< < SU13 : SU14 : SU15 > >

SU14: Remote Access

This service package allows system operators and other ITS users to access user interfaces remotely, using a local device to provide secure remote access via a Virtual Private Network (VPN). Through this mechanism, an operator can 'operate' a system from a remote location, as if he were physically in the center.

Relevant Regions: Australia, Canada, European Union, and United States

Enterprise
Functional
Physical
Goals and Objectives
Needs and Requirements
Sources
Security
Standards
System Requirements

Enterprise

Development Stage Roles and Relationships
(hide)

Source	Destination	Role/Relationship
Center Developer	Center	Develops (hide) An Enterprise creates the target Resource or Document. The Enterprise that engineers a traffic signal controller (ITS Roadway Equipment), or designs a vehicle (Basic Vehicle) or authors a technical standard will have the Develops role.
Center Developer	Remote Access Device Developer	Application Interface Specification (hide) The definition of an interface between two application components that operate on two distinct pieces of hardware. The Application Interface Specification is specific to the application in question.
Remote Access Device Developer	Center Developer	Application Interface Specification (hide) The definition of an interface between two application components that operate on two distinct pieces of hardware. The Application Interface Specification is specific to the application in question.
Remote Access Device Developer	Remote Access Device	Develops (hide) An Enterprise creates the target Resource or Document. The Enterprise that engineers a traffic signal controller (ITS Roadway Equipment), or designs a vehicle (Basic Vehicle) or authors a technical standard will have the Develops role.

Installation Stage Roles and Relationships
(hide)

Source	Destination	Role/Relationship
Center Installer	Center	Installs (hide) An Enterprise performs the initial delivery, integration and configuration of the target Resource. This might be a system integrator, a state DOT Enterprise performing its own installation, or a device supplier that performs on-site installation.
Center Owner	Center Installer	Installation Agreement (hide) An agreement whereupon one party installs a system on behalf of a second party.
Center Owner	Center Verifier	Verification Agreement (hide) An agreement for one party to verify that a system owned by the second party operates according to the system's design.
Remote Access Device Installer	Remote Access Device	Installs (hide) An Enterprise performs the initial delivery, integration and configuration of the target Resource. This might be a system integrator, a state DOT Enterprise performing its own installation, or a device supplier that performs on-site installation.
Remote Access Device Owner	Remote Access Device Installer	Installation Agreement (hide) An agreement whereupon one party installs a system on behalf of a second party.
Remote Access Device Owner	Remote Access Device Verifier	Verification Agreement (hide) An agreement for one party to verify that a system owned by the second party operates according to the system's design.

Operations and Maintenance Stage Roles and Relationships
(hide)

Source	Destination	Role/Relationship
Center Maintainer	Center	Maintains (hide) An Enterprise administers the hardware and software that comprise the target Resource. The entity that takes the 'maintains' role typically is delegated authority by the entity with the "Owns" or "Manages" roles, depending on the environment. The maintainer interacts with the target Resource so as to keep that Resource in the Operational state.
Center Manager	Center	Manages (hide) The Enterprise that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This authority is typically delegated by the Enterprise with the "Owns" role, and commonly accomplished by delegation to Human E-Objects with the "operates", "installs" or "maintains" roles, depending on the context.
Center Manager	Center Personnel	System Usage Agreement (hide) An agreement granting operational use of a system to a Human with the operates role responsible for management of the system.
Center Owner	Center Maintainer	System Maintenance Agreement (hide) An agreement for one party to maintain the operational status of a system on behalf of the party with ownership control of the system.
Center Owner	Center Manager	Operations Agreement (hide) An agreement where one entity agrees to operate a device or application on behalf of another, device/application controlling entity.
Center Owner	Center Personnel	Application Usage Agreement (hide) An agreement in which one entity that controls an application component's use gives the other entity the necessary tools and permission to operate that application or application component.
Center Owner	Remote Access Device Maintainer	Maintenance Data Exchange Agreement (hide) An agreement that states one entity will provide data related to maintenance of an application component to the other entity.
Center Owner	Remote Access Device Owner	Information Provision Agreement (hide) An agreement where one party agrees to provide information to another party. This is a unidirectional agreement.
Center Owner	Remote Access Device User	Service Usage Agreement (hide) An agreement between the provider of a service and a user. Stipulates the terms and conditions of service usage.
Center Personnel	Center	Operates (hide) A Human that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This is the person at the console or behind the wheel.
Center Personnel	Remote Access Device	Operates (hide) A Human that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This is the person at the console or behind the wheel.
Center Supplier	Center Owner	Warranty (hide) A guarantee or promise made by one entity to another, that provides assurance of the functionality and performance of a subsystem.
Remote Access Device Maintainer	Remote Access Device	Maintains (hide) An Enterprise administers the hardware and software that comprise the target Resource. The entity that takes the 'maintains' role typically is delegated authority by the entity with the "Owns" or "Manages" roles, depending on the environment. The maintainer interacts with the target Resource so as to keep that Resource in the Operational state.
Remote Access Device Manager	Center Personnel	System Usage Agreement (hide) An agreement granting operational use of a system to a Human with the operates role responsible for management of the system.
Remote Access Device Manager	Remote Access Device	Manages (hide) The Enterprise that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This authority is typically delegated by the Enterprise with the "Owns" role, and commonly accomplished by delegation to Human E-Objects with the "operates", "installs" or "maintains" roles, depending on the context.
Remote Access Device Owner	Center Maintainer	Maintenance Data Exchange Agreement (hide) An agreement that states one entity will provide data related to maintenance of an application component to the other entity.
Remote Access Device Owner	Center Owner	Information Provision and Action Agreement (hide) An agreement where one party agrees to provide information to another party. This is a unidirectional agreement. This also includes a specification for action that shall, should or may be taken by one party in response to this information.
Remote Access Device Owner	Center Personnel	Application Usage Agreement (hide) An agreement in which one entity that controls an application component's use gives the other entity the necessary tools and permission to operate that application or application component.
Remote Access Device Owner	Center User	Service Usage Agreement (hide) An agreement between the provider of a service and a user. Stipulates the terms and conditions of service usage.
Remote Access Device Owner	Remote Access Device Maintainer	System Maintenance Agreement (hide) An agreement for one party to maintain the operational status of a system on behalf of the party with ownership control of the system.
Remote Access Device Owner	Remote Access Device Manager	Operations Agreement (hide) An agreement where one entity agrees to operate a device or application on behalf of another, device/application controlling entity.
Remote Access Device Supplier	Remote Access Device Owner	Warranty (hide) A guarantee or promise made by one entity to another, that provides assurance of the functionality and performance of a subsystem.

Functional

This service package includes the following Functional View PSpecs:

Physical Object	Functional Object	PSpec Number	PSpec Name
Center	Center Remote Access	10.5.1.7	Provide VPN Connection to Remote Operators
Remote Access Device	Remote Access	10.5.1.8	Provide Remote Operator Access

Physical

The physical diagram can be viewed in SVG or PNG format and the current format is SVG.
SVG Diagram
PNG Diagram

Display Legend in SVG or PNG

Includes Physical Objects:

Physical Object	Class	Description
Center	Center	This general physical object is used to model core capabilities that are common to any center.
Center Personnel	Center	'Center Personnel' represent system operators and other personnel that work within a transportation center. This interface supports modeling of general human interactions that are common to any center.
Remote Access Device	Personal	The 'Remote Access Device' allows a system operator/user outside a physical center to remotely access a center or support system and interact with that system as if the operator was in the center. This requires a secure, authenticated Virtual Private Network (VPN) connection between the Remote Access Device and the center or support system.

Includes Functional Objects:

Functional Object	Description	Physical Object
Center Remote Access	'Center Remote Access' provides remote access to system operators outside the center.	Center
Remote Access	'Remote Access' provides remote access to system operators outside the center, allowing a remote system operator to interact with a center or support system as if he were local.	Remote Access Device

Includes Information Flows:

Information Flow	Description
center operator data	Data presented to a center operator. This flow represents general status output and other data that broadly applies to transportation centers.
center operator input	Input from a center operator. This flow represents operator input that broadly applies to transportation centers.
secure center operator data	Operator data normally provided to a local operator within a center. In this case, the data is provided securely to a remote operator via VPN.
secure center operator input	Operator inputs provided via VPN to a remote center.

Goals and Objectives

Associated Planning Factors and Goals

Planning Factor	Goal
C. Increase the security of the transportation system for motorized and nonmotorized users;	Improve security

Associated Objective Categories

Objective Category
Security: Crime
Security: Terrorism, Natural Disasters, and Hazardous Material Incidents

Associated Objectives and Performance Measures

Objective	Performance Measure
Reduce security risks to transportation infrastructure	Number of critical sites with hardened security enhancements
Reduce security risks to transportation infrastructure	Number of critical sites with security surveillance
Reduce security risks to transportation infrastructure	Number of security incidents on transportation infrastructure

Since the mapping between objectives and service packages is not always straight-forward and often situation-dependent, these mappings should only be used as a starting point. Users should do their own analysis to identify the best service packages for their region.

Needs and Requirements

Need		Functional Object	Requirement
01	System operators need to securely interact with their center or support system while operating remotely.	Center Remote Access	01	The Center shall establish a secure (encrypted and authenticated) virtual private network (VPN) connection with the remote operator via their Remote Access Device.
			02	The Center shall receive operator commands from the Remote Access Device over the VPN and execute those commands locally
			03	The Center shall forward all display updates via the VPN to the Remote Access Device.
			04	The Center shall close the VPN session and the connection when the remote operator logs out.
		Remote Access	01	The Remote Access Device shall establish a secure (encrypted and authenticated) virtual private network (VPN) connection with the remote system.
			02	The Remote Access Device shall accept user commands for the remote system and provide these commands securely over the VPN.
			03	The Remote Access Device shall receive all remote display updates and provide these updates to the operator.
			04	The Remote Access Device shall close the VPN session and the connection when the operator logs out.
			05	The device shall present decrypted information received from the remote service to the operator.
			06	The device shall accept information from the operator.
			07	The device shall accept encrypted information from the remote service.
			08	The device shall provide information received from the operator to the remote service in encrypted form.

Related Sources

None

Security

In order to participate in this service package, each physical object should meet or exceed the following security levels.

Physical Object Security
Physical Object	Confidentiality	Integrity	Availability	Security Class
Center	Moderate	Moderate	Moderate	Class 2
Remote Access Device	Moderate	Moderate	Moderate	Class 2

In order to participate in this service package, each information flow triple should meet or exceed the following security levels.

Information Flow Security
Source	Destination	Information Flow	Confidentiality	Integrity	Availability
Source	Destination	Information Flow	Basis	Basis	Basis
Center	Remote Access Device	secure center operator data	Moderate	Moderate	Moderate
Center	Remote Access Device	secure center operator data	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.
Center Personnel	Remote Access Device	center operator input	Moderate	Moderate	Moderate
Center Personnel	Remote Access Device	center operator input	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.
Remote Access Device	Center	secure center operator input	Moderate	Moderate	Moderate
Remote Access Device	Center	secure center operator input	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.
Remote Access Device	Center Personnel	center operator data	Moderate	Moderate	Moderate
Remote Access Device	Center Personnel	center operator data	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.	This flow represents an operator control flow; observation may expose procedures and vulnerabilities, and may enable nefarious activity. Manipulation of flow contents, may enable nefarious activity, whlie interruptions or accidental changes to flow contents are likely to disrupt transportation operations. The whole point of this flow is to secure remote operations of ITS centers.

Standards

Currently, there are no standards associated with the physical objects in this service package. For standards related to interfaces, see the specific information flow triple pages.

System Requirements

System Requirement		Need
001	The system shall establish a secure (encrypted and authenticated) virtual private network (VPN) connection with the remote operator via their Remote Access Device.	01	System operators need to securely interact with their center or support system while operating remotely.
002	The system shall receive operator commands from the Remote Access Device over the VPN and execute those commands locally	01	System operators need to securely interact with their center or support system while operating remotely.
003	The system shall forward all display updates via the VPN to the Remote Access Device.	01	System operators need to securely interact with their center or support system while operating remotely.
004	The system shall close the VPN session and the connection when the remote operator logs out.	01	System operators need to securely interact with their center or support system while operating remotely.
005	The system shall establish a secure (encrypted and authenticated) virtual private network (VPN) connection with the remote system.	01	System operators need to securely interact with their center or support system while operating remotely.
006	The system shall present decrypted information received from the remote service to the operator.	01	System operators need to securely interact with their center or support system while operating remotely.
007	The system shall accept user commands for the remote system and provide these commands securely over the VPN.	01	System operators need to securely interact with their center or support system while operating remotely.
008	The system shall provide information received from the operator to the remote service in encrypted form.	01	System operators need to securely interact with their center or support system while operating remotely.
009	The system shall receive all remote display updates and provide these updates to the operator.	01	System operators need to securely interact with their center or support system while operating remotely.
010	The system shall accept information from the operator.	01	System operators need to securely interact with their center or support system while operating remotely.
011	The system shall close the VPN session and the connection when the operator logs out.	01	System operators need to securely interact with their center or support system while operating remotely.
012	The system shall accept encrypted information from the remote service.	01	System operators need to securely interact with their center or support system while operating remotely.