesRegular/scheduledSlow (vendor specific) Change ManagementRegular/scheduledLegacy based – unsuitable for modern security Time Critical ContentDelays are usually acceptedCritical due to safety AvailabilityDelays are usually accepted24 x 7 x 365 x forever Security AwarenessGood in private and public sectorGenerally poor regarding cyber security Security Testing/AuditScheduled and mandatedOccasional testing for outages / audit Physical SecuritySecureRemote and unmanned 7

Homeland Security Critical Infrastructure Sectors Volpe Leads Transportation Homeland Security Presidential Directive 7 (HSPD-7) along with the National Infrastructure Protection Plan (NIPP) identified & categorized U.S. Critical Infrastructure into the following 18 Critical Infrastructure & Key Resources Sectors 1.Agriculture & Food 2.Banking & Finance 3.Chemical 4.Commercial Facilities 5.Dams 6.Defense Industrial Base 13. Postal & Shipping 14. Public Health & Healthcare 15. Telecommunications 16. Transportation 17. Water 18. Critical Manufacturing 7. Emergency Services 8. Energy 9. Government Facilities 10. Information Technology 11. National Monuments & Icons 12. Nuclear Reactors, Materials, & Waste 8

Homeland Security Partnership Between DHS and DOT Inventory Risk assessments Standards and best practices Laboratory Notification & response plans Outreach, training and professional capacity building Transportation Control System Security Roadmap 9

Homeland Security Highway Existing Technologies Transportation Management Systems 10

Homeland Security Transportation Management System Safe assignment of right of ways Maintain movement along major transportation facilities Provide reliable and relevant information Advanced Traveler Information System Field Devices Center to Field Network Back Office 11

Homeland Security Highway Field Devices Types of Devices Ramp/Gate/Signal Controllers Fixed Dynamic Message Signs Portable Dynamic Message Signs Enforcement System Embedded Devices Attack Vectors Direct device access Vehicle born device cloning Viruses (emergent threat) 12

Homeland Security Emerging Technologies: Cooperative Vehicle Applications Probe Data E-payment Transactions Signal Phase and Timing Information  Real Time Network Data Opportunity for Innovation V2I Safety Messages “The Network” V2V Crash avoidance 13

Homeland Security We’re Increasing the Potential Attack Surface Satellite Cellular WiFi Radio DSRC Blue Tooth & RF Wireless Sensors CD & MP3 Mechanics’ Tools 14

Homeland Security Highway Progress to Date Documenting the “universe” of control systems in highway/roadway; Intelligent Transportation Systems (ITS) Reviewing the National ITS Architecture, ITS Application Standards, and US DOT ITS Joint Program Office website (ITS body of knowledge, ITS deployments, etc.) Scheduling surveys and case studies to west coast & southern cities as well as large and medium metropolitan areas. Some sites lead the nation in transportation Innovation Examine Cooperative Vehicle Applications (Vehicle-Vehicle, Vehicle- Infrastructure) 15

Homeland Security Surface Transportation Public Transportation Emerging Technologies Positive Train Control Systems 16

Homeland Security Lodz, Poland, January Year Old Boy Derails Polish Trams with Modified TV Remote –4 light rail train (trams) derailed, 12 people hurt –Tool used: Converted television IR remote –Vulnerability: Locks disabling track changes when vehicle are present was not installed. 17

Homeland Security Surface Transportation – Public Transit Progress to Date Inventory Scans –Public Transit Rail –Heavy Rail Case Studies –Small east coast Transit Authority –Large west Coast metropolitan city APTA CCSWG Regional Meetings UK TRANSEC Cyber Threat Workshop Schedule DHS-CSSP CSET Training (across USA) Coordinated DHS-CSSP Panel for APTA Meeting in New Orleans (Oct ) 18

Homeland Security Aviation Existing Air Traffic Control System 19

Homeland Security Emerging Technologies NextGen Air Traffic Control System 20

Homeland Security Understanding Requires Collaboration Designers & manufacturers Equipment suppliers System integrators Expert consultants University & government researchers Testing organizations Users (airlines) Infrastructure operators Standards organizations Certifiers and regulators Example: Airborne Network Security 21

Homeland Security Aviation Progress to Date Inventory Scans Completed the preliminary inventory of eEnabled aviation assets & finalized preliminary findings = 613 Control Systems (211 ranked) Continue collection, research and analysis on UAS info for the eEnabled Aircraft Inventory National Airspace System (NAS) Inventory (TBD) CSET - Planned Health and Usage Monitoring System (HUMS) - engines CSETs – Under Consideration Airlines EFB Applications In-Flight Entertainment (IFE) Incident Response eEnabled Aircraft Incident Response White Paper 22

Homeland Security Maritime Automated Systems 23

Homeland Security Today’s maritime environment includes automation throughout our nation’s ports –Automated entry systems –Wireless cargo tracking –Driverless cranes and other vehicles Existing Automated Maritime Systems Volpe Center Images 24

Homeland Security Driverless Vehicle Hamburg Germany. Driverless vehicle moving 40’ container to automated storage crane. Volpe Center Image 25

Homeland Security Crane Accident Oakland, CA. Dropped cargo container too early. Is this a result of a Control System failure? Countryman & McDaniel 26

Homeland Security Inland Waterway System Volpe Center Images 27

Homeland Security SmartLock 28

Homeland Security Fire Onboard Could bad planning software have made it worse? Hazmat too close together? 29

Homeland Security Navigation Malfunction Human error or equipment malfunction? 30

Homeland Security Dry-dock Malfunction Dubai. Opened sea gate while workers were under vessel resulting in 27 deaths and the loss of 2 vessels. Countryman & McDaniel

Homeland Security Maritime Progress to Date Surveyed A major international ship container carrier’s two vessels docked on the east coast. An international truck/car carrier on the east coast. Two major container terminals on the east coast, and one in the Gulf of Mexico. One of the worlds largest port and container terminals in the US Contacted vessel owners and shipping lines at CMA Shipping 2011 Conference in Stamford, CT. Presented CSSP info to ports, terminals, & equipment manuf. at Port & Terminal Technology Conf in Houston, TX. 32

Homeland Security Pipeline 33

Homeland Security Pipeline systems in US infrastructure Pipeline Systems: Are critical in distribution systems for both oil and natural gas Have carried over 15 billion barrels of domestic oil Control Systems play major roles Smart Pigs US DOT Pipeline and Hazardous Materials Safety Administration o Top priority is safety 34

Homeland Security Pipeline Progress to Date Conducted industry reviews Coordinated outreach and awareness to TSA/Pipeline and DOT/PHMSA Initial meetings with northeastern US gas distribution company Initial review of a large US strategic operator Attended API Pipeline Conference in Texas in April to develop industry contacts and to identify industry risk Develop a Control System inventory for pipeline 35

Homeland Security Cross Cutting Multi Model Progress to Date Professional Capacity Building –Government and private sector = 675 Outreach and Awareness –Separate activities = 25 CSET - Completed, Planned or ongoing = 25 Case Studies - Completed, Planned or ongoing = 8 Transportation Sector Roadmap 36

Homeland Security Major Players in CSSP-Transportation DHS CSSP. Joint Working Groups, Conferences & Workshops Roadmap Committee & Participants Transportation Security Administration (TSA) Cyber Security Awareness/Outreach American Public Transportation Association (APTA) Association of American Railroads (AAR) Risk Group American Association of State Highway and Transportation Officials (AASHTO) Intelligent Transportation Society of America (ITS America) Society of Automotive Engineers (SAE) Transportation Research Board (TRB) Information Sharing and Analysis Centers (ISACs) Radio Technical Commission for Aeronautics (RCTA) Volpe Center and other DOT Modes International Transportation Counterparts U. S. Coast Guard 37

Homeland Security Next Steps for CSSP-Transportation Expanding assistance to industry in all modes –Aviation, ST PT, Highway, Maritime, Pipeline –Inventory, CSETS, Standards, NCIRP, –Transportation ISACS –International Outreach to DOT Model Administrators, operators, vendors Transportation Roadmap Professional Capacity Building Host a Transportation Cyber Collaborative Workshop 38

Homeland Security Questions / Feedback David E. Sawin Program Manager Information Assurance - Control Systems Intermodal Infrastructure Security and Operations US Department of Transportation Research and Innovative Technology Administration Volpe National Transportation Systems Center Voice: , Wireless: , STE: , Fax:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.