Parent Service Package: TM13
< < TM12.1 : TM13.1 : TM14.1 > >

TM13.1: Standard Railroad Grade Crossing Implementation

This 'implementation' is a holistic view of the TM13 service package, including all Physical Objects, Functional Objects, and Triples associated with the service package. It distinguishes between items that are fundamental to the service and items that are optional. Your specific implementation is likely to include the fundamental items and selected optional items, based on your specific project requirements.

Relevant Regions:

Enterprise
Functional
Physical
Goals and Objectives
Needs and Requirements
Sources
Security
Standards
System Requirements

Enterprise

Development Stage Roles and Relationships
(hide)

Source	Destination	Role/Relationship
ITS Roadway Equipment Developer	ITS Roadway Equipment	Develops (hide) An Enterprise creates the target Resource or Document. The Enterprise that engineers a traffic signal controller (ITS Roadway Equipment), or designs a vehicle (Basic Vehicle) or authors a technical standard will have the Develops role.
ITS Roadway Equipment Developer	Other ITS Roadway Equipment Developer	Application Interface Specification (hide) The definition of an interface between two application components that operate on two distinct pieces of hardware. The Application Interface Specification is specific to the application in question.
ITS Roadway Equipment Developer	Traffic Management Center Developer	Application Interface Specification (hide) The definition of an interface between two application components that operate on two distinct pieces of hardware. The Application Interface Specification is specific to the application in question.
ITS Roadway Equipment Developer	Wayside Equipment Developer	Application Interface Specification (hide) The definition of an interface between two application components that operate on two distinct pieces of hardware. The Application Interface Specification is specific to the application in question.
Other ITS Roadway Equipment Developer	ITS Roadway Equipment Developer	Application Interface Specification (hide) The definition of an interface between two application components that operate on two distinct pieces of hardware. The Application Interface Specification is specific to the application in question.
Other ITS Roadway Equipment Developer	Other ITS Roadway Equipment	Develops (hide) An Enterprise creates the target Resource or Document. The Enterprise that engineers a traffic signal controller (ITS Roadway Equipment), or designs a vehicle (Basic Vehicle) or authors a technical standard will have the Develops role.
Rail Operations Center Developer	Rail Operations Center	Develops (hide) An Enterprise creates the target Resource or Document. The Enterprise that engineers a traffic signal controller (ITS Roadway Equipment), or designs a vehicle (Basic Vehicle) or authors a technical standard will have the Develops role.
Traffic Management Center Developer	ITS Roadway Equipment Developer	Application Interface Specification (hide) The definition of an interface between two application components that operate on two distinct pieces of hardware. The Application Interface Specification is specific to the application in question.
Traffic Management Center Developer	Rail Operations Center Developer	Application Interface Specification (hide) The definition of an interface between two application components that operate on two distinct pieces of hardware. The Application Interface Specification is specific to the application in question.
Traffic Management Center Developer	Traffic Management Center	Develops (hide) An Enterprise creates the target Resource or Document. The Enterprise that engineers a traffic signal controller (ITS Roadway Equipment), or designs a vehicle (Basic Vehicle) or authors a technical standard will have the Develops role.
Wayside Equipment Developer	ITS Roadway Equipment Developer	Application Interface Specification (hide) The definition of an interface between two application components that operate on two distinct pieces of hardware. The Application Interface Specification is specific to the application in question.
Wayside Equipment Developer	Wayside Equipment	Develops (hide) An Enterprise creates the target Resource or Document. The Enterprise that engineers a traffic signal controller (ITS Roadway Equipment), or designs a vehicle (Basic Vehicle) or authors a technical standard will have the Develops role.

Installation Stage Roles and Relationships
(hide)

Source	Destination	Role/Relationship
ITS Roadway Equipment Installer	ITS Roadway Equipment	Installs (hide) An Enterprise performs the initial delivery, integration and configuration of the target Resource. This might be a system integrator, a state DOT Enterprise performing its own installation, or a device supplier that performs on-site installation.
ITS Roadway Equipment Owner	ITS Roadway Equipment Installer	Installation Agreement (hide) An agreement whereupon one party installs a system on behalf of a second party.
ITS Roadway Equipment Owner	ITS Roadway Equipment Verifier	Verification Agreement (hide) An agreement for one party to verify that a system owned by the second party operates according to the system's design.
Other ITS Roadway Equipment Installer	Other ITS Roadway Equipment	Installs (hide) An Enterprise performs the initial delivery, integration and configuration of the target Resource. This might be a system integrator, a state DOT Enterprise performing its own installation, or a device supplier that performs on-site installation.
Other ITS Roadway Equipment Owner	Other ITS Roadway Equipment Installer	Installation Agreement (hide) An agreement whereupon one party installs a system on behalf of a second party.
Other ITS Roadway Equipment Owner	Other ITS Roadway Equipment Verifier	Verification Agreement (hide) An agreement for one party to verify that a system owned by the second party operates according to the system's design.
Rail Operations Center Installer	Rail Operations Center	Installs (hide) An Enterprise performs the initial delivery, integration and configuration of the target Resource. This might be a system integrator, a state DOT Enterprise performing its own installation, or a device supplier that performs on-site installation.
Rail Operations Center Owner	Rail Operations Center Installer	Installation Agreement (hide) An agreement whereupon one party installs a system on behalf of a second party.
Rail Operations Center Owner	Rail Operations Center Verifier	Verification Agreement (hide) An agreement for one party to verify that a system owned by the second party operates according to the system's design.
Traffic Management Center Installer	Traffic Management Center	Installs (hide) An Enterprise performs the initial delivery, integration and configuration of the target Resource. This might be a system integrator, a state DOT Enterprise performing its own installation, or a device supplier that performs on-site installation.
Traffic Management Center Owner	Traffic Management Center Installer	Installation Agreement (hide) An agreement whereupon one party installs a system on behalf of a second party.
Traffic Management Center Owner	Traffic Management Center Verifier	Verification Agreement (hide) An agreement for one party to verify that a system owned by the second party operates according to the system's design.
Wayside Equipment Installer	Wayside Equipment	Installs (hide) An Enterprise performs the initial delivery, integration and configuration of the target Resource. This might be a system integrator, a state DOT Enterprise performing its own installation, or a device supplier that performs on-site installation.
Wayside Equipment Owner	Wayside Equipment Installer	Installation Agreement (hide) An agreement whereupon one party installs a system on behalf of a second party.
Wayside Equipment Owner	Wayside Equipment Verifier	Verification Agreement (hide) An agreement for one party to verify that a system owned by the second party operates according to the system's design.

Operations and Maintenance Stage Roles and Relationships
(hide)

Source	Destination	Role/Relationship
ITS Roadway Equipment Maintainer	ITS Roadway Equipment	Maintains (hide) An Enterprise administers the hardware and software that comprise the target Resource. The entity that takes the ‘maintains’ role typically is delegated authority by the entity with the “Owns” or "Manages" roles, depending on the environment. The maintainer interacts with the target Resource so as to keep that Resource in the Operational state.
ITS Roadway Equipment Manager	ITS Roadway Equipment	Manages (hide) The Enterprise that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This authority is typically delegated by the Enterprise with the "Owns" role, and commonly accomplished by delegation to Human E-Objects with the "operates", "installs" or "maintains" roles, depending on the context.
ITS Roadway Equipment Manager	Maint and Constr Field Personnel	System Usage Agreement (hide) An agreement granting operational use of a system to a Human with the operates role responsible for management of the system.
ITS Roadway Equipment Owner	ITS Roadway Equipment Maintainer	System Maintenance Agreement (hide) An agreement for one party to maintain the operational status of a system on behalf of the party with ownership control of the system.
ITS Roadway Equipment Owner	ITS Roadway Equipment Manager	Operations Agreement (hide) An agreement where one entity agrees to operate a device or application on behalf of another, device/application controlling entity.
ITS Roadway Equipment Owner	Other ITS Roadway Equipment Maintainer	Maintenance Data Exchange Agreement (hide) An agreement that states one entity will provide data related to maintenance of an application component to the other entity.
ITS Roadway Equipment Owner	Other ITS Roadway Equipment Operator	Application Usage Agreement (hide) An agreement in which one entity that controls an application component's use gives the other entity the necessary tools and permission to operate that application or application component.
ITS Roadway Equipment Owner	Other ITS Roadway Equipment Owner	Information Exchange and Action Agreement (hide) An agreement to exchange information, which may include data or control information; the exact information to be exchanged may vary from agreement to agreement. This also includes a specification for action that shall, should or may be taken by one party in response to this information.
ITS Roadway Equipment Owner	Other ITS Roadway Equipment User	Service Usage Agreement (hide) An agreement between the provider of a service and a user. Stipulates the terms and conditions of service usage.
ITS Roadway Equipment Owner	Traffic Management Center Maintainer	Maintenance Data Exchange Agreement (hide) An agreement that states one entity will provide data related to maintenance of an application component to the other entity.
ITS Roadway Equipment Owner	Traffic Management Center Owner	Information Exchange Agreement (hide) An agreement to exchange information, which may include data or control information; the exact information to be exchanged may vary from agreement to agreement.
ITS Roadway Equipment Owner	Traffic Management Center User	Service Usage Agreement (hide) An agreement between the provider of a service and a user. Stipulates the terms and conditions of service usage.
ITS Roadway Equipment Owner	Traffic Operations Personnel	Application Usage Agreement (hide) An agreement in which one entity that controls an application component's use gives the other entity the necessary tools and permission to operate that application or application component.
ITS Roadway Equipment Owner	Wayside Equipment Maintainer	Maintenance Data Exchange Agreement (hide) An agreement that states one entity will provide data related to maintenance of an application component to the other entity.
ITS Roadway Equipment Owner	Wayside Equipment Operator	Application Usage Agreement (hide) An agreement in which one entity that controls an application component's use gives the other entity the necessary tools and permission to operate that application or application component.
ITS Roadway Equipment Owner	Wayside Equipment Owner	Information Exchange and Action Agreement (hide) An agreement to exchange information, which may include data or control information; the exact information to be exchanged may vary from agreement to agreement. This also includes a specification for action that shall, should or may be taken by one party in response to this information.
ITS Roadway Equipment Owner	Wayside Equipment User	Service Usage Agreement (hide) An agreement between the provider of a service and a user. Stipulates the terms and conditions of service usage.
ITS Roadway Equipment Supplier	ITS Roadway Equipment Owner	Warranty (hide) A guarantee or promise made by one entity to another, that provides assurance of the functionality and performance of a subsystem.
Maint and Constr Field Personnel	ITS Roadway Equipment	Operates (hide) A Human that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This is the person at the console or behind the wheel.
Other ITS Roadway Equipment Maintainer	Other ITS Roadway Equipment	Maintains (hide) An Enterprise administers the hardware and software that comprise the target Resource. The entity that takes the ‘maintains’ role typically is delegated authority by the entity with the “Owns” or "Manages" roles, depending on the environment. The maintainer interacts with the target Resource so as to keep that Resource in the Operational state.
Other ITS Roadway Equipment Manager	Other ITS Roadway Equipment	Manages (hide) The Enterprise that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This authority is typically delegated by the Enterprise with the "Owns" role, and commonly accomplished by delegation to Human E-Objects with the "operates", "installs" or "maintains" roles, depending on the context.
Other ITS Roadway Equipment Manager	Other ITS Roadway Equipment Operator	System Usage Agreement (hide) An agreement granting operational use of a system to a Human with the operates role responsible for management of the system.
Other ITS Roadway Equipment Operator	Other ITS Roadway Equipment	Operates (hide) A Human that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This is the person at the console or behind the wheel.
Other ITS Roadway Equipment Owner	ITS Roadway Equipment Maintainer	Maintenance Data Exchange Agreement (hide) An agreement that states one entity will provide data related to maintenance of an application component to the other entity.
Other ITS Roadway Equipment Owner	ITS Roadway Equipment Owner	Information Exchange and Action Agreement (hide) An agreement to exchange information, which may include data or control information; the exact information to be exchanged may vary from agreement to agreement. This also includes a specification for action that shall, should or may be taken by one party in response to this information.
Other ITS Roadway Equipment Owner	ITS Roadway Equipment User	Service Usage Agreement (hide) An agreement between the provider of a service and a user. Stipulates the terms and conditions of service usage.
Other ITS Roadway Equipment Owner	Maint and Constr Field Personnel	Application Usage Agreement (hide) An agreement in which one entity that controls an application component's use gives the other entity the necessary tools and permission to operate that application or application component.
Other ITS Roadway Equipment Owner	Other ITS Roadway Equipment Maintainer	System Maintenance Agreement (hide) An agreement for one party to maintain the operational status of a system on behalf of the party with ownership control of the system.
Other ITS Roadway Equipment Owner	Other ITS Roadway Equipment Manager	Operations Agreement (hide) An agreement where one entity agrees to operate a device or application on behalf of another, device/application controlling entity.
Other ITS Roadway Equipment Supplier	Other ITS Roadway Equipment Owner	Warranty (hide) A guarantee or promise made by one entity to another, that provides assurance of the functionality and performance of a subsystem.
Rail Operations Center Maintainer	Rail Operations Center	Maintains (hide) An Enterprise administers the hardware and software that comprise the target Resource. The entity that takes the ‘maintains’ role typically is delegated authority by the entity with the “Owns” or "Manages" roles, depending on the environment. The maintainer interacts with the target Resource so as to keep that Resource in the Operational state.
Rail Operations Center Manager	Rail Operations Center	Manages (hide) The Enterprise that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This authority is typically delegated by the Enterprise with the "Owns" role, and commonly accomplished by delegation to Human E-Objects with the "operates", "installs" or "maintains" roles, depending on the context.
Rail Operations Center Manager	Rail Operations Center Operator	System Usage Agreement (hide) An agreement granting operational use of a system to a Human with the operates role responsible for management of the system.
Rail Operations Center Operator	Rail Operations Center	Operates (hide) A Human that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This is the person at the console or behind the wheel.
Rail Operations Center Owner	Rail Operations Center Maintainer	System Maintenance Agreement (hide) An agreement for one party to maintain the operational status of a system on behalf of the party with ownership control of the system.
Rail Operations Center Owner	Rail Operations Center Manager	Operations Agreement (hide) An agreement where one entity agrees to operate a device or application on behalf of another, device/application controlling entity.
Rail Operations Center Supplier	Rail Operations Center Owner	Warranty (hide) A guarantee or promise made by one entity to another, that provides assurance of the functionality and performance of a subsystem.
Traffic Management Center Maintainer	Traffic Management Center	Maintains (hide) An Enterprise administers the hardware and software that comprise the target Resource. The entity that takes the ‘maintains’ role typically is delegated authority by the entity with the “Owns” or "Manages" roles, depending on the environment. The maintainer interacts with the target Resource so as to keep that Resource in the Operational state.
Traffic Management Center Manager	Traffic Management Center	Manages (hide) The Enterprise that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This authority is typically delegated by the Enterprise with the "Owns" role, and commonly accomplished by delegation to Human E-Objects with the "operates", "installs" or "maintains" roles, depending on the context.
Traffic Management Center Manager	Traffic Operations Personnel	System Usage Agreement (hide) An agreement granting operational use of a system to a Human with the operates role responsible for management of the system.
Traffic Management Center Owner	ITS Roadway Equipment Maintainer	Maintenance Data Exchange Agreement (hide) An agreement that states one entity will provide data related to maintenance of an application component to the other entity.
Traffic Management Center Owner	ITS Roadway Equipment Owner	Information Exchange Agreement (hide) An agreement to exchange information, which may include data or control information; the exact information to be exchanged may vary from agreement to agreement.
Traffic Management Center Owner	ITS Roadway Equipment User	Service Usage Agreement (hide) An agreement between the provider of a service and a user. Stipulates the terms and conditions of service usage.
Traffic Management Center Owner	Maint and Constr Field Personnel	Application Usage Agreement (hide) An agreement in which one entity that controls an application component's use gives the other entity the necessary tools and permission to operate that application or application component.
Traffic Management Center Owner	Rail Operations Center Maintainer	Maintenance Data Exchange Agreement (hide) An agreement that states one entity will provide data related to maintenance of an application component to the other entity.
Traffic Management Center Owner	Rail Operations Center Operator	Application Usage Agreement (hide) An agreement in which one entity that controls an application component's use gives the other entity the necessary tools and permission to operate that application or application component.
Traffic Management Center Owner	Rail Operations Center Owner	Information Provision Agreement (hide) An agreement where one party agrees to provide information to another party. This is a unidirectional agreement.
Traffic Management Center Owner	Rail Operations Center User	Service Usage Agreement (hide) An agreement between the provider of a service and a user. Stipulates the terms and conditions of service usage.
Traffic Management Center Owner	Traffic Management Center Maintainer	System Maintenance Agreement (hide) An agreement for one party to maintain the operational status of a system on behalf of the party with ownership control of the system.
Traffic Management Center Owner	Traffic Management Center Manager	Operations Agreement (hide) An agreement where one entity agrees to operate a device or application on behalf of another, device/application controlling entity.
Traffic Management Center Supplier	Traffic Management Center Owner	Warranty (hide) A guarantee or promise made by one entity to another, that provides assurance of the functionality and performance of a subsystem.
Traffic Operations Personnel	Traffic Management Center	Operates (hide) A Human that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This is the person at the console or behind the wheel.
Wayside Equipment Maintainer	Wayside Equipment	Maintains (hide) An Enterprise administers the hardware and software that comprise the target Resource. The entity that takes the ‘maintains’ role typically is delegated authority by the entity with the “Owns” or "Manages" roles, depending on the environment. The maintainer interacts with the target Resource so as to keep that Resource in the Operational state.
Wayside Equipment Manager	Wayside Equipment	Manages (hide) The Enterprise that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This authority is typically delegated by the Enterprise with the "Owns" role, and commonly accomplished by delegation to Human E-Objects with the "operates", "installs" or "maintains" roles, depending on the context.
Wayside Equipment Manager	Wayside Equipment Operator	System Usage Agreement (hide) An agreement granting operational use of a system to a Human with the operates role responsible for management of the system.
Wayside Equipment Operator	Wayside Equipment	Operates (hide) A Human that is accountable for performing actions with a Resource, typically in support of one of the key operations-related roles (operates, installs, maintains). This is the person at the console or behind the wheel.
Wayside Equipment Owner	ITS Roadway Equipment Maintainer	Maintenance Data Exchange Agreement (hide) An agreement that states one entity will provide data related to maintenance of an application component to the other entity.
Wayside Equipment Owner	ITS Roadway Equipment Owner	Information Exchange and Action Agreement (hide) An agreement to exchange information, which may include data or control information; the exact information to be exchanged may vary from agreement to agreement. This also includes a specification for action that shall, should or may be taken by one party in response to this information.
Wayside Equipment Owner	ITS Roadway Equipment User	Service Usage Agreement (hide) An agreement between the provider of a service and a user. Stipulates the terms and conditions of service usage.
Wayside Equipment Owner	Maint and Constr Field Personnel	Application Usage Agreement (hide) An agreement in which one entity that controls an application component's use gives the other entity the necessary tools and permission to operate that application or application component.
Wayside Equipment Owner	Wayside Equipment Maintainer	System Maintenance Agreement (hide) An agreement for one party to maintain the operational status of a system on behalf of the party with ownership control of the system.
Wayside Equipment Owner	Wayside Equipment Manager	Operations Agreement (hide) An agreement where one entity agrees to operate a device or application on behalf of another, device/application controlling entity.
Wayside Equipment Supplier	Wayside Equipment Owner	Warranty (hide) A guarantee or promise made by one entity to another, that provides assurance of the functionality and performance of a subsystem.

Functional

This service package includes the following Functional View PSpecs:

Physical Object	Functional Object	PSpec Number	PSpec Name
ITS Roadway Equipment	Roadway Basic Surveillance	1.1.1.1	Process Traffic Sensor Data
		1.1.1.7	Process Road User Protection
		1.1.2.11	Control Dynamic Lanes
		1.2.7.16	Process Signal Control Conflict Monitoring
		1.2.7.2	Monitor Roadside Equipment Operation
		1.2.7.8	Provide Device Interface to Other Roadway Devices
		1.3.1.3	Process Traffic Images
		9.3.3.1	Collect Vehicle Speed
	Roadway Signal Control	1.1.1.1	Process Traffic Sensor Data
		1.2.7.1	Process Indicator Output Data for Roads
		1.2.7.13	Provide Device Interface for Field Management Stations
		1.2.7.16	Process Signal Control Conflict Monitoring
		1.2.7.2	Monitor Roadside Equipment Operation
		1.2.7.8	Provide Device Interface to Other Roadway Devices
	Roadway Standard Rail Crossing	1.1.1.1	Process Traffic Sensor Data
		1.2.7.1	Process Indicator Output Data for Roads
		1.6.1.2.1	Control HRI Traffic Signals
		1.6.1.2.2	Control HRI Warnings and Barriers
		1.6.1.2.3	Provide SSR Device Controls
		1.6.1.2.5	Manage Device Control
		1.6.1.2.6	Maintain Device State
		1.6.1.3	Perform Equipment Self-Test
		1.6.1.4.2	Provide Closure Parameters
		1.6.1.4.4	Report HRI Status on Approach
		1.6.1.7.1	Control Traffic Volume at Active HRI
		1.6.1.7.2	Close HRI on Command
		1.6.3.1	Interact with Wayside Systems
		1.6.5.1	Provide Interactive Interface
		1.6.5.2	Determine HRI Status
		1.6.5.3	Maintain HRI Closure Data
Traffic Management Center	TMC Basic Surveillance	1.1.2.1	Process Traffic Data for Storage
		1.1.2.2	Process Traffic Data
		1.1.2.3	Update Data Source Static Data
		1.1.2.5	Process Vehicle Situation Data
		1.1.2.8	Process Roadway Environmental Data
		1.1.3	Generate Predictive Traffic Model
		1.1.4.1	Retrieve Traffic Data
		1.1.4.2	Provide Traffic Operations Personnel Traffic Data Interface
		1.1.5	Exchange Data with Other Traffic Centers
		1.2.6.1	Maintain Traffic and Sensor Static Data
		1.2.8	Collect Traffic Field Equipment Fault Data
		1.3.1.1	Analyze Traffic Data for Incidents
		1.3.2.1	Store Possible Incident Data
		1.3.2.5	Provide Current Incidents Store Interface
		1.3.2.6	Manage Traffic Routing
		1.3.4.2	Provide Traffic Operations Personnel Incident Interface
		1.3.4.5	Process Video Data
	TMC Signal Control	1.1.2.2	Process Traffic Data
		1.1.2.5	Process Vehicle Situation Data
		1.1.4.1	Retrieve Traffic Data
		1.1.4.4	Manage Traffic Archive Data
		1.1.5	Exchange Data with Other Traffic Centers
		1.2.1	Select Strategy
		1.2.2.2	Determine Indicator State for Road Management
		1.2.4.1	Output Control Data for Roads
		1.2.6.1	Maintain Traffic and Sensor Static Data
		1.2.8	Collect Traffic Field Equipment Fault Data
	TMC Standard Rail Crossing Management	1.6.2.2	Manage Alerts and Advisories
		1.6.4.1	Manage HRI Closures
		1.6.4.2	Exchange Data with Traffic Management

Physical

The physical diagram can be viewed in SVG or PNG format and the current format is SVG.
SVG Diagram
PNG Diagram

Display Legend in SVG or PNG

Includes Physical Objects:

Physical Object	Class	Description
Driver	Vehicle	The 'Driver' represents the person that operates a vehicle on the roadway. Included are operators of private, transit, commercial, and emergency vehicles where the interactions are not particular to the type of vehicle (e.g., interactions supporting vehicle safety applications). The Driver originates driver requests and receives driver information that reflects the interactions which might be useful to all drivers, regardless of vehicle classification. Information and interactions which are unique to drivers of a specific vehicle type (e.g., fleet interactions with transit, commercial, or emergency vehicle drivers) are covered by separate objects.
ITS Roadway Equipment	Field	'ITS Roadway Equipment' represents the ITS equipment that is distributed on and along the roadway that monitors and controls traffic and monitors and manages the roadway. This physical object includes traffic detectors, environmental sensors, traffic signals, highway advisory radios, dynamic message signs, CCTV cameras and video image processing systems, grade crossing warning systems, and ramp metering systems. Lane management systems and barrier systems that control access to transportation infrastructure such as roadways, bridges and tunnels are also included. This object also provides environmental monitoring including sensors that measure road conditions, surface weather, and vehicle emissions. Work zone systems including work zone surveillance, traffic control, driver warning, and work crew safety systems are also included.
MMV User	Personal	The 'MMV User' represents the person that operates a micromobility vehicle (MMV). Included are cyclists and operators of other low-powered mobility devices such as e-scooters, powered wheelchairs, and power assisted bicycles where the interactions are not particular to the type of vehicle (e.g., interactions supporting vehicle safety applications). The MMV User participates in ITS services that support safe, shared use of the transportation network by motorized and non-motorized transportation modes. Representing those using non-motorized travel modes, and in particular bicyclists that sometimes share motor vehicle lanes, these MMV users provide input (e.g. a call signal requesting right of way at an intersection) and may be detected by ITS services to improve safety. The MMV User originates requests and receives information that reflects the interactions which might be useful to all users, regardless of vehicle type.
Other ITS Roadway Equipment	Field	Representing another set of ITS Roadway Equipment, 'Other ITS Roadway Equipment' supports 'field device' to 'field device' communication and coordination, and provides a source and destination for information that may be exchanged between ITS Roadway Equipment. The interface enables direct coordination between field equipment. Examples include the direct interface between sensors and other roadway devices (e.g., Dynamic Message Signs) and the direct interface between roadway devices (e.g., between a Signal System Master and Signal System Local equipment) or a connection between an arterial signal system master and a ramp meter controller.
Pedestrian	Personal	The 'Pedestrian' represents a person traveling on foot. Pedestrians participate in ITS services that support safe, shared use of the transportation network. Included are visually impaired travelers who travel through portions of the transportation network and interact with ITS systems. They provide input (e.g. a call signal requesting right of way at an intersection) and may be detected by ITS services to improve safety
Rail Operations Center	Center	'Rail Operations Center' represents the (usually) centralized control point for a substantial segment of a freight railroad's operations and maintenance activities. It is roughly the railroad equivalent to a highway Traffic Management Center. It is the source and destination of information that can be used to coordinate rail and highway traffic management and maintenance operations. It is also the source and destination for incident, incident response, disaster, or evacuation information that is exchanged with an Emergency Management Center. The use of a single object for multiple sources and destination for information exchange with railroads implies the need for a single, consistent interface between a given railroad's operations and maintenance activities and ITS.
Traffic Management Center	Center	The 'Traffic Management Center' monitors and controls traffic and the road network. It represents centers that manage a broad range of transportation facilities including freeway systems, rural and suburban highway systems, and urban and suburban traffic control systems. It communicates with ITS Roadway Equipment and Connected Vehicle Roadside Equipment (RSE) to monitor and manage traffic flow and monitor the condition of the roadway, surrounding environmental conditions, and field equipment status. It manages traffic and transportation resources to support allied agencies in responding to, and recovering from, incidents ranging from minor traffic incidents through major disasters.
Wayside Equipment	Field	'Wayside Equipment' represents train interface equipment (usually) maintained and operated by the railroad and (usually) physically located at or near a grade crossing. It is a source and destination for information for, or about, approaching trains and their crews (e.g. the time at which the train will arrive and the time it will take to clear a crossing, crossing status or warnings, etc.). Generally one wayside equipment interface would be associated with one highway rail intersection. However, multiple crossings may be controlled using information based on data from one wayside equipment interface.

Includes Functional Objects:

Functional Object	Description	Physical Object
Roadway Basic Surveillance	'Roadway Basic Surveillance' monitors traffic conditions using fixed equipment such as loop detectors and CCTV cameras.	ITS Roadway Equipment
Roadway Signal Control	'Roadway Signal Control' includes the field elements that monitor and control signalized intersections. It includes the traffic signal controllers, detectors, conflict monitors, signal heads, and other ancillary equipment that supports traffic signal control. It also includes field masters, and equipment that supports communications with a central monitoring and/or control system, as applicable. The communications link supports upload and download of signal timings and other parameters and reporting of current intersection status. It represents the field equipment used in all levels of traffic signal control from basic actuated systems that operate on fixed timing plans through adaptive systems. It also supports all signalized intersection configurations, including those that accommodate pedestrians. In advanced, future implementations, environmental data may be monitored and used to support dilemma zone processing and other aspects of signal control that are sensitive to local environmental conditions.	ITS Roadway Equipment
Roadway Standard Rail Crossing	'Roadway Standard Rail Crossing' manages highway traffic at highway-rail intersections (HRIs) where operational requirements do not dictate advanced features (e.g., where rail operational speeds are less than 80 miles per hour). Either passive (e.g., the crossbuck sign) or active warning systems (e.g., flashing lights and gates) are supported depending on the specific requirements for each intersection. These traditional HRI warning systems may also be augmented with other standard traffic management devices. The warning systems are activated on notification of an approaching train by interfaced wayside equipment. The equipment at the HRI may also be interconnected with adjacent signalized intersections so that local control can be adapted to highway-rail intersection activities. Health monitoring of the HRI equipment and interfaces is performed; detected abnormalities are reported through interfaces to the wayside interface equipment and the Traffic Management Center.	ITS Roadway Equipment
TMC Basic Surveillance	'TMC Basic Surveillance' remotely monitors and controls traffic sensor systems and surveillance (e.g., CCTV) equipment, and collects, processes and stores the collected traffic data. Current traffic information and other real-time transportation information is also collected from other centers. The collected information is provided to traffic operations personnel and made available to other centers.	Traffic Management Center
TMC Signal Control	'TMC Signal Control' provides the capability for traffic managers to monitor and manage the traffic flow at signalized intersections. This capability includes analyzing and reducing the collected data from traffic surveillance equipment and developing and implementing control plans for signalized intersections. Control plans may be developed and implemented that coordinate signals at many intersections under the domain of a single Traffic Management Center and are responsive to traffic conditions and adapt to support incidents, preemption and priority requests, pedestrian crossing calls, etc.	Traffic Management Center
TMC Standard Rail Crossing Management	'TMC Standard Rail Crossing Management' monitors and controls rail crossing traffic control equipment. This version provides basic support for standard active warning systems at grade crossings. It remotely monitors and reports the status of the rail crossing equipment and sends control plan updates to the equipment.	Traffic Management Center

Includes Information Flows:

Information Flow	Description
crossing call	Non-motorized user request to cross the roadway. This is an overt request from a pedestrian, micromobility vehicle user (e.g., cyclist), or other vulnerable road user. This overt request may be a physical button push or hovering or gesturing in the vicinity of the button that supports contactless activation.
crossing permission	Information provided to guide and warn pedestrians, micromobility vehicle users (e.g., cyclists), and other crosswalk users. It includes crossing request acknowledgment, current crossing permission, crossing time remaining, and real-time warnings of safety threats.
driver information	Regulatory, warning, guidance, and other information provided to the driver to support safe and efficient vehicle operation.
rail crossing advisories	Notification of Highway-Rail Intersection equipment failure, intersection blockage, or other condition requiring attention, and maintenance activities at or near highway rail intersections.
rail crossing control data	Data required for HRI information transmitted at railroad grade crossings and within railroad operations.
rail crossing operational status	Status of the highway-rail grade crossing equipment including both the current state or mode of operation and the current equipment condition.
rail crossing request	A request for highway-rail intersection status or a specific control request intended to modify HRI operation.
rail crossing status	Status of the highway-rail intersection equipment including both the current state or mode of operation and the current equipment condition.
right-of-way request coordination	The direct flow of information between field equipment. This includes notification of crossing calls from pedestrians and other vulnerable road users and requests for signal prioritization or preemption, and any other request for right-of-way at an intersection. The status of the request is also shared. For vulnerable road users, this includes information provided to guide and warn vulnerable road users at crossings including crossing permission status and crossing time remaining.
right-of-way request notification	Notice that a request has occurred for signal prioritization, signal preemption, pedestrian call, multi-modal crossing activation, or other source for right-of-way.
signal control commands	Control of traffic signal controllers or field masters including clock synchronization.
signal control coordination	The direct flow of information between field equipment. This includes configuration and control of traffic signal controllers or field masters. Configuration data and operational status of traffic signal control equipment including operating condition and current indications are returned.
signal control status	Operational and status data of traffic signal control equipment including operating condition and current indications.
track status	Current status of the wayside equipment and notification of an arriving train.
traffic detector control	Information used to configure and control traffic detector systems such as inductive loop detectors and machine vision sensors.
traffic detector coordination	The direct flow of information between field equipment. This includes information used to configure and control traffic detector systems such as inductive loop detectors and machine vision sensors Raw and/or processed traffic detector data is returned that allows derivation of traffic flow variables (e.g., speed, volume, and density measures) and associated information (e.g., congestion, potential incidents). This flow includes the traffic data and the operational status of the traffic detectors
traffic detector data	Raw and/or processed traffic detector data which allows derivation of traffic flow variables (e.g., speed, volume, and density measures) and associated information (e.g., congestion, potential incidents). This flow includes the traffic data and the operational status of the traffic detectors
traffic image meta data	Meta data that describes traffic images. Traffic images (video) are in another flow.
traffic images	High fidelity, real-time traffic images suitable for surveillance monitoring by the operator or for use in machine vision applications. This flow includes the images. Meta data that describes the images is contained in another flow.
video surveillance control	Information used to configure and control video surveillance systems.
video surveillance coordination	The direct flow of information between field equipment. This includes information used to configure and control video surveillance systems and the high fidelity, real-time traffic images and associated meta data that are returned.

Goals and Objectives

Associated Planning Factors and Goals

Planning Factor	Goal

Associated Objective Categories

Objective Category

Associated Objectives and Performance Measures

Objective	Performance Measure

Since the mapping between objectives and service packages is not always straight-forward and often situation-dependent, these mappings should only be used as a starting point. Users should do their own analysis to identify the best service packages for their region.

Needs and Requirements

Need		Functional Object	Requirement

Related Sources

Document Name	Version	Publication Date
None

Security

In order to participate in this service package, each physical object should meet or exceed the following security levels.

Physical Object Security
Physical Object	Confidentiality	Integrity	Availability	Security Class
ITS Roadway Equipment
Other ITS Roadway Equipment
Rail Operations Center
Traffic Management Center
Wayside Equipment

In order to participate in this service package, each information flow triple should meet or exceed the following security levels.

Information Flow Security
Source	Destination	Information Flow	Confidentiality	Integrity	Availability
Source	Destination	Information Flow	Basis	Basis	Basis
ITS Roadway Equipment	Driver	driver information	Not Applicable	High	Moderate
ITS Roadway Equipment	Driver	driver information	This data is sent to all drivers and is also directly observable, by design.	This is the primary signal trusted by the driver to decide whether to go through the intersection and what speed to go through the intersection at; if it’s wrong, accidents could happen.	If the lights are out you have to get a policeman to direct traffic – expensive and inefficient and may cause a cascading effect due to lack of coordination with other intersections.
ITS Roadway Equipment	MMV User	crossing permission	Not Applicable	High	Low
ITS Roadway Equipment	MMV User	crossing permission	This data is intentionally transmitted to everyone via a broadcast.	Although pedestrians have a responsibility to make sure the road is safe before they cross, they may react instinctively to incorrect information and be led to cross at unsafe times if they get incorrect information. Also, if the traffic signals are wrong and an accident happens, the pedestrian involved could sue, causing financial loss and other undesirable outcomes.	It is easy to tell whether this information flow is available and pedestrians are used to using crosswalks that do not provide this service.
ITS Roadway Equipment	Other ITS Roadway Equipment	right-of-way request coordination	Moderate	Moderate	Moderate
ITS Roadway Equipment	Other ITS Roadway Equipment	right-of-way request coordination	Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH.
ITS Roadway Equipment	Other ITS Roadway Equipment	signal control coordination	Moderate	Moderate	Moderate
ITS Roadway Equipment	Other ITS Roadway Equipment	signal control coordination	Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH.
ITS Roadway Equipment	Other ITS Roadway Equipment	traffic detector coordination	Moderate	Moderate	Low
ITS Roadway Equipment	Other ITS Roadway Equipment	traffic detector coordination	Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH.
ITS Roadway Equipment	Other ITS Roadway Equipment	video surveillance coordination	Moderate	Moderate	Moderate
ITS Roadway Equipment	Other ITS Roadway Equipment	video surveillance coordination	Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH.
ITS Roadway Equipment	Pedestrian	crossing permission	Not Applicable	High	Low
ITS Roadway Equipment	Pedestrian	crossing permission	This data is intentionally transmitted to everyone via a broadcast.	Although pedestrians have a responsibility to make sure the road is safe before they cross, they may react instinctively to incorrect information and be led to cross at unsafe times if they get incorrect information. Also, if the traffic signals are wrong and an accident happens, the pedestrian involved could sue, causing financial loss and other undesirable outcomes.	It is easy to tell whether this information flow is available and pedestrians are used to using crosswalks that do not provide this service.
ITS Roadway Equipment	Traffic Management Center	rail crossing status	Moderate	Moderate	Moderate
ITS Roadway Equipment	Traffic Management Center	rail crossing status	This information could be of interest to a malicious individual who is attempting to determine the best way to accomplish a crime. As such it would be best to not make it easily accessible.	If this is compromised, it could send unnecessary maintenance workers, or suggest actions that are incorrect for the true situation.	This information is important, but if it is not reported there are other safety systems that should prevent related incidents. The impact of any rail/road intersection is particularly high, but in this case a MODERATE rating can be justified by the alternative mechanisms.
ITS Roadway Equipment	Traffic Management Center	right-of-way request notification	Low	Moderate	Moderate
ITS Roadway Equipment	Traffic Management Center	right-of-way request notification	This can be reasonably guessed based on observing the ITS RE’s environment. It is obvious when a bus approaches an intersection.	Invalid messages could lead to an unauthorized user gaining signal priority at an intersection. This could also be used to delay traffic, which could lead to a financial impact on the community. However, the traffic signal will have controls in place to ensure that it does not display an illegal configuration (such as green in every direction).	Even if all of the Right-of-way Requests are not passed along from an ITS RE, the intersection will still operate as normal. There are other existing methods to assist a right-of-way requesting vehicle safely traveling through an intersection, such as lights and sirens, which prevent this from being a HIGH. DISC: THEA and NYC believe this to be LOW: "not necessary for the app to work; can cope with not having immediately available data"
ITS Roadway Equipment	Traffic Management Center	signal control status	Low	High	Moderate
ITS Roadway Equipment	Traffic Management Center	signal control status	The current conditions of an ITS RE are completely observable, by design.	This influences the TMC response to a right-of-way request. It should be as accurate as the right-of-way request themselves. For some applications (ISIG) this need only be moderate. Per THEA: info needs to be accurate and should not be tampered to enable effective monitoring and control by the TMC. DISC: THEA believes this to be MODERATE: "info needs to be accurate and should not be tampered to enable effective monitoring and control by the TMC; should be as accurate as the right of way request". NYC:TMC doesn’t play an active role in this application, i.e. even if the information contained in this flow were incorrect, it is unlikely to affect the outcome of this application one way or the other. On some applications NYC has this MODERATE though. RES: This value can obviously change a lot depending on the application context.	The TMC will need the current status of the ITS RE in order to make an educated decision. If it is unavailable, the system is unable to operate. However, a few missed messages will not have a catastrophic impact. From NYC: TMC doesn’t play an active role in this application, i.e. even if it is unavailable, it is unlikely to affect the outcome of this application one way or the other. RES: This value can change a lot depending on the application context.
ITS Roadway Equipment	Traffic Management Center	traffic detector data	Low	Moderate	Moderate
ITS Roadway Equipment	Traffic Management Center	traffic detector data	No impact if someone sees the data	Some minimal guarantee of data integrity is necessary for all C-ITS flows. THEA believes this to be LOW.only limited adverse effect if raw/processed traffic detector data is bad/compromised; DISC: WYO believes this to be HIGH	Only limited adverse effect of info is not timely/readily available, however without this information it will be difficult to perform traffic management activities, thus MODERATE. If not used for management, may be LOW.
ITS Roadway Equipment	Traffic Management Center	traffic image meta data	Low	Moderate	Moderate
ITS Roadway Equipment	Traffic Management Center	traffic image meta data	Traffic image data is generally intended for public consumption, and in any event is already video captured in the public arena, so this must be LOW.	While accuracy of this data is important for decision making purposes, applications should be able to cfunction without it. Thus MODERATE generally.	While accuracy of this data is important for decision making purposes, applications should be able to function without it. Thus MODERATE generally.
ITS Roadway Equipment	Traffic Management Center	traffic images	Low	Moderate	Low
ITS Roadway Equipment	Traffic Management Center	traffic images	Traffic image data is generally intended for public consumption, and in any event is already video captured in the public arena, so this must be LOW.	Generally transportation coordination information should be correct between source and destination, or inappropriate actions may be taken.	While useful, there is no signficant impact if this flow is not available.
ITS Roadway Equipment	Wayside Equipment	rail crossing operational status	Moderate	Moderate	Moderate
ITS Roadway Equipment	Wayside Equipment	rail crossing operational status	This information could be of interest to a malicious individual who is attempting to determine the best way to accomplish a crime. As such it would be best to not make it easily accessible.	If this is compromised, it could send unnecessary maintenance workers, or suggest actions that are incorrect for the true situation.	This information is important, but if it is not reported there are other safety systems that should prevent related incidents. The impact of any rail/road intersection is particularly high, but in this case a MODERATE rating can be justified by the alternative mechanisms.
MMV User	ITS Roadway Equipment	crossing call	Not Applicable	High	Low
MMV User	ITS Roadway Equipment	crossing call	The "Not Applicable" group includes information flows that do not actually carry information; for example, flows that represent the physical environment.	Although pedestrians have a responsibility to make sure the road is safe before they cross, and should ensure that they are detected by pedestrian detection systems, they may not always be detected and be led to cross at unsafe times if the ITS RE obtains incorrect information.	It is easy to tell whether this information flow is available and pedestrians are used to using crosswalks that do not provide this service.
Other ITS Roadway Equipment	ITS Roadway Equipment	right-of-way request coordination	Moderate	Moderate	Moderate
Other ITS Roadway Equipment	ITS Roadway Equipment	right-of-way request coordination	Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH.
Other ITS Roadway Equipment	ITS Roadway Equipment	signal control coordination	Moderate	Moderate	Moderate
Other ITS Roadway Equipment	ITS Roadway Equipment	signal control coordination	Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH.
Other ITS Roadway Equipment	ITS Roadway Equipment	traffic detector coordination	Moderate	Moderate	Low
Other ITS Roadway Equipment	ITS Roadway Equipment	traffic detector coordination	Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH.
Other ITS Roadway Equipment	ITS Roadway Equipment	video surveillance coordination	Moderate	Moderate	Moderate
Other ITS Roadway Equipment	ITS Roadway Equipment	video surveillance coordination	Any control flow has some confidentiality requirement, as observation of the flow may enable an attacker to analyze and learn how to assume control. MODERATE for most flows as the potential damage is likely contained, though anything that could have a significant safety impact may be assigned HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH.	Since this directly impacts device control, we consider it the same as a control flow. Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH.
Pedestrian	ITS Roadway Equipment	crossing call	Not Applicable	High	Low
Pedestrian	ITS Roadway Equipment	crossing call	The "Not Applicable" group includes information flows that do not actually carry information; for example, flows that represent the physical environment.	Although pedestrians have a responsibility to make sure the road is safe before they cross, and should ensure that they are detected by pedestrian detection systems, they may not always be detected and be led to cross at unsafe times if the ITS RE obtains incorrect information.	It is easy to tell whether this information flow is available and pedestrians are used to using crosswalks that do not provide this service.
Traffic Management Center	ITS Roadway Equipment	rail crossing control data	Moderate	High	Moderate
Traffic Management Center	ITS Roadway Equipment	rail crossing control data	Control flows, even for seemingly innocent devices, should be kept confidential to minimize attack vectors. While an individual installation may not be particularly impacted by a cyberattack of its sensor network, another installation might be severely impacted, and different installations are likely to use similar methods, so compromising one leads to compromising all.	Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH.	Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH.
Traffic Management Center	ITS Roadway Equipment	rail crossing request	Moderate	Moderate	Moderate
Traffic Management Center	ITS Roadway Equipment	rail crossing request	This information could be of interest to a malicious individual who is attempting to determine the best way to accomplish a crime. As such it would be best to not make it easily accessible.	If this is compromised, it could send unnecessary maintenance workers, or suggest actions that are incorrect for the true situation.	This information is important, but if it is not reported there are other safety systems that should prevent related incidents. The impact of any rail/road intersection is particularly high, but in this case a MODERATE rating can be justified by the alternative mechanisms.
Traffic Management Center	ITS Roadway Equipment	signal control commands	Moderate	High	Moderate
Traffic Management Center	ITS Roadway Equipment	signal control commands	Control flows, even for seemingly innocent devices, should be kept confidential to minimize attack vectors. While an individual installation may not be particularly impacted by a cyberattack of its sensor network, another installation might be severely impacted, and different installations are likely to use similar methods, so compromising one leads to compromising all. DISC: NYC believes this to be LOW: "The result of this will be directly observable."	Invalid messages could lead to an unauthorized user gaining control of an intersection. This could also be used to bring traffic to a standstill, which could lead to a large financial impact on the community. DISC: NYC believes this to be MODERATE: The signal timing is critical to the intersection operation; incorrect signal timing can lead to significant congestion and unreliable operation; while unsafe operation is controlled by the cabinet monitoring system, attackers could “freeze” the signal or call a preemption. RES: This will vary depending on the application and implementation.	These messages are important to help with preemption and signal priority applications. Without them, these applications mayl not work. However, if these signals are not received, the ITS RE will continue to function using its default configuration. The TMC should have an acknowledgement of the receipt of a message. DISC: NYC blieves this to be LOW: TMC doesn’t play an active role in this application, i.e. even if it is unavailable, it is unlikely to affect the outcome of this application one way or the other. RES: This will vary depending on the application and implementation.
Traffic Management Center	ITS Roadway Equipment	traffic detector control	Moderate	Moderate	Low
Traffic Management Center	ITS Roadway Equipment	traffic detector control	Control flows, even for seemingly innocent devices, should be kept confidential to minimize attack vectors. While an individual installation may not be particularly impacted by a cyberattack of its sensor network, another installation might be severely impacted, and different installations are likely to use similar methods, so compromising one leads to compromising all. DISC: THEA, WYO believe this to be LOW: encrypted, authenticated, proprietary; but should not cause severe damage if seen	Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH.. From THEA: should be accurate and not be tampered with; could enable outside control of traffic sensors but should not cause severe harm, but could cause issues with traffic sensor data received and be detrimental to operations	Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH.. From THEA: want updates but delayed information will not be severe; should be able to operate from a previous/default control/config. DISC: WYO believes this to be MODERATE
Traffic Management Center	ITS Roadway Equipment	video surveillance control	Moderate	Moderate	Moderate
Traffic Management Center	ITS Roadway Equipment	video surveillance control	Control flows, even for seemingly innocent devices, should be kept confidential to minimize attack vectors. While an individual installation may not be particularly impacted by a cyberattack of its sensor network, another installation might be severely impacted, and different installations are likely to use similar methods, so compromising one leads to compromising all.	Control flows, even for seemingly innocent devices, should have MODERATE integrity at minimum, just to guarantee that intended control messages are received. Incorrect, corrupted, intercepted and modified control messages can or will result in target field devices not behaving according to operator intent. The severity of this depends on the type of device, which is why some devices are set MODERATE and some HIGH.	Control flow availability is related to the criticality of being able to remotely control the device. For most devices, this is MODERATE. For purely passive devices with no incident relationship, this will be LOW. All devices should have default modes that enable them to operate without backhaul connectivity, so no device warrants a HIGH.
Traffic Management Center	Rail Operations Center	rail crossing advisories	Moderate	Moderate	Moderate
Traffic Management Center	Rail Operations Center	rail crossing advisories	May contain sensitive information about the highway-rail intersection area. If intercepted by a third party, could be used to embarras the relevant stakeholders, or as contributing information toward target selection (if for example a piece of monitoring equipment was listed as non-functional).	This will trigger maintenance activity, so it must be correct or such activities will not be properly scheduled and resources suboptimally assgned. If unavailable or modified, may negatively contribute to mobility and safety.	This will trigger maintenance activity, so it must be correct or such activities will not be properly scheduled and resources suboptimally assgned. If unavailable or modified, may negatively contribute to mobility and safety.
Wayside Equipment	ITS Roadway Equipment	track status	Low	Moderate	Moderate
Wayside Equipment	ITS Roadway Equipment	track status	Track status is typically physically viewable information.	This information is important, but if it is incorrect there are other safety systems that should prevent related incidents. The impact of any rail/road intersection is particularly high, but in this case a MODERATE rating can be justified by the alternative mechanisms.	This information is important, but if it is not reported there are other safety systems that should prevent related incidents. The impact of any rail/road intersection is particularly high, but in this case a MODERATE rating can be justified by the alternative mechanisms.

Standards

The following table lists the standards associated with physical objects in this service package. For standards related to interfaces, see the specific information flow triple pages. These pages can be accessed directly from the SVG diagram(s) located on the Physical tab, by clicking on each information flow line on the diagram.

Name	Title	Physical Object
ITE 5201 ATC	Advanced Transportation Controller	ITS Roadway Equipment
ITE 5202 ATC Model 2070	Model 2070 Controller Standard	ITS Roadway Equipment
ITE 5301 ATC ITS Cabinet	Intelligent Transportation System Standard Specification for Roadside Cabinets	ITS Roadway Equipment
ITE 5401 ATC API	Application Programming Interface Standard for the Advanced Transportation Controller	ITS Roadway Equipment
NEMA TS 8 Cyber and Physical Security	Cyber and Physical Security for Intelligent Transportation Systems	ITS Roadway Equipment
NEMA TS 8 Cyber and Physical Security		Traffic Management Center
NEMA TS2 Traffic Controller Assemblies	Traffic Controller Assemblies with NTCIP Requirements	ITS Roadway Equipment

System Requirements

No System Requirements