Transportation industry learning from IT
Demands on technology to support transportation security are increasing. Computer-based data collection and monitoring systems, along with the networks that transport data to central locations where it can be analyzed and stored, and applications to ingest, organize and search data are all key components in today’s transportation security picture. Questions about how best to protect applications from hackers and misuse; dividing architecture into protective ‘layers’; identity and data management; and how best to authenticate users remain at the top of the list for Information Technology managers and designers in transportation and related industries. Trends in the IT ‘mainstream’ can help to address some of these difficult questions.
• Moore’s Law would tell us that processors, hard drives and network gear will continue to increase in power at an exponential rate. Security tools, like anti-virus and scanning software will need to be regularly assessed to make sure they ‘keep up’. Availability of CPU cycles will impact decisions about where to introduce network firewalling and encryption for security strategies, like SSL (Secure Sockets Layer) and VPNs (Virtual Private Networks). We also will see more devices with integrated, special-purpose hardware to lighten the CPU loads.
• The need to deploy more and more complex applications put demands on in-house development and testing organizations for secure custom applications, and can stress relationships and reliance on outside vendors. Outsourcing of security-related software development, network maintenance and other security processes implies an increased understanding of vendors’ controls and practices.
• More and smarter devices are being deployed to expand networks including devices that leverage ‘Plug-and-Play’ strategies like DHCP (Dynamic Host Configuration Protocol). Smarter devices have greater abilities to help maintain themselves with automatic and centrally administrated refreshes of security policies and firmware updates.
• Economies driving IT modularity and standards are reinforcing the idea that it’s more efficient to control the hardware and operating systems than to try to support a variety of platforms. On the network side, hardware manufacturers are increasingly expanding devices via component slots for card modules and embedding specialized hardware.
• Hardware acceleration and specialized processors are being seen more frequently to do intrusion detection and any serious content filtering over large facilities. Innovations, like multi-core chips running mulitple instances of Linux in parallel and custom ASICs (Application Specific Integrated Circuits) are making this possible.
• Reliable virtualization of non-multi-tasking operating systems, like Microsoft’s Windows Operating System, makes it possible for unique systems to co-exist in the same box and is replacing stacks of racked servers. Multiple ‘virtual’ machines in the same box provide, not only savings in space, heat and power consumption, but also make it more economical to secure networks, as virtual machines provide convenient isolation of networks and processing using. Virtual machines are also easier to maintain.
While much new technology is available, and much more on the horizon, it is commonly agreed that to be successful, technology solutions designed for the fast-paced and diverse transportation industry must integrate well, be scaleable, robust and cost effective. Technology must also be implemented in concert with privacy laws, with implementers committed and proactive in protecting the valuable data amassed by such powerful systems.