ITS Security Areas

The term "Security Area" represents areas of ITS which can be used to enhance surface transportation security. The National ITS Architecture provides entities (subsystems and terminators), functions, and interfaces that cover aspects of eight ITS security areas in the figure below. For each ITS security area, this section discusses the scope of the area along with its architecture representation including appropriate market packages.

Disaster Response and Evacuation

The Disaster Response and Evacuation (DRE) Security Area uses intelligent transportation systems to enhance the ability of the surface transportation system to respond to and recover from natural disasters, terrorist acts, and other catastrophic events. DRE improves access to the scene for response personnel and resources, provides better information about the transportation system in the vicinity of the disaster, supports resource coordination and sharing of current situation information, and provides more efficient, safer evacuation for the general public if needed.

All types of disasters are considered including natural disasters (hurricanes, earthquakes, floods, winter storms, tsunamis, etc.) and technological and man-made disasters (hazardous materials incidents, nuclear power plant accidents, and national security emergencies such as terrorism, nuclear, chemical, biological, and radiological weapons attacks terrorist acts.). Broad inter-agency coordination is critical in all disaster scenarios, with transportation professionals performing well-defined roles in the larger context of the multi-agency response to the disaster. DRE defines how ITS can be used to coordinate and integrate DRE activities within diverse organizations in order to improve the safety of the responders and the public at large, and improve the performance and effectiveness of the transportation system as a part of the overall disaster response.

In the physical architecture, DRE centers on the Emergency Management Subsystem, which represents the interface to local, county, state, and federal public safety, emergency management, and other allied response agencies. In DRE, this subsystem represents both the Emergency Operations Centers and the Incident Command Systems that are established when disaster strikes. DRE focuses on the interfaces between this subsystem and the subsystems that represent the transportation operators and information providers (Traffic Management Subsystem, Transit Management Subsystem, Information Service Provider, Maintenance and Construction Management, Rail Operations, etc.). DRE builds on existing Incident Management capabilities that were already defined in the National ITS Architecture prior to Version 5.0.

The Disaster Response and Evacuation security area centers around the Emergency Management subsystem and is best characterized in the National ITS Architecture by four market packages: Early Warning System (EM07), Disaster Response and Recovery (EM08), Evacuation and Reentry Management (EM09), and Disaster Traveler Information (EM10).

Freight and Commercial Vehicle Security

The area of freight and commercial vehicle security considers the awareness aspect of security through the surveillance of either commercial vehicles or freight equipment. Freight equipment includes containers (with or without chassis), the chassis, or trailers. In addition, the interface with intermodal facilities is another aspect of this area. There are four major functions included as part of this security area.

The first functional area is tracking commercial vehicle or freight equipment locations to determine if an asset has deviated from its planned route. The carrier’s operation center (FMS, Fleet and Freight Management Subsystem) would be responsible for monitoring the route. In addition, the commercial vehicle’s on-board system can correlate its current location to the planned route and notify the operation center of a route deviation. If a route deviation exceeds the established limits, the operation center would be responsible for formulating a response plan, which could include notifying public safety agencies.

The second functional area is to monitor the identities of the driver, commercial vehicle and freight equipment for consistency with the planned assignment. The carrier’s operation center (FMS) determines if an unauthorized change has occurred and is responsible for implementing a response plan, which could include notifying public safety agencies. In support of a seamless intermodal system, assignment information is exchanged with intermodal facilities and shippers.

The third functional area is to monitor freight equipment for a breach or tamper event. A breach or tamper event includes the nature of event, time, location, freight equipment identity, monitoring device status and environmental threat sensor readings (chemical, biological, etc.).

The fourth functional area is to monitor the commercial vehicle for a breach or tamper event. A breach or tamper event, in this instance, includes the nature of event, time, location, commercial vehicle identity, driver identity and monitoring device status.

The Freight and Commercial Vehicle Security area is largely comprised of four market packages. The Fleet Administration (CVO01) market package includes the capability to identify commercial vehicle route deviations. The location of the Commercial Vehicle can be monitored by the Fleet and Freight Management subsystem and route deviations exceeding the established limit are flagged. The Fleet and Freight Management subsystem is responsible for formulating a response plan, which could include notifying public safety agencies.

The Freight Administration (CVO02) market package includes the capability to identify route deviations, and breach and tamper events of freight equipment. The Fleet and Freight Management subsystem monitors the route by obtaining location information directly from the freight equipment or via the commercial vehicle. The Fleet and Freight Management subsystem monitors shipments to make sure that no tampering or breach of security occurs to the freight equipment. For security related incidents, the Fleet and Freight Management subsystem is responsible for formulating a response plan, which could include notifying public safety agencies.

The On-board CVO and Freight Safety & Security (CVO08) market package includes the capability for the Fleet and Freight Management subsystem to detect and respond to commercial vehicle breach and tamper events. In addition, both commercial vehicle and freight equipment breach or tamper events are made available to the Commercial Vehicle Check subsystem.

The Freight Assignment Tracking (CVO13) market package provides for the planning and tracking of three aspects of commercial vehicle shipments. For each shipment, the commercial vehicle, the freight equipment, and the commercial vehicle driver, are monitored for consistency with the planned assignment. The Fleet and Freight Management subsystem determines any unauthorized changes, and is responsible for formulating a response plan which could include notifying public safety agencies.

HAZMAT Security

The HAZMAT Security area’s purpose is to reduce the likelihood of a successful hijacking of security sensitive HAZMAT cargo and its subsequent use as a weapon.

The first major function is tracking security sensitive HAZMAT cargo carrying commercial vehicles and report unexpected and significant deviations or operations on restricted roadways to police. In order to protect business confidential operational information, the operational tracking and the determination of a significant route deviation requiring notification of public safety is done by a commercial carrier's operations center (FMS).

The second major function is detection of security sensitive HAZMAT cargoes on commercial vehicles by remote sensing and imaging from the roadside. By also reading electronic tag information (carrier ID, vehicle ID and driver ID) from a sensed commercial vehicle, any detected security sensitive hazmat can be correlated with existing credentials, to determine if the cargo being carried is a permitted operation. If not, the vehicle can be asked to pull-in, and public safety may be notified.

The third major function is authentication of drivers and notification to public safety if an unexpected driver attempts to operate a vehicle carrying security sensitive HAZMAT. As with tracking security sensitive HAZMAT cargo, the commercial fleet management center acts to validate and verify any discrepancies prior to notification of public safety.

The HAZMAT Security area is largely represented by four market packages. The Fleet Administration (CVO01) market package includes the capability to track commercial vehicles by a Fleet and Freight Management center. If the Fleet Management Center notices a significant discrepancy, it may notify police.

The CV Administrative Processes (CVO04) market package includes the distribution of usable and non-usable local and national HAZMAT routes with associated administrative restrictions by time and for specific classes of HAZMAT cargoes. This map information is distributed by public agencies to Information Service Providers, Fleet and Freight Management functions and map update providers.

The Roadside HAZMAT Security Detection and Mitigation (CVO11) market package is used to detect HAZMAT cargoes at the roadside, and correlate the detected operations with existing credentials to determine if a detected HAZMAT cargo is a permitted activity. If a non-permitted activity is detected, the Commercial Vehicle Check station may notify police.

The CV Driver Security Authentication (CVO12) market package authenticates a commercial vehicle driver based on information downloaded to the vehicle from the Fleet Management Center. If an unauthenticated driver is detected, a vehicle may be safely disabled by the Fleet Management Center, and the Fleet Management Center may notify police.

ITS Wide Area Alert

The ITS Wide Area Alert security area notifies the traveling public in emergency situations such as child abductions, severe weather watches and warnings, natural and human-caused disasters, military operations, and civil emergencies where lives and/or property are at stake. It utilizes ITS driver and traveler information technologies to immediately provide information and instructions to the traveling public, improving public safety and enlisting the public’s help in some scenarios. The ITS technologies supplement and support other emergency and homeland security alert systems such as the Emergency Alert System (EAS).

When an emergency situation is reported and verified and the terms and conditions for system activation are satisfied, a designated agency broadcasts emergency information to traffic agencies, transit agencies, information service providers, the media, and other ITS systems that have driver or traveler information capabilities. The ITS systems, in turn, provide the alert information to the traveling public using ITS technologies such as Variable Message Signs, Highway Advisory Radios, in-vehicle displays, transit displays, 511 traveler information systems, and traveler information web sites. The service providers for this security area include the emergency management, homeland security, military and public safety agencies that issue the Wide Area Alert, the traffic, transit, and traveler information organizations that convey the information to the traveling public, and the traveling public itself.

In the physical architecture, the Emergency Management Subsystem represents the agency/system that broadcasts the emergency information to the ITS systems. This subsystem provides the alert information to the Traffic Management Subsystem, Transit Management Subsystem, Information Service Provider, Maintenance and Construction Management Subsystem, and Toll Administration Subsystem, which in turn provide the alert information to system operators and the traveling public.

The ITS Wide Area Alert security area centers around the Emergency Management subsystem and is best characterized in the National ITS Architecture by the Wide Area Alert (EM06) market package. The Wide Area Alert market package uses ITS driver and traveler information systems to alert the public in emergency situations such as child abductions, severe weather events, civil emergencies, and other situations that pose a threat to life and property. The alert includes information and instructions for transportation system operators and the traveling public, improving public safety and enlisting the public’s help in some scenarios. The ITS technologies will supplement and support other emergency and homeland security alert systems such as the Emergency Alert System (EAS).

When an emergency situation is reported and verified and the terms and conditions for system activation are satisfied, a designated agency broadcasts emergency information to traffic agencies, transit agencies, information service providers, toll operators, and others that operate ITS systems. The ITS systems, in turn, provide the alert information to transportation system operators and the traveling public using ITS technologies such as dynamic message signs, highway advisory radios, in-vehicle displays, transit displays, 511 traveler information systems, and traveler information web sites.

Rail Security

The general area of Rail Security includes ITS functionality to monitor and secure trains, rail cars, fixed assets (track, wayside equipment and highway-rail intersections) and personnel. Rail Security focuses on freight rail (security aspects of passenger rail are covered under transit security). The current version of the National ITS Architecture addresses a subset of the overall area of rail security, specifically interfaces between rail entities and highway entities. These are the interfaces relating to highway rail intersections (HRI) and the interfaces from rail operations to traffic and emergency management functions of the architecture.

The primary security function associated with HRI is surveillance of the intersection, which is performed in the architecture by the Roadway subsystem. The market package that provides this function is ATMS14, Advanced Railroad Grade Crossing.

The interface between rail operations and the traffic management functions is expressed in the architecture as the interface between the Rail Operations terminator and the Traffic Management Subsystem and contains incident and advisory information. It is included in market packages ATMS13 (Standard Railroad Grade Crossing), ATMS14 (Advanced Railroad Grade Crossing), and ATMS15 (Railroad Operations Coordination).

The interface between rail operations and the emergency management function is expressed in the architecture as the interface between the Rail Operations terminator and the Emergency Management Subsystem. The market packages that address this interface are ATMS08 (Traffic Incident Management System), for normal incidents; EM08 (Disaster Response and Recovery), for disaster response; and EM09 (Evacuation and Reentry Management), for coordination during evacuations.

Transit Security

The area of transit security addresses passenger, facility, and asset security for passenger rail and bus transit systems. The area addresses surveillance and sensor monitoring of transit stations, stops, facilities, infrastructure, and vehicles. The surveillance includes both video and audio surveillance. The sensor monitoring includes threat sensors (e.g. chemical agent, toxic industrial chemical, biological, explosives, thermal, acoustic and radiological sensors), object detection sensors, motion or intrusion detection sensors, and infrastructure integrity sensors.

Transit-related systems also include analysis of sensor or surveillance outputs for possible threats and automatic notification of appropriate transit or public safety personnel to potential threats. The Transit Security area supports traveler or transit vehicle operator initiated alarms that are monitored by central dispatch or the local police. This area also includes a security management and control capability that not only provides detection, identification and notification of threats or incidents, but also allows the transit agency to take response measures such as remote vehicle disabling. In addition, this area also provides access control to transit vehicles, requiring positive operator identification before transit vehicles can be operated.

Another aspect of the Transit Security area of the National ITS Architecture is to provide emergency information to travelers using the transit system by visual (signs) or audio messages on-board the transit vehicle, at transit stops, or in transit facilities. Finally, the transit security area will interface with appropriate security agencies (e.g., the Transit Information Security Analysis Center) to assist in analysis of threats and to report threats.

The Transit Security area’s key market package is Transit Security (APTS05). This market package includes six key interfaces. The first key interface is between the Transit Vehicle Subsystem and the Transit Management Subsystem for traveler or vehicle operator initiated alarms, vehicle disabling, and vehicle operator authentication.

The second key interface is between the Transit Vehicle Subsystem and Emergency Management Subsystem (representing either a public safety agency or the public safety aspects of a transit agency e.g., transit police) for traveler or vehicle operator initiated alarms, surveillance, and sensor monitoring.

The third key interface is between the Remote Traveler Support Subsystem (representing devices in public transit areas such as transit stations) and Emergency Management Subsystem for traveler initiated alarms, surveillance, and sensor monitoring.

The fourth key interface is between the Security Monitoring Subsystem (representing devices in non-public transit areas such as transit yards) and Emergency Management Subsystem for surveillance and sensor monitoring.

The fifth key interface is between the Transit Management Subsystem and Emergency Management Subsystem for sharing emergency information and coordinating incident response.

The sixth key interface is between the Emergency Management Subsystem (representing either a public safety agency or the public safety aspects of a transit agency e.g., transit police and the Alert and Advisory Systems terminator for sharing of threat information or threat data for analysis.

Transportation Infrastructure Security

Transportation infrastructure can be monitored and protected by a broad array of ITS technologies. Transportation infrastructure security includes the monitoring of transportation infrastructure (e.g., bridges, tunnels and management centers) for potential threats using sensors and surveillance equipment. Threats to infrastructure can result from acts of nature (e.g., hurricanes, earthquakes), terrorist attacks or other incidents causing damage to the infrastructure (e.g., stray barge hitting a bridge support). Barrier and safeguard systems are used to preclude an incident, control access during and after an incident or mitigate impact of an incident.

The Emergency Management Subsystem monitors the transportation infrastructure. Information on threats is shared primarily with the Other EM, TMS, and MCMS subsystems but can also be shared with other subsystems. The Traffic Management Subsystem controls the barrier and safeguard equipment although Emergency Management can request deployment. The security of transportation infrastructure is covered primarily in the Transportation Infrastructure Protection (EM05) market package.

Traveler Security

The Traveler Security area is responsible for increasing the safety and security of travelers in public areas including public transit facilities, bridges, tunnels, parking facilities and (major) intersections and other roadway features.

There are four key market packages that represent the Traveler Security area. The Transit Security (APTS05) market package provides for traveler security through surveillance and sensor monitoring to warn of hazardous situations as well as allowing travelers to report emergencies.

The Transportation Infrastructure Protection (EM05) market package includes the monitoring of transportation infrastructure (e.g., bridges, tunnels and management centers) for potential threats using sensors and surveillance equipment.

The Wide-Area Alert (EM06) market package uses ITS driver and traveler information systems to alert the public in emergency situations that pose a threat to life and property.

Finally, the Disaster Traveler Information (EM10) market package uses ITS to provide disaster-related traveler information to the general public, including evacuation and reentry information and other information (possibly responsive to specific traveler requests) concerning the operation of the transportation system during a disaster.