TM26: Signal Enforcement
This service package supports the detection and enforcement of roadway control signals. A common implementation of this capability is "red light enforcement" for signalized intersections. Information documenting a vehicle entering the intersection when the light is red is captured and conveyed to an enforcement agency. This service package is a logical predecessor to "Intersection Safety Warning" and "Intersection Collision Avoidance", where the signal violation detection is also used to reduce the likelihood of a traffic accident. This same relationship also exists to "Mixed Use Warning Systems" and "Automated Non-Vehicular Road User Protection", since pedestrians, bicyclists, and other non-vehicle traffic may be threatened by signal violations.
Origin: Canada
Relevant Regions: Australia, Canada, European Union, and United States
- Enterprise
- Functional
- Physical
- Goals and Objectives
- Needs and Requirements
- Sources
- Security
- Standards
- System Requirements
Enterprise
Development Stage Roles and Relationships
Installation Stage Roles and Relationships
Operations and Maintenance Stage Roles and Relationships
(hide)
Source | Destination | Role/Relationship |
---|---|---|
Enforcement Center Maintainer | Enforcement Center | Maintains |
Enforcement Center Manager | Enforcement Center | Manages |
Enforcement Center Owner | Enforcement Center Maintainer | System Maintenance Agreement |
Enforcement Center Owner | Enforcement Center Manager | Operations Agreement |
Enforcement Center Supplier | Enforcement Center Owner | Warranty |
ITS Roadway Equipment Maintainer | ITS Roadway Equipment | Maintains |
ITS Roadway Equipment Manager | ITS Roadway Equipment | Manages |
ITS Roadway Equipment Owner | Enforcement Center Owner | Information Provision Agreement |
ITS Roadway Equipment Owner | ITS Roadway Equipment Maintainer | System Maintenance Agreement |
ITS Roadway Equipment Owner | ITS Roadway Equipment Manager | Operations Agreement |
ITS Roadway Equipment Owner | Other ITS Roadway Equipment Owner | Information Exchange and Action Agreement |
ITS Roadway Equipment Owner | Traffic Management Center Owner | Information Exchange Agreement |
ITS Roadway Equipment Supplier | ITS Roadway Equipment Owner | Warranty |
Other ITS Roadway Equipment Maintainer | Other ITS Roadway Equipment | Maintains |
Other ITS Roadway Equipment Manager | Other ITS Roadway Equipment | Manages |
Other ITS Roadway Equipment Owner | ITS Roadway Equipment Owner | Information Exchange and Action Agreement |
Other ITS Roadway Equipment Owner | Other ITS Roadway Equipment Maintainer | System Maintenance Agreement |
Other ITS Roadway Equipment Owner | Other ITS Roadway Equipment Manager | Operations Agreement |
Other ITS Roadway Equipment Supplier | Other ITS Roadway Equipment Owner | Warranty |
Traffic Management Center Maintainer | Traffic Management Center | Maintains |
Traffic Management Center Manager | Traffic Management Center | Manages |
Traffic Management Center Manager | Traffic Operations Personnel | System Usage Agreement |
Traffic Management Center Owner | ITS Roadway Equipment Owner | Information Exchange Agreement |
Traffic Management Center Owner | Traffic Management Center Maintainer | System Maintenance Agreement |
Traffic Management Center Owner | Traffic Management Center Manager | Operations Agreement |
Traffic Management Center Supplier | Traffic Management Center Owner | Warranty |
Traffic Operations Personnel | Traffic Management Center | Operates |
Functional
This service package includes the following Functional View PSpecs:
Physical
The physical diagram can be viewed in SVG or PNG format and the current format is SVG.SVG Diagram
PNG Diagram
Includes Physical Objects:
Physical Object | Class | Description |
---|---|---|
Enforcement Center | Center | The 'Enforcement Center' represents the systems that receive reports of violations detected by various ITS facilities including individual vehicle emissions, lane violations, toll violations, CVO violations, etc. |
ITS Roadway Equipment | Field | 'ITS Roadway Equipment' represents the ITS equipment that is distributed on and along the roadway that monitors and controls traffic and monitors and manages the roadway. This physical object includes traffic detectors, environmental sensors, traffic signals, highway advisory radios, dynamic message signs, CCTV cameras and video image processing systems, grade crossing warning systems, and ramp metering systems. Lane management systems and barrier systems that control access to transportation infrastructure such as roadways, bridges and tunnels are also included. This object also provides environmental monitoring including sensors that measure road conditions, surface weather, and vehicle emissions. Work zone systems including work zone surveillance, traffic control, driver warning, and work crew safety systems are also included. |
Other ITS Roadway Equipment | Field | Representing another set of ITS Roadway Equipment, 'Other ITS Roadway Equipment' supports 'field device' to 'field device' communication and coordination, and provides a source and destination for information that may be exchanged between ITS Roadway Equipment. The interface enables direct coordination between field equipment. Examples include the direct interface between sensors and other roadway devices (e.g., Dynamic Message Signs) and the direct interface between roadway devices (e.g., between a Signal System Master and Signal System Local equipment) or a connection between an arterial signal system master and a ramp meter controller. |
Traffic Management Center | Center | The 'Traffic Management Center' monitors and controls traffic and the road network. It represents centers that manage a broad range of transportation facilities including freeway systems, rural and suburban highway systems, and urban and suburban traffic control systems. It communicates with ITS Roadway Equipment and Connected Vehicle Roadside Equipment (RSE) to monitor and manage traffic flow and monitor the condition of the roadway, surrounding environmental conditions, and field equipment status. It manages traffic and transportation resources to support allied agencies in responding to, and recovering from, incidents ranging from minor traffic incidents through major disasters. |
Traffic Operations Personnel | Center | 'Traffic Operations Personnel' represents the people that operate a traffic management center. These personnel interact with traffic control systems, traffic surveillance systems, incident management systems, work zone management systems, and travel demand management systems. They provide operator data and command inputs to direct system operations to varying degrees depending on the type of system and the deployment scenario. |
Includes Functional Objects:
Functional Object | Description | Physical Object |
---|---|---|
Roadway Signal Monitoring and Enforcement | 'Roadway Signal Monitoring and Enforcement' includes the field elements that monitor vehicles entering a signalized intersection. Information is collected for vehicles illegally entering the intersection, and the signal violation is reported to the enforcement center. Control and monitoring of the signal monitoring and enforcement equipment is provided with an interface to the Traffic Management Center. | ITS Roadway Equipment |
TMC Signal Enforcement | 'TMC Signal Enforcement' supports remote control and monitoring of signal enforcement roadside equipment. It provides configuration information for the roadside equipment. It also monitors field equipment operation and reports current status to the operator. | Traffic Management Center |
Includes Information Flows:
Information Flow | Description |
---|---|
signal control coordination | The direct flow of information between field equipment. This includes configuration and control of traffic signal controllers or field masters. Configuration data and operational status of traffic signal control equipment including operating condition and current indications are returned. |
signal enforcement device control | Information used to configure and control automated signal monitoring and enforcement systems. |
signal enforcement device status | System status including current operational state and logged information including date and time records of illegal intersection entry. |
signal violation notification | Notification to enforcement agency of detected traffic signal violations. This notification identifies the vehicle and documents the infraction date, time, and intersection location, and direction of travel. |
traffic detector coordination | The direct flow of information between field equipment. This includes information used to configure and control traffic detector systems such as inductive loop detectors and machine vision sensors Raw and/or processed traffic detector data is returned that allows derivation of traffic flow variables (e.g., speed, volume, and density measures) and associated information (e.g., congestion, potential incidents). This flow includes the traffic data and the operational status of the traffic detectors |
traffic operator data | Presentation of traffic operations data to the operator including traffic conditions, current operating status of field equipment, maintenance activity status, incident status, video images, security alerts, emergency response plan updates and other information. This data keeps the operator appraised of current road network status, provides feedback to the operator as traffic control actions are implemented, provides transportation security inputs, and supports review of historical data and preparation for future traffic operations activities. |
traffic operator input | User input from traffic operations personnel including requests for information, configuration changes, commands to adjust current traffic control strategies (e.g., adjust signal timing plans, change DMS messages), and other traffic operations data entry. |
video surveillance coordination | The direct flow of information between field equipment. This includes information used to configure and control video surveillance systems and the high fidelity, real-time traffic images and associated meta data that are returned. |
Goals and Objectives
Associated Planning Factors and Goals
Planning Factor | Goal |
---|---|
B. Increase the safety of the transportation system for motorized and nonmotorized users; | Reduce fatalities and injuries |
Associated Objective Categories
Objective Category |
---|
Safety: Vehicle Crashes and Fatalities |
Associated Objectives and Performance Measures
Needs and Requirements
Need | Functional Object | Requirement | ||
---|---|---|---|---|
01 | Traffic Operations needs to be able to determine if a vehicle enters an intersection illegally. | Roadway Signal Monitoring and Enforcement | 02 | The field element shall return operational status for the signal monitoring and enforcement roadside equipment to the controlling traffic center; including logged date and time records of illegal intersection entry. |
04 | The field element shall include sensors to detect traffic signal violations, under traffic control. | |||
06 | The field element shall return fault data for the signal monitoring and enforcement to the controlling traffic center for repair. | |||
TMC Signal Enforcement | 01 | The center shall control automated signal monitoring enforcement roadside equipment, providing the identification of the intersection and direction and conditions under which vehicle enters the intersection illegally. | ||
02 | Enforcement agencies need to be able to monitor traffic signal violations as detected by field equipment. | Roadway Signal Monitoring and Enforcement | 01 | The field element shall return operational status for the signal monitoring and enforcement roadside equipment to the enforcement agency. |
03 | The field element shall include sensors to detect traffic signal violations, under enforcement agency control. | |||
05 | The field element shall notify an enforcement agency when a traffic signal violation is detected. |
Security
In order to participate in this service package, each physical object should meet or exceed the following security levels.
Physical Object Security | ||||
---|---|---|---|---|
Physical Object | Confidentiality | Integrity | Availability | Security Class |
Enforcement Center | Moderate | Moderate | Low | Class 2 |
ITS Roadway Equipment | Moderate | Moderate | Moderate | Class 2 |
Other ITS Roadway Equipment | Moderate | Moderate | Moderate | Class 2 |
Traffic Management Center | Moderate | Moderate | Moderate | Class 2 |
In order to participate in this service package, each information flow triple should meet or exceed the following security levels.
Information Flow Security | |||||
---|---|---|---|---|---|
Source | Destination | Information Flow | Confidentiality | Integrity | Availability |
Basis | Basis | Basis | |||
ITS Roadway Equipment | Enforcement Center | signal violation notification | Moderate | Moderate | Low |
Really a control flow, as this identifies a vehicle for enforcement action. Since there must be an identifier, this includes PII, as well as the indication that the vehicle violated a signal. Observation of this information should be restricted to the enforcement agency to prevent abuse. | Since this action will result in a fine or other penalty, some mechanism for ensuring correctness should be included, less the wrong person be penalized. | Automated violation enforcement is typically a post-real time action, so there is little harm if this flow is not satisfied quickly. | |||
ITS Roadway Equipment | Other ITS Roadway Equipment | signal control coordination | Moderate | Moderate | Moderate |
Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH. | |||
ITS Roadway Equipment | Other ITS Roadway Equipment | traffic detector coordination | Moderate | Moderate | Low |
Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH. | |||
ITS Roadway Equipment | Other ITS Roadway Equipment | video surveillance coordination | Moderate | Moderate | Moderate |
Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH. | |||
ITS Roadway Equipment | Traffic Management Center | signal enforcement device status | Moderate | Moderate | Moderate |
Control flows, even for seemingly innocent devices, should be kept confidential to minimize attack vectors. While an individual installation may not be particularly impacted by a cyberattack of its sensor network, another installation might be severely impacted, and different installations are likely to use similar methods, so compromising one leads to compromising all. | Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH. | Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH. | |||
Other ITS Roadway Equipment | ITS Roadway Equipment | signal control coordination | Moderate | Moderate | Moderate |
Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH. | |||
Other ITS Roadway Equipment | ITS Roadway Equipment | traffic detector coordination | Moderate | Moderate | Low |
Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH. | |||
Other ITS Roadway Equipment | ITS Roadway Equipment | video surveillance coordination | Moderate | Moderate | Moderate |
Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH. | Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH. | |||
Traffic Management Center | ITS Roadway Equipment | signal enforcement device control | Moderate | Moderate | Moderate |
Control flows, even for seemingly innocent devices, should be kept confidential to minimize attack vectors. While an individual installation may not be particularly impacted by a cyberattack of its sensor network, another installation might be severely impacted, and different installations are likely to use similar methods, so compromising one leads to compromising all. | Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH. | Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH. | |||
Traffic Management Center | Traffic Operations Personnel | traffic operator data | Moderate | Moderate | Moderate |
Backoffice operations flows should have minimal protection from casual viewing, as otherwise imposters could gain illicit control or information that should not be generally available. | Information presented to backoffice system operators must be consistent or the operator may perform actions that are not appropriate to the real situation. | The backoffice system operator should have access to system operation. If this interface is down then control is effectively lost, as without feedback from the system the operator has no way of knowing what is the correct action to take. | |||
Traffic Operations Personnel | Traffic Management Center | traffic operator input | Moderate | High | High |
Backoffice operations flows should have minimal protection from casual viewing, as otherwise imposters could gain illicit control or information that should not be generally available. | Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system. | Backoffice operations flows should generally be correct and available as these are the primary interface between operators and system. |
Standards
The following table lists the standards associated with physical objects in this service package. For standards related to interfaces, see the specific information flow triple pages.
Name | Title | Physical Object |
---|---|---|
ITE ATC | Advanced Transportation Controller | ITS Roadway Equipment |
ITE ATC API | Application Programming Interface Standard for the Advanced Transportation Controller | ITS Roadway Equipment |
ITE ATC ITS Cabinet | Intelligent Transportation System Standard Specification for Roadside Cabinets | ITS Roadway Equipment |
ITE ATC Model 2070 | Model 2070 Controller Standard | ITS Roadway Equipment |
NEMA TS 8 Cyber and Physical Security | Cyber and Physical Security for Intelligent Transportation Systems | ITS Roadway Equipment |
Traffic Management Center | ||
NEMA TS2 Traffic Controller Assemblies | Traffic Controller Assemblies with NTCIP Requirements | ITS Roadway Equipment |
System Requirements
System Requirement | Need | ||
---|---|---|---|
001 | The system shall control automated signal monitoring enforcement roadside equipment, providing the identification of the intersection and direction and conditions under which vehicle enters the intersection illegally. | 01 | Traffic Operations needs to be able to determine if a vehicle enters an intersection illegally. |
002 | The system shall return operational status for the signal monitoring and enforcement roadside equipment to the enforcement agency. | 02 | Enforcement agencies need to be able to monitor traffic signal violations as detected by field equipment. |
003 | The system shall return operational status for the signal monitoring and enforcement roadside equipment to the controlling traffic center; including logged date and time records of illegal intersection entry. | 01 | Traffic Operations needs to be able to determine if a vehicle enters an intersection illegally. |
004 | The system shall include sensors to detect traffic signal violations, under enforcement agency control. | 02 | Enforcement agencies need to be able to monitor traffic signal violations as detected by field equipment. |
005 | The system shall include sensors to detect traffic signal violations, under traffic control. | 01 | Traffic Operations needs to be able to determine if a vehicle enters an intersection illegally. |
006 | The system shall notify an enforcement agency when a traffic signal violation is detected. | 02 | Enforcement agencies need to be able to monitor traffic signal violations as detected by field equipment. |
007 | The system shall return fault data for the signal monitoring and enforcement to the controlling traffic center for repair. | 01 | Traffic Operations needs to be able to determine if a vehicle enters an intersection illegally. |