Transport Canada
www.tc.gc.ca
Common menu bar links
Institutional links
Innovation
Browse Resources
Innovation Contact Information
Browse By Mode
Browse By Subject
About Us
System Control Security Group
The "System Control" architecture flows are used to control ITS systems. These flows should be protected so that only authorized individuals or systems can control these systems.
Security Services
| Service | Importance | Service Description |
|---|---|---|
| Integrity | Medium | The system should ensure that information is protected from unauthorized intentional or unintentional modifications. |
| Availability | Medium | The system should protect critical ITS services in order to prevent degradation or denial of the ITS services to users of the services. Single points of failure should be avoided. |
| Authentication | Medium | The system should verify the identity of a user and/or other system prior to granting access to a requested resource. |
| Auditing | Medium | The system should have the capability to trace ITS subsystem and individual user actions and activities. The auditing function of the system places the actions and activities in an audit trail that is protected from unauthorized access and modification. |
| Access Control | Medium | The system should limit access to the resources of a subsystem to only those users and other subsystems that are properly authorized. After authenticating an entity, the system should have the capability to limit system access to information or resources based on that entity’s access privileges. The system should limit software modifications and upgrades to users and other systems that have authorization. |
Security Objectives
| Objective | Classification | Class Description |
|---|---|---|
| Confidentiality | Minimal | Non-sensitive information available for public release |
| Integrity | Medium | Unauthorized or unintended modification of the information could result in financial loss or significantly impact the operation of the transportation system. |
| Availability | Medium | Loss of the information could result in financial loss or significantly impact the operation of the transportation system. |
Security Threats
| Threat | Importance | Threat Description |
|---|---|---|
| Deception | Medium | A circumstance or event that may result in an authorized entity receiving false data and believing it to be true. |
| Disruption | Medium | A circumstance or event that interrupts or prevents the correct operation of system services and functions. |
| Usurpation | High | A circumstance or event that results in control of system services or functions by an unauthorized entity. |
Architecture flows
- barrier system control
- data collection and monitoring control
- emissions sensor control
- environmental sensors control
- freeway control data
- hri control data
- hri request
- infrastructure monitoring sensor control
- lighting system control data
- local signal preemption request
- local signal priority request
- maint and constr dispatch information
- pollution sensor control
- remote surveillance control
- reversible lane control
- roadway treatment system control
- safeguard system control
- secure area sensor control
- secure area surveillance control
- signal control data
- traffic control coordination
- traffic control priority request
- traffic enforcement control
- traffic sensor control
- vehicle control
- video surveillance control
- work zone warning device control
