< < ST10 : SU01 : SU02 > >

SU01: Connected Vehicle System Monitoring and Management

This service package provides monitoring, management and control services necessary to other applications and/or devices operating within the Connected Vehicle Environment. This service package maintains and monitors the performance and configuration of the connected vehicle system. This includes tracking and management of the infrastructure configuration as well as detection, isolation, and correction of infrastructure service problems. It also includes monitoring of performance of the infrastructure and mobile equipment, which includes RSEs, OBEs, the back office applications, as well as the communication links that connect the system.

Relevant Regions: Australia, Canada, European Union, and United States

Enterprise

Development Stage Roles and Relationships

Installation Stage Roles and Relationships

Operations Stage Roles and Relationships
(hide)

Source Destination Role/Relationship
Center Manager Center Manages
Center Owner Center Owns
Center Owner Center Manager Operations Agreement
Center Owner Connected Vehicle Roadside Equipment Owner Information Exchange Agreement
Center Owner Maint and Constr Management Center Owner Information Exchange Agreement
Center Supplier Center Owner Warranty
Connected Vehicle Roadside Equipment Manager Connected Vehicle Roadside Equipment Manages
Connected Vehicle Roadside Equipment Owner Center Owner Information Exchange Agreement
Connected Vehicle Roadside Equipment Owner Connected Vehicle Roadside Equipment Owns
Connected Vehicle Roadside Equipment Owner Connected Vehicle Roadside Equipment Manager Operations Agreement
Connected Vehicle Roadside Equipment Owner Field Maintenance Equipment Owner Information Exchange and Action Agreement
Connected Vehicle Roadside Equipment Owner Other Connected Vehicle Roadside Equipment Owner Information Exchange and Action Agreement
Connected Vehicle Roadside Equipment Owner Service Monitor System Owner Information Provision Agreement
Connected Vehicle Roadside Equipment Supplier Connected Vehicle Roadside Equipment Owner Warranty
Field Maintenance Equipment Manager Field Maintenance Equipment Manages
Field Maintenance Equipment Manager Maint and Constr Field Personnel System Usage Agreement
Field Maintenance Equipment Owner Connected Vehicle Roadside Equipment Owner Information Exchange and Action Agreement
Field Maintenance Equipment Owner Field Maintenance Equipment Owns
Field Maintenance Equipment Owner Field Maintenance Equipment Manager Operations Agreement
Field Maintenance Equipment Supplier Field Maintenance Equipment Owner Warranty
ITS Object Manager ITS Object Manages
ITS Object Owner ITS Object Owns
ITS Object Owner ITS Object Manager Operations Agreement
ITS Object Owner Service Monitor System Owner Expectation of Information Provision
ITS Object Supplier ITS Object Owner Warranty
Maint and Constr Field Personnel Field Maintenance Equipment Operates
Maint and Constr Management Center Manager Maint and Constr Management Center Manages
Maint and Constr Management Center Owner Center Owner Information Exchange Agreement
Maint and Constr Management Center Owner Maint and Constr Management Center Owns
Maint and Constr Management Center Owner Maint and Constr Management Center Manager Operations Agreement
Maint and Constr Management Center Supplier Maint and Constr Management Center Owner Warranty
Other Connected Vehicle Roadside Equipment Manager Other Connected Vehicle Roadside Equipment Manages
Other Connected Vehicle Roadside Equipment Owner Connected Vehicle Roadside Equipment Owner Information Exchange and Action Agreement
Other Connected Vehicle Roadside Equipment Owner Other Connected Vehicle Roadside Equipment Owns
Other Connected Vehicle Roadside Equipment Owner Other Connected Vehicle Roadside Equipment Manager Operations Agreement
Other Connected Vehicle Roadside Equipment Supplier Other Connected Vehicle Roadside Equipment Owner Warranty
Service Monitor System Manager Service Monitor System Manages
Service Monitor System Manager Service Monitor System Operator System Usage Agreement
Service Monitor System Operator Service Monitor System Operates
Service Monitor System Owner Center Owner Information Provision Agreement
Service Monitor System Owner Maint and Constr Management Center Owner Information Provision Agreement
Service Monitor System Owner Service Monitor System Owns
Service Monitor System Owner Service Monitor System Manager Operations Agreement
Service Monitor System Supplier Service Monitor System Owner Warranty

Maintenance Stage Roles and Relationships

Physical

The physical diagram can be viewed in SVG or PNG format and the current format is SVG.
SVG Diagram
PNG Diagram


Display Legend in SVG or PNG

Includes Physical Objects:

Physical Object Class Description
Center Center This general physical object is used to model core capabilities that are common to any center.
Connected Vehicle Roadside Equipment Field 'Connected Vehicle Roadside Equipment' (CV RSE) represents the Connected Vehicle roadside devices that are used to send messages to, and receive messages from, nearby vehicles using Dedicated Short Range Communications (DSRC) or other alternative wireless communications technologies. Communications with adjacent field equipment and back office centers that monitor and control the RSE are also supported. This device operates from a fixed position and may be permanently deployed or a portable device that is located temporarily in the vicinity of a traffic incident, road construction, or a special event. It includes a processor, data storage, and communications capabilities that support secure communications with passing vehicles, other field equipment, and centers.
Field Maintenance Equipment Field 'Field Maintenance Equipment' represents the portable equipment used by field personnel to locally troubleshoot, initialize, reprogram, and test infrastructure equipment. It may include a laptop, specialized diagnostics tools, or any other general purpose or specialized equipment that is interfaced locally to infrastructure equipment to support maintenance and repair.
ITS Object ITS The general 'ITS Object' includes core capabilities common to any class of object.
Maint and Constr Field Personnel Field Represents the people that perform maintenance and construction field activities including vehicle and equipment operators, field supervisory personnel, field crews, and work zone safety personnel. Information flowing from the Maintenance and Construction Field Personnel will include those system inputs specific to maintenance and construction operations, such as information regarding work zone status, or the status of maintenance actions. The field personnel are also monitored within the work zone to enhance work zone safety. Information provided to Maintenance and Construction Field Personnel includes dispatch requests, maintenance and construction actions to be performed, and work zone safety warnings.
Maint and Constr Management Center Center The 'Maint and Constr Management Center' monitors and manages roadway infrastructure construction and maintenance activities. Representing both public agencies and private contractors that provide these functions, this physical object manages fleets of maintenance, construction, or special service vehicles (e.g., snow and ice control equipment). The physical object receives a wide range of status information from these vehicles and performs vehicle dispatch, routing, and resource management for the vehicle fleets and associated equipment. The physical object participates in incident response by deploying maintenance and construction resources to an incident scene, in coordination with other center physical objects. The physical object manages equipment at the roadside, including environmental sensors and automated systems that monitor and mitigate adverse road and surface weather conditions. It manages the repair and maintenance of both non-ITS and ITS equipment including the traffic controllers, detectors, dynamic message signs, signals, and other equipment associated with the roadway infrastructure. Weather information is collected and fused with other data sources and used to support advanced decision support systems.

The physical object remotely monitors and manages ITS capabilities in work zones, gathering, storing, and disseminating work zone information to other systems. It manages traffic in the vicinity of the work zone and advises drivers of work zone status (either directly at the roadside or through an interface with the Transportation Information Center or Traffic Management Center physical objects.)

Construction and maintenance activities are tracked and coordinated with other systems, improving the quality and accuracy of information available regarding closures and other roadway construction and maintenance activities.
Other Connected Vehicle Roadside Equipment Field Representing another Connected Vehicle Roadside Equipment, 'Other Connected Vehicle Roadside Equipment' supports peer to peer communication and direct coordination between RSEs. It provides a source and destination for information that may be exchanged between RSEs.
Service Monitor System Support The 'Service Monitor System' represents one or more center-based systems that provide monitoring, management and control services necessary to other applications and/or devices operating within the Connected Vehicle Environment. These support services enable other applications to provide transportation services.
Service Monitor System Operator Support The 'Service Monitor System Operator' represents the person or people that monitor and manage the Service Monitor System.

Includes Functional Objects:

Functional Object Description Physical Object
Center Connected Vehicle Infrastructure Management 'Center Connected Vehicle Infrastructure Management' is the back office application that supports monitoring and maintenance of the Connected Vehicle infrastructure (RSEs, support systems, and associated communications links). It monitors the performance and configuration of the infrastructure portion of the Connected Vehicle Environment. This includes tracking and management of the infrastructure configuration as well as detection, isolation, and correction of infrastructure service problems. The application also includes monitoring of performance of the infrastructure equipment, including RSEs and communications links. Center
FME On-Site Maintenance 'FME On-Site Maintenance' provides field personnel with diagnostic information from field equipment and provides the capability for field personnel to locally control and configure this equipment to support on-site installation, repair, and maintenance. Field Maintenance Equipment
ITS Management Support 'ITS Management Support' provides management of the ITS Object. This includes management of regulatory information and policies, management of application processes, management of communication system configuration and update management, communications interfaces, protocol-specific techniques to ensure interoperability such as service advertisements, communications congestion management and interference management, local device states and communications information, billing management, fault management, service level and performance monitoring. ITS Object
MCM Field Equipment Maintenance 'MCM Field Equipment Maintenance' provides overall management and support for maintenance of field equipment on a roadway system, right-of-way, parking area, transit stop, or other areas where field equipment exists. Services include repair and maintenance of ITS field equipment in these areas (e.g., detectors and other sensors, cameras, dynamic message signs, electronic toll collection equipment, electronic clearance equipment, weigh-in-motion sensors, etc.). Maint and Constr Management Center
RSE Device Management 'RSE Device Management' provides executive control and monitoring of the RSE hardware and installed software applications. It monitors the operational status of the hardware and other attached field devices and detects and reports fault conditions. A back office interface supports application installation, upgrade, and configuration as well as remote control of the operating mode and hardware configuration settings and initiation of remote diagnostics. A local interface is provided to field personnel for local monitoring and diagnostics, supporting field maintenance, repair, and replacement. Connected Vehicle Roadside Equipment
SM Device Management 'SM Device Management' provides the functions necessary to manage devices, including network management, operational status monitoring, and application performance monitoring. Service Monitor System

Includes Information Flows:

Information Flow Description
equipment control commands System-level control commands issued to the RSE such as reset and remote diagnostics.
equipment maintenance request Identification of field equipment requiring repair and known information about the associated faults.
equipment maintenance status Current status of field equipment maintenance actions.
equipment status presentation Presentation of operational status of field equipment (sensors, signals, signs, controllers, etc.) to field personnel.
field personnel equipment input User input from field personnel that supports querying, controlling, and configuring field equipment.
RSE application information RSE application configuration data and parameters that are used to control applications and configure the application for a specific local use. This flow also supports remote control of the application so the application can be taken offline, reset, or restarted.
RSE application install/upgrade This flow supports remote installation and update of software applications residing in the RSE. It supports transmission of the secure software installation files, including executable application code and associated support files.
RSE application status Monitoring of RSE application status including current mode, operational status, and configuration settings. It includes the status of installed applications and the application-specific data provided by the RSE.
RSE configuration settings Control settings and parameters that are used to configure roadside equipment.
RSE fault data RSE fault information that can be used to identify RSEs that require initialization, reconfiguration, repair or replacement. This flow identifies the device, the nature of the fault, and associated error codes and diagnostic data.
RSE status Monitoring of RSE device status including current mode, operational status, and configuration settings. It includes device housekeeping/heartbeat monitoring and includes network information, the status of installed applications, the configuration of managed devices, cybersecurity and physical security status of the RSE.
service monitor information presentation Presentation of information to the System Monitoring Operator including current operational status of the System Monitoring function and the connected vehicle environment that is monitored.
service monitor operator input User input from the SMS operator including requests to monitor current system operation and inputs to affect system operation.
system status Monitoring of system device status including current mode, operational status, and configuration settings. It includes device housekeeping/heartbeat monitoring and includes network information, the status of installed applications, and the configuration of managed devices.

Goals and Objectives

Associated Planning Factors and Goals

Planning Factor Goal
G. Promote efficient system management and operation; Improve the efficiency of the surface transportation system
H. Emphasize the preservation of the existing transportation system; Maintain the highway infrastructure asset system in a state of good repair

Associated Objective Categories

Objective Category
Arterial Management: Traffic Signal Management
Freeway Management: Transportation Management Centers
Preservation: Preserve Existing Infrastructure

Associated Objectives and Performance Measures

Objective Performance Measure
Enhance asset and resource management Extended pavement life due to truck weight enforcement
Enhance asset and resource management Number of assets tracked in real-time
Enhance asset and resource management Percentage of fleet/equipment within lifecycle
Enhance asset and resource management Percentage of geographic jurisdiction covered by agency electronic communications
Enhance asset and resource management Percentage of maintenance activities completed in required time-frame
Enhance asset and resource management Rate at which equipment is utilized
Enhance asset and resource management Vehicle operating costs
Increase the level of transportation management center (TMC) field hardware (cameras, variable message signs, electronic toll tag readers, ITS applications, etc.) by X percent by year Y. Total amount of TMC equipment.
Increase the number of intersections running in a coordinated, closed-loop, or adaptive system by X percent in Y years. Number of intersections running in a coordinated, closed-loop, or adaptive system.
Increase the percent of regional transportation system monitored by the TMC for real-time performance. Percent of regional transportation system monitored by the TMC for real-time performance.
Maintain a program of evaluating X percent of signals for retiming every Y years. Number of traffic signals evaluated for retiming.


 
Since the mapping between objectives and service packages is not always straight-forward and often situation-dependent, these mappings should only be used as a starting point. Users should do their own analysis to identify the best service packages for their region.

Needs and Requirements

Need Functional Object Requirement
01 Maintenance personnel and system operators need to be able to track and manage the configuration of infrastructure field equipment. Center Connected Vehicle Infrastructure Management 04 The Center shall be capable of modifying the operational status of Connected Vehicle Roadside Equipment.
06 The Center shall be capable of installing software applications on Connected Vehicle Roadside Equipment.
FME On-Site Maintenance 04 The field device shall be capable of modifying the configuration of Connected Vehicle Roadside Equipment.
05 The field device shall be capable of installing software applications on Connected Vehicle Roadside Equipment.
06 The field device shall be capable of determining the configuration of Connected Vehicle Roadside Equipment.
07 The field device shall be capable of monitoring the operational status of Connected Vehicle Roadside Equipment
08 The field device shall be capable of modifying the operational status of Connected Vehicle Roadside Equipment.
MCM Field Equipment Maintenance 01 The center shall collect the status and fault data from the centers that operate the equipment, including data for traffic, infrastructure, and environmental sensors, highway advisory radio and dynamic message signs, automated roadway treatment systems, barrier and safeguard systems, cameras, traffic signals and override equipment, ramp meters, short range communications equipment, security sensors and surveillance equipment, etc..
RSE Device Management 01 The field element shall monitor the operational status (state of the device, configuration, and fault data) of connected sensors (such as traffic, infrastructure, environmental, security, speed) and devices (such as highway advisory radio, dynamic message signs, automated roadway treatment systems, barrier and safeguard systems, cameras, traffic signals, ramp meters, short range communications equipment, security surveillance equipment).
02 The field element shall send operational status of connected field equipment to the maintenance center.
04 The field element shall include a local interface that provides operational status and fault data for connected field equipment to field personnel.
06 The field element shall provide operational status information to the Service Monitor.
07 The field element shall implement configuration commands received from an authorized Center.
10 The field element shall implement configuration commands received from authorized Field Support Equipment.
SM Device Management 01 The service monitor system shall be capable of monitoring the operational status of Connected Vehicle Roadside Equipment
03 The service monitor system shall be capable of determining the configuration of Connected Vehicle Roadside Equipment.
02 System operators and maintenance personnel need to be able to detect, isolate and correct infrastructure field equipment service problems. Center Connected Vehicle Infrastructure Management 01 The Center shall be capable of monitoring the operational status of Connected Vehicle Roadside Equipment applications.
02 The Center shall be capable of modifying the operational status of Connected Vehicle Roadside Equipment applications.
03 The Center shall request Connected Vehicle Roadside Equipment maintenance actions from other responsible centers.
05 The Center shall track the status of Connected Vehicle Roadside Equipment maintenance actions.
07 The Center shall accept information from other Centers that indicates which Connected Vehicle Roadside Equipment needs maintenance.
MCM Field Equipment Maintenance 01 The center shall collect the status and fault data from the centers that operate the equipment, including data for traffic, infrastructure, and environmental sensors, highway advisory radio and dynamic message signs, automated roadway treatment systems, barrier and safeguard systems, cameras, traffic signals and override equipment, ramp meters, short range communications equipment, security sensors and surveillance equipment, etc..
02 The center shall collect the status and fault data from field equipment, such as traffic, infrastructure, and environmental sensors, highway advisory radio and dynamic message signs, automated roadway treatment systems, barrier and safeguard systems, cameras, traffic signals and override equipment, ramp meters, short range communications equipment, security sensors and surveillance equipment, etc.
03 The maintenance center shall create a cohesive view of field equipment repair needs based upon the status and fault information collected.
06 The center shall respond to requests from other centers for field equipment repair.
RSE Device Management 03 The field element shall send collected fault data to the maintenance center for repair.
04 The field element shall include a local interface that provides operational status and fault data for connected field equipment to field personnel.
05 The field element shall include a local interface that allows field personnel to command diagnostic tests on connected field equipment.
08 The field element shall implement operational status commands received from an authorized Center.
09 The field element shall implement operational status commands received from authorized Field Support Equipment.
SM Device Management 04 The service monitor system shall identify Connected Vehicle Roadside Equipment that requires maintenance (initialization, reconfiguration, repair or replacement).
05 The service monitor system shall notify other Centers which Connected Vehicle Roadside Equipment needs maintenance.
03 System operators need to be able to monitor the performance of equipment providing ITS services. ITS Management Support 05 The ITS Object shall provide its configuration and operational status information to the Service Monitor
MCM Field Equipment Maintenance 02 The center shall collect the status and fault data from field equipment, such as traffic, infrastructure, and environmental sensors, highway advisory radio and dynamic message signs, automated roadway treatment systems, barrier and safeguard systems, cameras, traffic signals and override equipment, ramp meters, short range communications equipment, security sensors and surveillance equipment, etc.
03 The maintenance center shall create a cohesive view of field equipment repair needs based upon the status and fault information collected.
05 The center shall report the status of field equipment maintenance activities to the centers that operate the equipment.
SM Device Management 06 The service monitor system shall monitor the configuration and operational status of ITS Objects.
04 System operators need to be able to monitor the physical security and cybersecurity of equipment providing ITS services. MCM Field Equipment Maintenance 03 The maintenance center shall create a cohesive view of field equipment repair needs based upon the status and fault information collected.
SM Device Management 02 The service monitor system shall be capable of monitoring physical security alarms from Connected Vehicle Roadside Equipment
07 The service monitor system shall be capable of monitoring the cybersecurity status of Connected Vehicle Roadside Equipment.

Related Sources

Document Name Version Publication Date
Core System & National ITS Architecture Documentation
Southeast Michigan Test Bed 2014 Concept of Operation Draft 12/29/2014


Security

In order to participate in this service package, each physical object should meet or exceed the following security levels.

Physical Object Security
Physical Object Confidentiality Integrity Availability Security Class
Center High High Moderate Class 4
Connected Vehicle Roadside Equipment High High High Class 5
Field Maintenance Equipment High High High Class 5
ITS Object High High High Class 5
Maint and Constr Management Center Moderate Moderate Moderate Class 2
Other Connected Vehicle Roadside Equipment Moderate Moderate Low Class 2
Service Monitor System High High High Class 5



In order to participate in this service package, each information flow triple should meet or exceed the following security levels.

Information Flow Security
Source Destination Information Flow Confidentiality Integrity Availability
Basis Basis Basis
Center Connected Vehicle Roadside Equipment equipment control commands High High Moderate
RSE control, configuration and software/firmware update should all be protected from view. A hostile third party could use this information to reverse engineer control/configuration/update processes, and use that information in an attack across a broad swatch of infrastructure, which would have severe effects to the connected vehicle infrastructure. RSE control, configuration and update need to be correct or the RSE may be misconfigured, which for some applications could have severe safety impacts. RSE control, configuration and update needs to be available; however the availability requirement is probably less than Integrity, as without this flow the RSE can continue to operate. The exception would be post-cyber attack, when this flow becomes critical. In a high threat environment, may raise this to HIGH.
Center Connected Vehicle Roadside Equipment RSE application information Moderate Moderate Low
This is a control flow, so should be obfuscated to make it more difficult for a 3rd party to manipulate the RSE. Control parameters need to be correct and not corrupted so that the owner of the RSE and the receiver of the RSE's data get what they need from it. This information probably does not need to be changed very often, and if it is not available then likely the flow it controls (emissions data flows to the DDS/EMC) are down as well.
Center Connected Vehicle Roadside Equipment RSE application install/upgrade High High Moderate
RSE control, configuration and software/firmware update should all be protected from view. A hostile third party could use this information to reverse engineer control/configuration/update processes, and use that information in an attack across a broad swatch of infrastructure, which would have severe effects to the connected vehicle infrastructure. RSE control, configuration and update need to be correct or the RSE may be misconfigured, which for some applications could have severe safety impacts. RSE control, configuration and update needs to be available; however the availability requirement is probably less than Integrity, as without this flow the RSE can continue to operate. The exception would be post-cyber attack, when this flow becomes critical. In a high threat environment, may raise this to HIGH.
Center Maint and Constr Management Center equipment maintenance request Moderate Moderate Moderate
Device operational status information should be known only by those entities that need to know for operations and maintenance. Allowing others to read this information may enable abuse of those systems, 3rd party monitoring of system status when that may not be desireable, and reverse engineering of this and similar information flows. If this data is incorrect or unavailable then maintenance assets may not be appropriately assigned, resulting in inefficient use of maintenance assets and higher overall downtime. If this data is incorrect or unavailable then maintenance assets may not be appropriately assigned, resulting in inefficient use of maintenance assets and higher overall downtime.
Connected Vehicle Roadside Equipment Center RSE application status Moderate Moderate Low
Device status information should not be viewable by third parties, as those with criminal intent may use this information toward their own ends. A delay in reporting this may cause a delay in necessary maintenance, but (a) this is not time-critical and (b) there are other channels for reporting malfunctioning. Additionally, there is a message received notification, which means that RSE can ensure that all intersection safety issues are delivered. A delay in reporting this may cause a delay in necessary maintenance, but (a) this is not time-critical and (b) there are other channels for reporting malfunctioning. Additionally, there is a message received notification, which means that RSE can ensure that all intersection safety issues are delivered.
Connected Vehicle Roadside Equipment Field Maintenance Equipment RSE status Moderate Moderate High
Will include some sort of identifier for the RSE and given the content of the flow this will indicate what operations the RSE is capable of. This should be considered actionable intelligence: if a hostile actor knows what field devices have particular capabilities, he can target an attack to maximum effect. Considered higher risk then similar field flows because of the communications capability inherent to the CVRSE. A delay in reporting this may cause a delay in necessary maintenance, but (a) this is not time-critical and (b) there are other channels for reporting malfunctioning. Additionally, there is a message received notification, which means that RSE can ensure that all intersection safety issues are delivered. Local connections must be fully available, as it suggests the presence of maintenance personnel attempting to work on the RSE. Without this interface, there is little the field personnel can do, effectively making the RSE useless.
Connected Vehicle Roadside Equipment Other Connected Vehicle Roadside Equipment RSE application information Moderate Moderate Low
This is a control flow, so should be obfuscated to make it more difficult for a 3rd party to manipulate the RSE. Control parameters need to be correct and not corrupted so that the owner of the RSE and the receiver of the RSE's data get what they need from it. This information probably does not need to be changed very often, and if it is not available then likely the flow it controls (emissions data flows to the DDS/EMC) are down as well.
Connected Vehicle Roadside Equipment Service Monitor System RSE status Moderate Moderate High
Will include some sort of identifier for the RSE and given the content of the flow this will indicate what operations the RSE is capable of. This should be considered actionable intelligence: if a hostile actor knows what field devices have particular capabilities, he can target an attack to maximum effect. Since this is used to monitor the health of the RSE, any corruption or modification of this information could lead to unnecessary maintenance activity, or delay necessary such activity. Impact will be limited to the RSEs who's flows were so affected. Local connections must be fully available, as it suggests the presence of maintenance personnel attempting to work on the RSE. Without this interface, there is little the field personnel can do, effectively making the RSE useless.
Field Maintenance Equipment Connected Vehicle Roadside Equipment equipment control commands High High High
RSE control, configuration and software/firmware update should all be protected from view. A hostile third party could use this information to reverse engineer control/configuration/update processes, and use that information in an attack across a broad swatch of infrastructure, which would have severe effects to the connected vehicle infrastructure. RSE control, configuration and update need to be correct or the RSE may be misconfigured, which for some applications could have severe safety impacts. RSE control, configuration and update needs to be available; field versions of these flows should always be available, which is why they are higher than the C2I versions.
Field Maintenance Equipment Connected Vehicle Roadside Equipment RSE application install/upgrade High High High
RSE control, configuration and software/firmware update should all be protected from view. A hostile third party could use this information to reverse engineer control/configuration/update processes, and use that information in an attack across a broad swatch of infrastructure, which would have severe effects to the connected vehicle infrastructure. RSE control, configuration and update need to be correct or the RSE may be misconfigured, which for some applications could have severe safety impacts. RSE control, configuration and update needs to be available; field versions of these flows should always be available, which is why they are higher than the C2I versions.
Field Maintenance Equipment Connected Vehicle Roadside Equipment RSE configuration settings High High High
RSE control, configuration and software/firmware update should all be protected from view. A hostile third party could use this information to reverse engineer control/configuration/update processes, and use that information in an attack across a broad swatch of infrastructure, which would have severe effects to the connected vehicle infrastructure. RSE control, configuration and update need to be correct or the RSE may be misconfigured, which for some applications could have severe safety impacts. RSE control, configuration and update needs to be available; field versions of these flows should always be available, which is why they are higher than the C2I versions.
Field Maintenance Equipment Maint and Constr Field Personnel equipment status presentation Moderate High High
System maintenance flows should have some protection from casual viewing, as otherwise imposters could gain illicit control over field equipment System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken. System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken.
ITS Object Service Monitor System system status High High High
System operational status information could be used to either initiate or confirm attacks, leading to significant downtime of related C-ITS systems. System status information needs the greatest possible correctness, as if it is incorrect then inappropriate actions may be triggered that, for large backoffice and core systems, have widespread repurcussions. Monitoring of system operational status has the highest possible needs for availability, as without an understanding of system state it is difficult to impossible to manage the system. This rating may be downgraded for end entities whose performance are not critical to high-value user needs.
Maint and Constr Field Personnel Field Maintenance Equipment field personnel equipment input Moderate High High
Field subsystem controls should not be casually viewable as they their observation could serve as ad-hoc training for would-be attackers, not to mention that this interface is likely to include an authentication/authorization mechanism such as a password that if compromised, could compromise the device. System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken. System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken.
Maint and Constr Management Center Center equipment maintenance status Moderate Moderate Moderate
Data is not overly sensitive, but is a bulk statement about the status of all field equipment managed by the maintenance center. A hostile actor could use this information in the commission of a crime, for instance by understanding which cameras were not working and thus what areas are not under surveillance. Center-based data exchanges are expected to be correct, and deserving of at leas some error checking. If this data is corrupted, the receiving center will be misinformed as to the state of field equipment maintenance. Depends on the update frequency required. Possibly LOW, depending on the amount of equipment and what this flow is used for at the terminus.
Other Connected Vehicle Roadside Equipment Connected Vehicle Roadside Equipment RSE application information Moderate Moderate Low
This is a control flow, so should be obfuscated to make it more difficult for a 3rd party to manipulate the RSE. Control parameters need to be correct and not corrupted so that the owner of the RSE and the receiver of the RSE's data get what they need from it. This information probably does not need to be changed very often, and if it is not available then likely the flow it controls (emissions data flows to the DDS/EMC) are down as well.
Service Monitor System Center RSE fault data Moderate Moderate Moderate
Device status information should not be viewable by third parties, as those with criminal intent may use this information toward their own ends. If incorrect or changed, could lead to inappropriate maintenance activity, which has a significant cost in itself and contributes negatively to system operational status. Scope is small, but impact significant if this occurs with many instances. A delay in reporting this may cause a delay in necessary maintenance. Considered higher availability requirement than the source flow (RSE status) because this information aggregates many instances of the source.
Service Monitor System Maint and Constr Management Center RSE fault data Moderate Moderate Moderate
Device status information should not be viewable by third parties, as those with criminal intent may use this information toward their own ends. If incorrect or changed, could lead to inappropriate maintenance activity, which has a significant cost in itself and contributes negatively to system operational status. Scope is small, but impact significant if this occurs with many instances. A delay in reporting this may cause a delay in necessary maintenance. Considered higher availability requirement than the source flow (RSE status) because this information aggregates many instances of the source.
Service Monitor System Service Monitor System Operator service monitor information presentation Not Applicable High High
System core flows should have some protection from casual viewing, as otherwise imposters could gain illicit control over core equipment Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system.
Service Monitor System Operator Service Monitor System service monitor operator input Not Applicable High High
System core flows should have some protection from casual viewing, as otherwise imposters could gain illicit control over core equipment Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system.

Standards

The following table lists the standards associated with physical objects in this service package. For standards related to interfaces, see the specific information flow triple pages.

Name Title Physical Object
ISO 21217 Architecture Intelligent transport systems -- Communications access for land mobiles (CALM) -- Architecture ITS Object
USDOT RSU Dedicated Short-Range Communications Roadside Unit Specifications (FHWA-JPO-17-589) Connected Vehicle Roadside Equipment