Featured Topic

Cybersecurity for Centralized Advanced Traffic Management Systems

Many traffic signaling systems across the United States are still managed using master controllers connecting to local traffic controllers via a mix of closed-loop twisted-pair circuits, serial radios, and dial-up services for traffic signal control and coordination. These legacy systems still require frequent onsite maintenance, lack many central monitoring and control capabilities, and are inadequate for system expansions such as for adding IP cameras.

Transportation officials of Henrico County, Virginia wanted to upgrade existing traffic signaling control systems to a centralized advanced traffic management system (ATMS) with NEMA TS2 compliance. From the central command center, operators will be able to access traffic signals at remote traffic control locations for real-time monitoring and emergency response. This advanced traffic control network will be deployed across a public network and will not only require a highly reliable connection, but also cybersecurity protection to deny unauthorized access.

Click here to view larger image.

Henrico County’s existing traffic control system is comprised of 140 signalized intersections, but only 25 intersections are interconnected while the remaining 115 intersections are isolated signal control circuits. The new signaling network will have a centralized architecture, where the central command center can communicate with each local traffic signal controller. Local traffic controllers will also be able to adjust and schedule traffic signal timing parameters for different times of the day to expedite traffic flow.

For traffic controllers to transmit the data to the traffic operation center, the system integrator will utilize the existing ISP public network, which requires modems for communication. However, the public network presents possible security threats to the traffic control network. VPN and firewall security measures are essential to secure data communications.

Moxa’s EDR-810 industrial multi-port secure router, an all-in-one VPN/NAT/firewall/switch device, was installed in the roadside cabinet of each intersection to provide secure data transmission. The EDR-810 offers Turbo Ring and Turbo Chain technologies with less than 20 ms recovery time to ensure network reliability. Also, the EDR-810 supports VPN and firewall capabilities, which will provide secure remote access and critical field device protection.

Application Requirements:

• Upgrading to a centralized system with NEMA TS2 compliance
• Real-time status updates for traffic signals and other field equipment
• Increased communication coverage of existing signals
• High communication reliability and security

Moxa’s Advantages:

• The EDR-810-VPN provides up to 10 ports to connect LAN devices
• The EDR-810-VPN provides 20 Mbps VPN bandwidth to provide secure VPN tunneling through the public network between field cabinets and the central command center
• The EDR-810-VPN provides 2 gigabit fiber ports with RSTP and Turbo Ring technology for future expansions
• The EDR-810-VPN provides dual redundant power inputs to maximize system uptime
• NEMA TS2 compliance


Industrial 8+2G multi-port secure router

• All-in-one firewall/NAT/VPN/router/switch device
• 10 VPN connections for secure remote management
• PacketGuard technology for Modbus TCP packet inspection
• Flexible configuration of multiple WAN and LAN ports
• -40 to 75°C operating temperature range (T model)
• NEMA TS2 compliance

•   Learn more about about Moxa's cybersecurity solutions at this site.
•   Download a cybersecurity white paper here.
•   Watch the an animated explanation of deep packet inspection here.

Back to index