< < SU10 : SU11 : SU12 > >

SU11: Field Equipment Maintenance

This service package supports maintenance of ITS devices that are installed in the field. Like other support service packages, this SP is drawn at a high level of abstraction so the basic interfaces and functionality associated with maintaining field ITS assets can be applied to any field equipment. In particular, this service package supports maintenance of field subsystems like ITS Payment Equipment, Parking Management Systems, Traveler Support Equipment, and Commercial Vehicle Check Equipment where maintenance is not covered by a more specific Service Package. Two Field subsystems have more specific service packages associated with their maintenance: See MC05 for maintenance of ITS Roadway Equipment and SU01 for more specific interfaces associated with maintaining Connected Vehicle Roadside Equipment.

Relevant Regions: Australia, Canada, European Union, and United States

Enterprise

Development Stage Roles and Relationships

Installation Stage Roles and Relationships

Operations Stage Roles and Relationships
(hide)

Source Destination Role/Relationship
Center Manager Center Manages
Center Manager Center Personnel System Usage Agreement
Center Owner Center Owns
Center Owner Center Manager Operations Agreement
Center Owner Field Owner Information Exchange Agreement
Center Owner Maint and Constr Management Center Owner Information Exchange Agreement
Center Personnel Center Operates
Center Supplier Center Owner Warranty
Field Maintenance Equipment Manager Field Maintenance Equipment Manages
Field Maintenance Equipment Manager Maint and Constr Field Personnel System Usage Agreement
Field Maintenance Equipment Owner Field Maintenance Equipment Owns
Field Maintenance Equipment Owner Field Maintenance Equipment Manager Operations Agreement
Field Maintenance Equipment Owner Field Owner Information Exchange and Action Agreement
Field Maintenance Equipment Supplier Field Maintenance Equipment Owner Warranty
Field Manager Field Manages
Field Manager Field System Operator System Usage Agreement
Field Manager Maint and Constr Field Personnel System Usage Agreement
Field Owner Center Owner Information Exchange Agreement
Field Owner Field Owns
Field Owner Field Maintenance Equipment Owner Information Exchange and Action Agreement
Field Owner Field Manager Operations Agreement
Field Owner Maint and Constr Management Center Owner Information Exchange Agreement
Field Owner Service Monitor System Owner Information Provision Agreement
Field Supplier Field Owner Warranty
Field System Operator Field Operates
Maint and Constr Center Personnel Maint and Constr Management Center Operates
Maint and Constr Field Personnel Field Operates
Maint and Constr Field Personnel Field Maintenance Equipment Operates
Maint and Constr Management Center Manager Maint and Constr Center Personnel System Usage Agreement
Maint and Constr Management Center Manager Maint and Constr Management Center Manages
Maint and Constr Management Center Owner Center Owner Information Exchange Agreement
Maint and Constr Management Center Owner Field Owner Information Exchange Agreement
Maint and Constr Management Center Owner Maint and Constr Management Center Owns
Maint and Constr Management Center Owner Maint and Constr Management Center Manager Operations Agreement
Maint and Constr Management Center Supplier Maint and Constr Management Center Owner Warranty
Service Monitor System Manager Service Monitor System Manages
Service Monitor System Owner Center Owner Information Provision Agreement
Service Monitor System Owner Service Monitor System Owns
Service Monitor System Owner Service Monitor System Manager Operations Agreement
Service Monitor System Supplier Service Monitor System Owner Warranty

Maintenance Stage Roles and Relationships

Physical

The physical diagram can be viewed in SVG or PNG format and the current format is SVG.
SVG Diagram
PNG Diagram


Display Legend in SVG or PNG

Includes Physical Objects:

Physical Object Class Description
Center Center This general physical object is used to model core capabilities that are common to any center.
Center Personnel Center 'Center Personnel' represent system operators and other personnel that work within a transportation center. This interface supports modeling of general human interactions that are common to any center.
Field Field This general physical object is used to model core capabilities that are common to any piece of field equipment.
Field Maintenance Equipment Field 'Field Maintenance Equipment' represents the portable equipment used by field personnel to locally troubleshoot, initialize, reprogram, and test infrastructure equipment. It may include a laptop, specialized diagnostics tools, or any other general purpose or specialized equipment that is interfaced locally to infrastructure equipment to support maintenance and repair.
Field System Operator Field 'Field System Operator' represents the operators of field equipment such as parking management systems, intermodal terminals, and other field equipment that is supported by a local operator. The interface supports modeling of general human interface interactions that are common to all staffed field equipment.
Maint and Constr Center Personnel Center The people that directly interface with a Maintenance and Construction Management Center. These personnel interact with fleet dispatch and management systems, road maintenance systems, incident management systems, work plan scheduling systems, and work zone management systems. They provide operator data and command inputs to direct system operations to varying degrees depending on the type of system and the deployment scenario.
Maint and Constr Field Personnel Field Represents the people that perform maintenance and construction field activities including vehicle and equipment operators, field supervisory personnel, field crews, and work zone safety personnel. Information flowing from the Maintenance and Construction Field Personnel will include those system inputs specific to maintenance and construction operations, such as information regarding work zone status, or the status of maintenance actions. The field personnel are also monitored within the work zone to enhance work zone safety. Information provided to Maintenance and Construction Field Personnel includes dispatch requests, maintenance and construction actions to be performed, and work zone safety warnings.
Maint and Constr Management Center Center The 'Maint and Constr Management Center' monitors and manages roadway infrastructure construction and maintenance activities. Representing both public agencies and private contractors that provide these functions, this physical object manages fleets of maintenance, construction, or special service vehicles (e.g., snow and ice control equipment). The physical object receives a wide range of status information from these vehicles and performs vehicle dispatch, routing, and resource management for the vehicle fleets and associated equipment. The physical object participates in incident response by deploying maintenance and construction resources to an incident scene, in coordination with other center physical objects. The physical object manages equipment at the roadside, including environmental sensors and automated systems that monitor and mitigate adverse road and surface weather conditions. It manages the repair and maintenance of both non-ITS and ITS equipment including the traffic controllers, detectors, dynamic message signs, signals, and other equipment associated with the roadway infrastructure. Weather information is collected and fused with other data sources and used to support advanced decision support systems.

The physical object remotely monitors and manages ITS capabilities in work zones, gathering, storing, and disseminating work zone information to other systems. It manages traffic in the vicinity of the work zone and advises drivers of work zone status (either directly at the roadside or through an interface with the Transportation Information Center or Traffic Management Center physical objects.)

Construction and maintenance activities are tracked and coordinated with other systems, improving the quality and accuracy of information available regarding closures and other roadway construction and maintenance activities.
Service Monitor System Support The 'Service Monitor System' represents one or more center-based systems that provide monitoring, management and control services necessary to other applications and/or devices operating within the Connected Vehicle Environment. These support services enable other applications to provide transportation services.

Includes Functional Objects:

Functional Object Description Physical Object
Center Field Equipment Management 'Center Field Equipment Management' is the back office application that supports monitoring and maintenance of field equipment. It monitors the performance and configuration of the field equipment. This includes management of the infrastructure configuration as well as detection, isolation, and correction of field equipment problems. The application also includes monitoring of performance of the field equipment, including communications links. Center
Field System Executive 'Field System Executive' includes the operating system kernel and executive functions that manage the overall device software configuration and operation and support configuration management, computer resource management, and govern software installation and upgrade. Field
Field System Monitoring and Diagnostics 'Field System Monitoring and Diagnostics' includes background self-tests, diagnostics, watchdog timers, and other hardware and software that monitors the operating condition of field equipment. The status of the equipment and diagnostic information is provided to local maintenance personnel and the operating center. Field
FME On-Site Maintenance 'FME On-Site Maintenance' provides field personnel with diagnostic information from field equipment and provides the capability for field personnel to locally control and configure this equipment to support on-site installation, repair, and maintenance. Field Maintenance Equipment
MCM Field Equipment Maintenance 'MCM Field Equipment Maintenance' provides overall management and support for maintenance of field equipment on a roadway system, right-of-way, parking area, transit stop, or other areas where field equipment exists. Services include repair and maintenance of ITS field equipment in these areas (e.g., detectors and other sensors, cameras, dynamic message signs, electronic toll collection equipment, electronic clearance equipment, weigh-in-motion sensors, etc.). Maint and Constr Management Center
SM Device Management 'SM Device Management' provides the functions necessary to manage devices, including network management, operational status monitoring, and application performance monitoring. Service Monitor System

Includes Information Flows:

Information Flow Description
center operator data Data presented to a center operator. This flow represents general status output and other data that broadly applies to transportation centers.
center operator input Input from a center operator. This flow represents operator input that broadly applies to transportation centers.
equipment maintenance request Identification of field equipment requiring repair and known information about the associated faults.
equipment maintenance status Current status of field equipment maintenance actions.
field equipment commands System-level control commands issued to field equipment such as reset and remote diagnostics.
field equipment configuration settings Control settings and parameters that are used to configure field equipment.
field equipment fault data Field equipment fault information that can be used to identify field equipment that requires initialization, reconfiguration, repair or replacement. This flow identifies the device, the nature of the fault, and associated error codes and diagnostic data.
field equipment software install/upgrade This flow supports installation and update of software residing in ITS roadway equipment. It supports download of the software installation files, including executable code and associated support files.
field equipment status Reports from field equipment (sensors, signals, signs, controllers, etc.) which indicate current operational status.
field equipment status presentation Presentation of operational status of field equipment (sensors, signals, signs, controllers, etc.) to field personnel.
field personnel equipment input User input from field personnel that supports querying, controlling, and configuring field equipment.
maint and constr center personnel input User input from maintenance and construction center personnel including routing information, scheduling data, dispatch instructions, device configuration and control, resource allocations, alerts, incident and emergency response plan coordination.
maint and constr operations information presentation Presentation of maintenance and construction operations information to center personnel. This information includes maintenance resource status (vehicles, equipment, and personnel), work schedule information, work status, road and weather conditions, traffic information, incident information and associated resource requests, security alerts, emergency response plans and a range of other information that supports efficient maintenance and construction operations and planning.

Goals and Objectives

Associated Planning Factors and Goals

Planning Factor Goal
H. Emphasize the preservation of the existing transportation system; Maintain the highway infrastructure asset system in a state of good repair

Associated Objective Categories

Objective Category
Preservation: Preserve Existing Infrastructure

Associated Objectives and Performance Measures

Objective Performance Measure
Distressed pavement condition lane-miles not to exceed X percent of total state highway system Distressed pavement condition lane miles
Enhance asset and resource management Extended pavement life due to truck weight enforcement
Enhance asset and resource management Number of assets tracked in real-time
Enhance asset and resource management Percentage of fleet/equipment within lifecycle
Enhance asset and resource management Percentage of geographic jurisdiction covered by agency electronic communications
Enhance asset and resource management Percentage of maintenance activities completed in required time-frame
Enhance asset and resource management Rate at which equipment is utilized
Enhance asset and resource management Vehicle operating costs
Maintain pavement condition index (PCI) of X or greater for local streets and roads Pavement condition index
Percentage of NHS bridges in Good condition to exceed X percent Percentage of NHS bridges in Good condition
Percentage of NHS bridges in Poor condition not to exceed X percent Percentage of NHS bridges in Poor condition
Percentage of pavements in Good condition to exceed X percent of the Interstate System Percentage of pavements in Good condition (Interstate System)
Percentage of pavements in Good condition to exceed X percent of the non-Interstate NHS Percentage of pavements in Good condition (non-Interstate NHS)
Percentage of pavements in Poor condition not to exceed X percent of the Interstate System Percentage of pavements in Poor condition (Interstate System)
Percentage of pavements in Poor condition not to exceed X percent of the non-Interstate NHS Percentage of pavements in Poor condition (non-Interstate NHS)
Reduce commercial vehicle size and weight violations Number of size and weight violations


 
Since the mapping between objectives and service packages is not always straight-forward and often situation-dependent, these mappings should only be used as a starting point. Users should do their own analysis to identify the best service packages for their region.

Needs and Requirements

Need Functional Object Requirement
01 Operating agencies need to be able to maintain ITS devices that are installed in the field so that the devices continue to operate as designed. Center Field Equipment Management 02 The center shall create a cohesive view of field equipment repair needs based upon the status and fault information collected.
MCM Field Equipment Maintenance 06 The center shall respond to requests from other centers for field equipment repair.
02 Operating agencies need to be able to perform the maintenance on ITS devices remotely or in the field. Center Field Equipment Management 04 The center shall be able to request maintenance actions of the center responsible for field equipment maintenance.
05 The center shall allow center personnel to manage the maintenance of field equipment.
FME On-Site Maintenance 09 The field device shall obtain diagnostic information from other field equipment in order to diagnose problems identified in the field equipment.
10 The field device shall provide an interface for field personnel to view outputs or provide inputs.
11 The field device shall be able to locally control and configure other field equipment to support on-site installation, repair, and maintenance.
12 The field device shall collect diagnostic information from other field equipment.  
MCM Field Equipment Maintenance 05 The center shall report the status of field equipment maintenance activities to the centers that operate the equipment.
03 Operating agencies need to be able to monitor the status of field equipment in order to diagnose problems that may occur during operations. Center Field Equipment Management 01 The center shall collect the status and fault data from field equipment, such as traffic, infrastructure, and environmental sensors, highway advisory radio and dynamic message signs, automated roadway treatment systems, barrier and safeguard systems, cameras, traffic signals and override equipment, ramp meters, short range communications equipment, security sensors and surveillance equipment, etc..
02 The center shall create a cohesive view of field equipment repair needs based upon the status and fault information collected.
Field System Monitoring and Diagnostics 01 The field device shall be able to monitor the operating conditions of itself and other field devices under its control in order to determine if any operational problems are occurring.
02 The field device shall be able to perform diagnostic tests in order to determine operational issues with itself or other field devices under its control.
03 The field device shall be able to provide the status data and diagnostic information to field personnel.
04 The field device shall be able to provide the status data and diagnostic information to remote centers.
MCM Field Equipment Maintenance 01 The center shall collect the status and fault data from the centers that operate the equipment, including data for traffic, infrastructure, and environmental sensors, highway advisory radio and dynamic message signs, automated roadway treatment systems, barrier and safeguard systems, cameras, traffic signals and override equipment, ramp meters, short range communications equipment, security sensors and surveillance equipment, etc..
02 The center shall collect the status and fault data from field equipment, such as traffic, infrastructure, and environmental sensors, highway advisory radio and dynamic message signs, automated roadway treatment systems, barrier and safeguard systems, cameras, traffic signals and override equipment, ramp meters, short range communications equipment, security sensors and surveillance equipment, etc.
03 The maintenance center shall create a cohesive view of field equipment repair needs based upon the status and fault information collected.
SM Device Management 10 The service monitor system shall monitor the status of field equipment.
11 The service monitor system shall notify transportation centers of any faults detected in the operational status of field equipment.
04 Operating agencies need to be able to adjust configuration of field equipment as well as perform installation or upgrade of software used by the field equipment. Center Field Equipment Management 03 The center shall be able to provide control commands, configuration updates, software installation, or software upgrades for field devices under management of the center.
Field System Executive 01 The field device software shall include an operating system kernel and executive functions that manage the overall device software configuration and operation and support configuration management, computer resource management, and govern software installation and upgrade.
02 The field device shall allow its device software to be installed or upgraded by a remote center.
03 The field device shall allow its device software to be installed or updated by personnel in the field.
04 The field device shall allow its software configuration to be revised by a remote center.
05 The field device shall allow its software configuration to be revised by personnel in the field.
MCM Field Equipment Maintenance 04 The center shall be able to provide control commands, configuration updates, or software installation or upgrade for field devices under management of the center.
05 Transportation agencies need to be able to support both hardware and software maintenance of ITS public devices that are installed in traveler environments like transit stations and other public areas frequented by travelers Center Field Equipment Management 04 The center shall be able to request maintenance actions of the center responsible for field equipment maintenance.
05 The center shall allow center personnel to manage the maintenance of field equipment.
06 Transportation agencies need to be able to perform the maintenance on ITS public devices remotely or in the field. Center Field Equipment Management 04 The center shall be able to request maintenance actions of the center responsible for field equipment maintenance.
05 The center shall allow center personnel to manage the maintenance of field equipment.
MCM Field Equipment Maintenance 05 The center shall report the status of field equipment maintenance activities to the centers that operate the equipment.
07 Transportation agencies need to be able to perform maintenance on ITS public devices such as configuration adjustments or software installation or upgrade. Center Field Equipment Management 04 The center shall be able to request maintenance actions of the center responsible for field equipment maintenance.
05 The center shall allow center personnel to manage the maintenance of field equipment.

Related Sources

Document Name Version Publication Date
ITS User Services Document 1/1/2005


Security

In order to participate in this service package, each physical object should meet or exceed the following security levels.

Physical Object Security
Physical Object Confidentiality Integrity Availability Security Class
Center Moderate High Moderate Class 3
Field Moderate Moderate High Class 5
Field Maintenance Equipment Moderate High High Class 5
Maint and Constr Management Center Moderate High Moderate Class 3
Service Monitor System Moderate Moderate Moderate Class 2



In order to participate in this service package, each information flow triple should meet or exceed the following security levels.

Information Flow Security
Source Destination Information Flow Confidentiality Integrity Availability
Basis Basis Basis
Center Center Personnel center operator data High High High
Direct interactions between personnel and systems in a backoffice environment are effectively protected by physical means, so long as the interaction is in a dedicated facility. If this interaction is virtual (i.e. ,the center is not directly in front of the Center Personnel, like in a cloud-based system) then the user's input requires some degree of obfuscation depending on sensitivity of information. Given that this could include information about compromised or ineffectual systems, including security systems, the potential for damage is high. Thus, HIGH. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system.
Center Field field equipment commands Low Moderate Moderate
Commands could be sensitive, however this flow is local, meaning the Field Support Equipment is proximate to the ITS Roadway Equipment. Thus the risk of interception should be low. There may also be constraints on this flow that require this information to be transmitted in the clear. Commands to Field Equipment must be authenticated as having come from a source entitled to issue that command, or roadway equipment may be comprimised. Similarly, commands and configuration must be guaranteed to be correct; not manipulated midstream or corrupted, or the roadway equipment may be mis-configured or compromised. The ability to remotely diagnose and configure devices is inherent to their successful operation. If this link is down it either suggests or will prompt field maintenance activity, which has a non-trivial cost and resource impact.
Center Field field equipment configuration settings Moderate Moderate Moderate
Commands could be sensitive; monitoring of center-based control could enable an attacker's situational awareness, thus should be MODERATE. Commands to Field Equipment must be authenticated as having come from a source entitled to issue that command, or roadway equipment may be comprimised. Similarly, commands and configuration must be guaranteed to be correct; not manipulated midstream or corrupted, or the roadway equipment may be mis-configured or compromised. The ability to remotely diagnose and configure devices is inherent to their successful operation. If this link is down it either suggests or will prompt field maintenance activity, which has a non-trivial cost and resource impact.
Center Field field equipment software install/upgrade Moderate High Moderate
Field equipment software could be sensitive, both from a vulnerability assessment standpoint and because the software itself may be competition-sensitive. Software updates to Roadway Equipment must be authenticated as having come from a source entitled to provide that software, or roadway equipment may be comprimised. Similarly, such software must be guaranteed to being the intent of the originator; not manipulated midstream or corrupted, or the roadway equipment may be mis-configured or compromised. The ability to remotely update and configure devices is inherent to their successful operation. If this link is down it either suggests or will prompt field maintenance activity, which has a non-trivial cost and resource impact.
Center Maint and Constr Management Center equipment maintenance request Moderate Moderate Moderate
Device operational status information should be known only by those entities that need to know for operations and maintenance. Allowing others to read this information may enable abuse of those systems, 3rd party monitoring of system status when that may not be desireable, and reverse engineering of this and similar information flows. If this data is incorrect or unavailable then maintenance assets may not be appropriately assigned, resulting in inefficient use of maintenance assets and higher overall downtime. If this data is incorrect or unavailable then maintenance assets may not be appropriately assigned, resulting in inefficient use of maintenance assets and higher overall downtime.
Center Personnel Center center operator input High High High
Direct interactions between personnel and systems in a backoffice environment are effectively protected by physical means, so long as the interaction is in a dedicated facility. If this interaction is virtual (i.e. ,the center is not directly in front of the Center Personnel, like in a cloud-based system) then the user's input requires some degree of obfuscation depending on sensitivity of information. Given that this could include information about compromised or ineffectual systems, including security systems, the potential for damage is high. Thus, HIGH. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system.
Field Center field equipment status Moderate Moderate Moderate
The operational state of field devices, if known to an attacker or individual with criminal intent, could be used to facilitate the commission of a crime. Individual devices may be more or less important in this context; for example knowing whether a security camera is operating is probably more relevant to the criminal than knowing if the DMS is operating, though the latter could still be useful info. Instances of this flow that are local minimize this risk however, so for these local flows Confidentiality is considered LOW. If incorrect or changed, could lead to inappropriate maintenance activity, which has a significant cost in itself and contributes negatively to system operational status. This must be timely to support operational uptime requirements. Lack of monitoring will lead to less uptime, which will impact security, mobility and in some cases, safety.
Field Field Maintenance Equipment field equipment status Low Moderate High
The operational state of field devices, if known to an attacker or individual with criminal intent, could be used to facilitate the commission of a crime. Individual devices may be more or less important in this context; for example knowing whether a security camera is operating is probably more relevant to the criminal than knowing if the DMS is operating, though the latter could still be useful info. Instances of this flow that are local minimize this risk however, so for these local flows Confidentiality is considered LOW. If incorrect or changed, could lead to inappropriate maintenance activity, which has a significant cost in itself and contributes negatively to system operational status. This must be timely to support operational uptime requirements. Lack of monitoring will lead to less uptime, which will impact security, mobility and in some cases, safety.
Field Field System Operator field equipment status presentation Moderate High High
System maintenance flows should have some protection from casual viewing, as otherwise imposters could gain illicit control over field equipment System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken. System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken.
Field Maint and Constr Field Personnel field equipment status presentation Moderate High High
System maintenance flows should have some protection from casual viewing, as otherwise imposters could gain illicit control over field equipment System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken. System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken.
Field Maint and Constr Management Center field equipment status Moderate Moderate Moderate
The operational state of field devices, if known to an attacker or individual with criminal intent, could be used to facilitate the commission of a crime. Individual devices may be more or less important in this context; for example knowing whether a security camera is operating is probably more relevant to the criminal than knowing if the DMS is operating, though the latter could still be useful info. Instances of this flow that are local minimize this risk however, so for these local flows Confidentiality is considered LOW. If incorrect or changed, could lead to inappropriate maintenance activity, which has a significant cost in itself and contributes negatively to system operational status. This must be timely to support operational uptime requirements. Lack of monitoring will lead to less uptime, which will impact security, mobility and in some cases, safety.
Field Service Monitor System field equipment status Moderate Moderate Moderate
The operational state of field devices, if known to an attacker or individual with criminal intent, could be used to facilitate the commission of a crime. Individual devices may be more or less important in this context; for example knowing whether a security camera is operating is probably more relevant to the criminal than knowing if the DMS is operating, though the latter could still be useful info. Instances of this flow that are local minimize this risk however, so for these local flows Confidentiality is considered LOW. If incorrect or changed, could lead to inappropriate maintenance activity, which has a significant cost in itself and contributes negatively to system operational status. This must be timely to support operational uptime requirements. Lack of monitoring will lead to less uptime, which will impact security, mobility and in some cases, safety.
Field Maintenance Equipment Field field equipment commands Low Moderate High
Commands could be sensitive, however this flow is local, meaning the Field Support Equipment is proximate to the ITS Roadway Equipment. Thus the risk of interception should be low. There may also be constraints on this flow that require this information to be transmitted in the clear. Commands to ITS Roadway Equipment must be authenticated as having come from a source entitled to issue that command, or roadway equipment may be comprimised. Similarly, commands and configuration must be guaranteed to be correct; not manipulated midstream or corrupted, or the roadway equipment may be mis-configured or compromised. Without the ability to locally diagnose, operate, update and configure ITS Roadway Equipment, the equipment is effectively out of control and would have to be taken out of service.
Field Maintenance Equipment Field field equipment configuration settings Moderate Moderate Moderate
Configuration settings could be sensitive; if an attacker knows precisely how a device is configured, it may facilitate an attack. Commands to ITS Roadway Equipment must be authenticated as having come from a source entitled to issue that command, or roadway equipment may be comprimised. Similarly, commands and configuration must be guaranteed to be correct; not manipulated midstream or corrupted, or the roadway equipment may be mis-configured or compromised. The ability to remotely diagnose and configure devices is inherent to their successful operation. If this link is down it either suggests or will prompt field maintenance activity, which has a non-trivial cost and resource impact.
Field Maintenance Equipment Field field equipment software install/upgrade Moderate High High
Field equipment software could be sensitive, both from a vulnerability assessment standpoint and because the software itself may be competition-sensitive. Software updates to Roadway Equipment must be authenticated as having come from a source entitled to provide that software, or roadway equipment may be comprimised. Similarly, such software must be guaranteed to being the intent of the originator; not manipulated midstream or corrupted, or the roadway equipment may be mis-configured or compromised. Without the ability to locally diagnose, operate, update and configure ITS Roadway Equipment, the equipment is effectively out of control and would have to be taken out of service.
Field Maintenance Equipment Maint and Constr Field Personnel field equipment status presentation Moderate High High
System maintenance flows should have some protection from casual viewing, as otherwise imposters could gain illicit control over field equipment System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken. System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken.
Field System Operator Field field personnel equipment input Moderate Moderate High
Field subsystem controls should not be casually viewable as they their observation could serve as ad-hoc training for would-be attackers, not to mention that this interface is likely to include an authentication/authorization mechanism such as a password that if compromised, could compromise the device. Since any direct interaction with field infrastructure will impact control, configuration and certainly operations of the device, there must be some assurance that such commands are correct. Without direct local control the device is effectively uncontrolled.
Maint and Constr Center Personnel Maint and Constr Management Center maint and constr center personnel input High High High
Direct interactions between personnel and systems in a backoffice environment are effectively protected by physical means, so long as the interaction is in a dedicated facility. If this interaction is virtual (i.e. ,the MCMC is not directly in front of the MCMC Personnel, like in a cloud-based system) then the user's input requires some degree of obfuscation depending on sensitivity of information. Given that this could include information about compromised or ineffectual systems, including security systems, the potential for damage is high. Thus, HIGH. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system. Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system.
Maint and Constr Field Personnel Field field personnel equipment input Moderate High High
Field subsystem controls should not be casually viewable as they their observation could serve as ad-hoc training for would-be attackers, not to mention that this interface is likely to include an authentication/authorization mechanism such as a password that if compromised, could compromise the device. System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken. System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken.
Maint and Constr Field Personnel Field Maintenance Equipment field personnel equipment input Moderate High High
Field subsystem controls should not be casually viewable as they their observation could serve as ad-hoc training for would-be attackers, not to mention that this interface is likely to include an authentication/authorization mechanism such as a password that if compromised, could compromise the device. System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken. System maintenance flows are the primary interface between field personnel and field equipment, and must present accurate data or inappropriate maintenance actions may be taken.
Maint and Constr Management Center Center equipment maintenance status Moderate Moderate Moderate
Data is not overly sensitive, but is a bulk statement about the status of all field equipment managed by the maintenance center. A hostile actor could use this information in the commission of a crime, for instance by understanding which cameras were not working and thus what areas are not under surveillance. Center-based data exchanges are expected to be correct, and deserving of at leas some error checking. If this data is corrupted, the receiving center will be misinformed as to the state of field equipment maintenance. Depends on the update frequency required. Possibly LOW, depending on the amount of equipment and what this flow is used for at the terminus.
Maint and Constr Management Center Field field equipment commands Low Moderate Moderate
Commands could be sensitive, however this flow is local, meaning the Field Support Equipment is proximate to the ITS Roadway Equipment. Thus the risk of interception should be low. There may also be constraints on this flow that require this information to be transmitted in the clear. Commands to Field Equipment must be authenticated as having come from a source entitled to issue that command, or roadway equipment may be comprimised. Similarly, commands and configuration must be guaranteed to be correct; not manipulated midstream or corrupted, or the roadway equipment may be mis-configured or compromised. The ability to remotely diagnose and configure devices is inherent to their successful operation. If this link is down it either suggests or will prompt field maintenance activity, which has a non-trivial cost and resource impact.
Maint and Constr Management Center Field field equipment configuration settings Moderate Moderate Moderate
Configuration settings could be sensitive; if an attacker knows precisely how a device is configured, it may facilitate an attack. Commands to Field Equipment must be authenticated as having come from a source entitled to issue that command, or roadway equipment may be comprimised. Similarly, commands and configuration must be guaranteed to be correct; not manipulated midstream or corrupted, or the roadway equipment may be mis-configured or compromised. The ability to remotely diagnose and configure devices is inherent to their successful operation. If this link is down it either suggests or will prompt field maintenance activity, which has a non-trivial cost and resource impact.
Maint and Constr Management Center Field field equipment software install/upgrade Moderate High Moderate
Field equipment software could be sensitive, both from a vulnerability assessment standpoint and because the software itself may be competition-sensitive. Software updates to Roadway Equipment must be authenticated as having come from a source entitled to provide that software, or roadway equipment may be comprimised. Similarly, such software must be guaranteed to being the intent of the originator; not manipulated midstream or corrupted, or the roadway equipment may be mis-configured or compromised. The ability to remotely update and configure devices is inherent to their successful operation. If this link is down it either suggests or will prompt field maintenance activity, which has a non-trivial cost and resource impact.
Maint and Constr Management Center Maint and Constr Center Personnel maint and constr operations information presentation Not Applicable Moderate Moderate
System maintenance flows should have some protection from casual viewing, as otherwise imposters could gain illicit control over field equipment Information presented to backoffice system operators must be consistent or the operator may perform actions that are not appropriate to the real situation. The backoffice system operator should have access to system operation. If this interface is down then control is effectively lost, as without feedback from the system the operator has no way of knowing what is the correct action to take.
Service Monitor System Center field equipment fault data Moderate Moderate Moderate
Device status information should not be viewable by third parties, as those with criminal intent may use this information toward their own ends. If incorrect or changed, could lead to inappropriate maintenance activity, which has a significant cost in itself and contributes negatively to system operational status. Scope is small, but impact significant if this occurs with many instances. A delay in reporting this may cause a delay in necessary maintenance. Considered higher availability requirement than the source flow (RSE status) because this information aggregates many instances of the source.

Standards

Currently, there are no standards associated with the physical objects in this service package. For standards related to interfaces, see the specific information flow triple pages.