Shared Publication

CYBERSECURITY | Right: The intersection between LA’s Ventura Freeway and Glendale Freeway, where a cyberattack on traffic signals caused gridlock in 2006 The attack should have been a wake-up call to traffic managers everywhere to beef up security in traffic management centres and to address security flaws in signal infrastructure. But research undertaken by the University of Michigan in 2014 by Professor Alex Halderman shone a light on a “systemic lack of security consciousness” amongst transportation departments” running “future embedded systems”. In a paper entitled, Green Lights Forever: Analyzing the Security of Traffic Infrastructure, with the permission of a Michigan Road agency, Halderman and his team investigated how susceptible a networked traffic light system, using wireless technology, was to cyber attack. “Due to systemic failures by the designers”, they discovered that was it was not only possible to “gain control of a system of almost 100 intersections” but to also “change the lights on command”. Kevin Curran, professor of cybersecurity at Ulster University, in Northern Ireland, says that traffic light control systems based on wireless communication technologies, are particularly susceptible to attack. “In the United States where these systems are becoming increasingly popular, cyber attackers demonstrated how easily it was to infiltrate this technology largely because of a lack of ‘cyber hygiene’. Often engineers were using default passwords leaving the IP address free for hackers to access.” Creating robust systems The key to designing signal control that is resilient to attack lies in overall system architecture. Centralized control centers may seem, to the layman, like vulnerable points for attack, but they aren’t necessarily more vulnerable than having each junction isolated and controlled independently, so long as they are designed correctly. Hackers are r always find ane loerngtalensisz aatniodn t’sh eAyc hwiilllle s’ heel. For issig…n tahle o dpaetraa ttohrast, ftlhoew gsr tehartoeustg pho ttheen tmiaal nsye cduifrfietyre fnlat w sensors that help better regulate traffic lights Dr Zhengguo Sheng, advanced networks and communications, University of Sussex, UK 080 Intertraffic World | Annual Showcase 2020 100 The number of vulnerable intersections a 2014 academic paper identified in Michigan, USA “It’s not a case of pitting one against another, but a secure system architecture that counts,” says Dr Zhengguo Sheng, a lecturer in advanced networks and communications at the University of Sussex, UK. “Although most modern traffic management systems are centralized, they are not based in one single location, but in a few strategic centres. All use a multi-layered control system with a back-up system that runs in tandem with the operating system. Therefore, if a hacker does exploit a vulnerability in the system, it is fairly easy to get it up and running again.” But, according to Dr Sheng, just because the majority of traffic authorities “are using the correct system architecture, it doesn’t mean that they are safe from cyberattack”.