The National Academies Press

Currently Skimming:

Pages 88-101

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 88... ... 88 C H A P T E R 4 The past 40 years have seen an escalating competition between developers and users of systems that employ cyber technology and those who seek to do harm. Each generation of cybersecurity solutions is countered by ever-more sophisticated threats; each potential threat spawns additional layers of defense. Read the entire page →
From page 89... ... Cybersecurity 89 of transportation systems is becoming more and more evident, and the likelihood of new or more significant events is increasing along with the cost of cyber incidents and cybercrime. • In 2006, employees hacked into the traffic control computer in Los Angeles as part of a labor dispute and demonstrated how easily a major city could become gridlocked. Read the entire page →
From page 90... ... 90 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies The relatively few numbers of catastrophic incidents in transportation reported to date has resulted in a false sense of security within the sector. Recent research estimated that on the physical security side, as many as 75% of security breaches go unreported. Read the entire page →
From page 91... ... Cybersecurity 91 due to inherent vulnerabilities in control systems within transportation systems. In addition, cybercrime is expanding. Read the entire page →
From page 92... ... 92 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies Systems in Rail Transit Environments, Part 2, recognizes the importance of a cybersecurity culture in the agency (APTA 2019) : Just as transit agencies have created a safety-centric culture -- saving lives and reducing accidents and accident severity -- they need to foster and create a cybersecurity culture. Read the entire page →
From page 93... ... Cybersecurity 93 Special precautions must be taken when introducing security to ICS environments. In some cases, new security solutions are needed that are tailored to the ICS environment. Read the entire page →
From page 94... ... 94 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies The DHS worked with industry cybersecurity and control system subject matter experts and the DOE to produce Cybersecurity Procurement Language for Control Systems (DHS 2009) Read the entire page →
From page 95... ... Cybersecurity 95 Additional sections provide language to consider when acquiring intrusion detection systems, focused on physical security considerations and wireless technologies, and on cryptographic technology. The procurement language presented in these documents is not all-inclusive. Read the entire page →
From page 96... ... 96 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies The addition of tens of millions of connected vehicles will only accelerate the need for more subtle solutions. Emerging Trends in Transportation Control Technologies Emerging trends in transportation control technologies have potential impact on transportation cybersecurity. Read the entire page →
From page 97... ... Cybersecurity 97 At the same time, this program may exponentially increase the number of vehicles accessible by hackers and bad actors through the implementation of dedicated short-range communications (DSRC) between vehicles, between vehicles and the roadway, between vehicles and traffic signals and other infrastructure, and between vehicles and pedestrians and obstacles. Read the entire page →
From page 98... ... 98 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies responders use fleet management systems, AVL, and computer-aided dispatch (CAD) technologies to track and manage buses, trucks, and other fleets. Read the entire page →
From page 99... ... Cybersecurity 99 Wireless networks used for transmission of connected vehicle and traffic data are vulnerable to attack from miles away. Telecommunications infrastructure vulnerabilities are difficult to address and have tended to remain unaddressed for years after they are discovered. Read the entire page →
From page 100... ... 100 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies audience for this document was European transit agencies, the document provides much information of use to U.S. operators. Read the entire page →
From page 101... ... Cybersecurity 101 existing organizational resilience as well as provide a gap analysis for improvement based on recognized best practices. Resource guides were developed to help organizations implement practices identified as considerations for improvement in a CRR report. Read the entire page →

From page 88...

... 88 C H A P T E R 4 The past 40 years have seen an escalating competition between developers and users of systems that employ cyber technology and those who seek to do harm. Each generation of cybersecurity solutions is countered by ever-more sophisticated threats; each potential threat spawns additional layers of defense.

Read the entire page →

From page 89...

... Cybersecurity 89 of transportation systems is becoming more and more evident, and the likelihood of new or more significant events is increasing along with the cost of cyber incidents and cybercrime. • In 2006, employees hacked into the traffic control computer in Los Angeles as part of a labor dispute and demonstrated how easily a major city could become gridlocked.

Read the entire page →

From page 90...

... 90 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies The relatively few numbers of catastrophic incidents in transportation reported to date has resulted in a false sense of security within the sector. Recent research estimated that on the physical security side, as many as 75% of security breaches go unreported.

Read the entire page →

From page 91...

... Cybersecurity 91 due to inherent vulnerabilities in control systems within transportation systems. In addition, cybercrime is expanding.

Read the entire page →

From page 92...

... 92 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies Systems in Rail Transit Environments, Part 2, recognizes the importance of a cybersecurity culture in the agency (APTA 2019) : Just as transit agencies have created a safety-centric culture -- saving lives and reducing accidents and accident severity -- they need to foster and create a cybersecurity culture.

Read the entire page →

From page 93...

... Cybersecurity 93 Special precautions must be taken when introducing security to ICS environments. In some cases, new security solutions are needed that are tailored to the ICS environment.

Read the entire page →

From page 94...

... 94 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies The DHS worked with industry cybersecurity and control system subject matter experts and the DOE to produce Cybersecurity Procurement Language for Control Systems (DHS 2009)

Read the entire page →

From page 95...

... Cybersecurity 95 Additional sections provide language to consider when acquiring intrusion detection systems, focused on physical security considerations and wireless technologies, and on cryptographic technology. The procurement language presented in these documents is not all-inclusive.

Read the entire page →

From page 96...

... 96 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies The addition of tens of millions of connected vehicles will only accelerate the need for more subtle solutions. Emerging Trends in Transportation Control Technologies Emerging trends in transportation control technologies have potential impact on transportation cybersecurity.

Read the entire page →

From page 97...

... Cybersecurity 97 At the same time, this program may exponentially increase the number of vehicles accessible by hackers and bad actors through the implementation of dedicated short-range communications (DSRC) between vehicles, between vehicles and the roadway, between vehicles and traffic signals and other infrastructure, and between vehicles and pedestrians and obstacles.

Read the entire page →

From page 98...

... 98 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies responders use fleet management systems, AVL, and computer-aided dispatch (CAD) technologies to track and manage buses, trucks, and other fleets.

Read the entire page →

From page 99...

... Cybersecurity 99 Wireless networks used for transmission of connected vehicle and traffic data are vulnerable to attack from miles away. Telecommunications infrastructure vulnerabilities are difficult to address and have tended to remain unaddressed for years after they are discovered.

Read the entire page →

From page 100...

... 100 Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies audience for this document was European transit agencies, the document provides much information of use to U.S. operators.

Read the entire page →

From page 101...

... Cybersecurity 101 existing organizational resilience as well as provide a gap analysis for improvement based on recognized best practices. Resource guides were developed to help organizations implement practices identified as considerations for improvement in a CRR report.

Read the entire page →

Key Terms

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.