Securing Interconnected Traffic Signal Communications via Public Network
Henrico County, USA, wanted to upgrade existing closed-loop traffic signaling control systems to a distributed traffic management system with NEMA TS2 compliance. From the central command center, operators can access traffic signals at remote traffic control locations for real-time monitoring and emergency response. This advanced traffic control network will be deployed across a public network and will not only require a highly reliable connection, but also cyber security protection, such as with VPN and firewall, to ensure the integrity of system communication.
Henrico County’s existing traffic control system is comprised of 140 signalized intersections, but only 25 intersections are interconnected while the remaining 115 intersections are isolated signal control circuits. The new signaling network will have a distributed architecture, where the central operation center can communicate with each local traffic signal controller. Moreover, the signal controllers should be able to store time of day coordinated timing plans and local intersection timing parameters.
For traffic controllers to transmit the data to the traffic operation center, the system integrator utilized the existing ISP public network, which requires modems for communication. However, the public network presents possible security threats to the traffic control network. VPN and firewall security measures are essential to secure data communications.
The EDR-810 industrial multi-port secure router, an all-in-one VPN/NAT/Firewall/Router/Switch device, was installed in the roadside cabinet of each intersection for data communication and data security. The EDR-810 supports Turbo Ring technologies with less than 20 ms recovery time to ensure communication reliability in a ring-type network. Also, the EDR-810 supports VPN and firewall capabilities, which will provide secure remote access and critical field device protection.
System Diagram (view larger image)
Upgrading to a fully distributed system with NEMA TS2 compliance
- Real-time status updates for traffic signals and other field equipment
- Increased interconnected communication coverage of existing signal controllers
- High communication reliability and security
- Up to 10 ports to connect LAN devices
- 20 Mbps VPN bandwidth for VPN tunneling between field cabinets and the central traffic operation center
- 2 Gigabit fiber ports with RSTP and Turbo Ring technology for future expansions, which optic fiber ring topology is preferred
- Dual redundant power inputs to maximize system uptime
- NEMA TS2 compliance
Industrial 8+2G multi-port secure router
· All-in-one Firewall/NAT/VPN/Router/Switch device
· 10 VPN connections for secure remote management
· PacketGuard technology for Modbus TCP packet inspection
· Turbo Ring fast recovery for redundant ring topology
· Flexible configuration of multiple WAN and LAN ports
· -40 to 75°C operating temperature range (T model)
· NEMA TS2 compliance