A University of Virginia research team investigated cybersecurity issues in Active Traffic Management (ATM) systems by creating a prototype ATM system modeled on an actual Northern Virginia system, along with a security monitoring system for the model ATM system. The team subjected the prototype ATM system to emulated cyberattacks and found the monitoring system allowed the ATM system to revert to an expected safe state and reduced the negative impact of cyberattacks.
The University of Virginia research team developed a prototype ATM system, with a 1.5-mile section of the ATM system deployed on I-66 in Northern Virginia as its case study, based on the I-66 system’s concept of operations. Second, the team developed a prototype security monitoring system to detect anomalies in the prototype’s ATM operations and to avoid the consequences of a system compromised by cyberattacks.
The security monitoring system leverages real time data by comparing the lane control states generated by the ATM channel against the monitoring channel. In the case of deviation between two sets of lane control states, the monitoring system displays the lane control states generated by the Connected Vehicle (CV) data and alerts the operator.
The research team subjected the prototype ATM system to emulated cyberattacks to evaluate the impact of possible attack on the prototype ATM system and benefits of reverting back to a safe lane control state using a monitoring system.
The evaluation results showed that the ATM system could increase the mean vehicle speed in the system by 13 percent compared to the baseline case. However, when subject to cyberattack through manipulation of traffic data or the lane control states through the ATM software, mean speed was similar to the baseline case and reduced by 15 percent compared to the case with the ATM system. The monitoring system however, allowed the ATM system to revert to an expected state with a mean speed of 59 mi/h and reduced the negative impact of cyberattacks.
The research team concluded it is reasonable to say that the proposed monitoring system was successful in avoiding the severe consequences of cyberattacks and has significant potential in improving freeway operations and recommends revisiting ATM system design concepts as a means of protecting against cyberattacks, in addition to utilizing traditional system intrusion prevention approaches.