Securing the Road Ahead: The Intersection of Cybersecurity and Intelligent Transportation
Securing the Road Ahead: The Intersection of Cybersecurity and Intelligent Transportation
Securing the Road Ahead: The Intersection of Cybersecurity and Intelligent Transportation
Reflecting on the incredible energy from our recent Cybersecurity Seminar at Morgan State University, one thing is clear: the future of transportation is digital, and it must be secure.
It was a privilege to join colleagues and students to discuss the critical work being led by the National Transportation Center and the SMARTER Center here at Morgan State. As the Chief Information Security Officer (CISO) for the university, seeing the depth of research and collaboration happening on our campus is inspiring. We aren’t just discussing the future; we are actively architecting the safety protocols that will define it.
The conversations we had went far beyond standard IT security. We tackled the real-world implications of securing a transportation grid that is becoming increasingly autonomous and interconnected.
In light of those discussions, I wanted to share a few key takeaways on why this specific domain—Transportation Cybersecurity—is becoming one of the most critical fields in our industry.
The Road Ahead: Why Transportation Cybersecurity Matters
A Brief Overview of the Threat Landscape
As our vehicles and infrastructure evolve into “data centers on wheels,” the attack surface expands exponentially. Transportation cybersecurity is no longer just about protecting user data; it is about physical safety and operational resilience.
Here are the three core pillars we are focusing on:
1. The V2X Vulnerability (Vehicle-to-Everything) Modern transit systems rely on constant communication—Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I). While this connectivity reduces accidents and improves traffic flow, it also creates entry points for malicious actors. Securing the integrity of these messages is paramount to prevent “spoofing” attacks that could confuse autonomous systems.
2. AI and Sensor Security The SMARTER Center is doing fascinating work with technologies like LiDAR. However, from a security perspective, we must ensure these sensors cannot be jammed or fed false data. Adversarial Machine Learning—where attackers trick AI into misinterpreting a stop sign or an obstacle—is a tangible threat we must defend against.
3. Infrastructure Resilience It is not just about the car; it is about the traffic lights, the charging stations, and the grid. A cyberattack on transportation infrastructure can paralyze a city more effectively than a physical blockade. Our approach to “smart cities” must be “secure cities” first.
Moving Forward
At Morgan State, we are committed to being at the forefront of this research. The work being done by the National Transportation Center is critical, not just for Maryland, but for the national conversation on critical infrastructure protection.
I look forward to supporting these initiatives and ensuring that as we build faster and smarter, we also build safer.
Strategic Recommendations for Transportation Security
- Adopt a “Zero Trust” Mindset for V2X: We cannot assume that every signal received by a vehicle is legitimate. Whether it’s Vehicle-to-Vehicle (V2V) or Vehicle-to-Infrastructure (V2I), every message must be authenticated and encrypted. A “trust but verify” approach helps prevent spoofing attacks that could trick an autonomous vehicle into seeing a green light where there is none.
- Harden the Sensors (LiDAR & Vision): As we discussed regarding the SMARTER Center’s research, modern vehicles rely on what they “see.” We must develop defenses against Adversarial Machine Learning—where attackers use specially crafted images or signals to confuse AI sensors. If the eyes of the car can be fooled, the brain of the car makes fatal decisions.
- Secure the Supply Chain (Software Bill of Materials): A modern vehicle has more lines of code than a fighter jet, sourced from hundreds of different vendors. We need strict visibility into the Software Bill of Materials (SBOM) to ensure that a vulnerability in a third-party component (like a braking controller or infotainment unit) doesn’t compromise the entire vehicle.
- Segregate Critical Safety Systems: The systems that control steering and braking should never sit on the same network segment as the entertainment system or the Wi-Fi. Rigorous network segmentation within the vehicle architecture is non-negotiable to prevent a hacker from pivoting from a Bluetooth connection to the engine control unit.
- Resilience for “Smart” Infrastructure: It’s not just about the cars; it’s about the grid they connect to. Traffic signals, charging stations, and smart road sensors are now part of the attack surface. We must ensure these edge devices are patched, monitored, and capable of failing safely (fail-safe mode) if they lose connection or are attacked.
About Author
