Office of Operations
21st Century Operations Using 21st Century Technologies

Transportation Management Center Information Technology Security


The Federal Highway Administration (FHWA) Office of Operations (HOP) is pleased to present this guide on Transportation Management Center (TMC) Information Technology (IT) Security.

TMCs and Intelligent Transportation System (ITS) infrastructure are designed with technologies such as Ethernet IP-enabled networks and wireless connectivity capabilities. While such technologies are designed to provide needed communications to support transportation management and operations, the advancements in communications technology result in TMCs and ITS devices no longer functioning as closed systems, thus increasing the e-enabled threats and risks to these transportation facilities and infrastructure. This report serves as technical guidelines for TMCs on improving IT security for their facilities, networks, workstations, servers, data storage, peripherals, and operations. The report will help agencies in mitigating the risks from cyber-attacks on the TMCs and associated servers, peripherals and communications network infrastructure. The report offers recommended strategies and actions to address both short term and long term issues.

This publication's status is: final.


This document is disseminated under the sponsorship of the U.S. Department of Transportation in the interest of information exchange. The U.S. Government assumes no liability for the use of the information contained in this document. This report does not constitute a standard, specification, or regulation.

The U.S. Government does not endorse products or manufacturers. Trademarks or manufacturers' names may appear in this report only because they are considered essential to the objective of the document.

Quality Assurance Statement

The Federal Highway Administration (FHWA) provides high-quality information to serve Government, industry, and the public in a manner that promotes public understanding. Standards and policies are used to ensure and maximize the quality, objectivity, utility, and integrity of its information. FHWA periodically reviews quality issues and adjusts its programs and processes for continuous quality improvement.

Technical Report Documentation Page

1. Report No.


2. Government Accession No.

3. Recipient's Catalog No.

4. Title and Subtitle

Transportation Management Center Information Technology Security

5. Report Date

September 2019

6. Performing Organization Code

7. Author(s)

Alan Toppen, Jon Chambers, Armand Ciccarelli, Laura Gomez-Martin, Chris Daywalt, Kodi Berger

8. Performing Organization Report No.

9. Performing Organization Name and Address

Kimley-Horn, Reston, Virginia
Skyline Technology Solutions, Glen Burnie, Maryland

Under Contract to:

Cambridge Systematics, Inc.
3 Bethesda Metro Center, Suite 1200
Bethesda, MD 20814

10. Work Unit No. (TRAIS)

11. Contract or Grant No.


12. Sponsoring Agency Name and Address

U.S. Department of Transportation
Federal Highway Administration
Office of Operations (HOP)
1200 New Jersey Avenue, SE
Washington, DC 20590

13. Type of Report and Period Covered

Final Report

14. Sponsoring Agency Code


15. Supplementary Notes

Task Order Contracting Officer's Representative (TOCOR)—Jimmy Chu

16. Abstract

Cybersecurity is a growing concern worldwide. Over the past several years, much focus has been placed on critical infrastructure providers and their ability to implement cybersecurity in order to continue providing critical services. Traffic Management Centers (TMCs) and Intelligent Transportation Systems (ITS) infrastructure leverage modern communications systems to support transportation management and operations. As a result, TMCs and ITS devices no longer function as closed systems, thus increasing the risk of cyber threats to these transportation facilities and infrastructure.

This report has been developed based on best practices within the industry to reflect the reality within TMCs, while pushing for improvements where necessary with a primary focus on the NIST (National Institute of Standards and Technology) Cybersecurity Framework and CIS (Center for Internet Security) Top 20 Controls. Through this report, TMCs will gain insight into basic practices that serve as a starting point or baseline for organizations with limited resources and cybersecurity expertise, as well as guidelines for TMCs looking to increase their system maturity.

17. Key Words

Cybersecurity, internet, traffic management centers, standards, technology

18. Distribution Statement

No restrictions.

19. Security Classif. (of this report)


20. Security Classif. (of this page)


21. No of Pages


22. Price

Form DOT F 1700.7 (8-720
Reproduction of completed pages authorized

SI (Modern Metric) Conversion Factors

Approximate Conversions to SI Units
Symbol When You Know Multiply By To Find Symbol
in inches 25.4 millimeters mm
ft feet 0.305 meters m
yd yards 0.914 meters m
mi miles 1.61 kilometers km
in2 square inches 645.2 square millimeters mm2
ft2 square feet 0.093 square meters m2
yd2 square yard 0.836 square meters m2
ac acres 0.405 hectares ha
mi2 square miles 2.59 square kilometers km2
fl oz fluid ounces 29.57 milliliters mL
gal gallons 3.785 liters L
ft3 cubic feet 0.028 cubic meters m3
yd3 cubic yards 0.765 cubic meters m3
NOTE: volumes greater than 1000 L shall be shown in m3
oz ounces 28.35 grams g
lb pounds 0.454 kilograms kg
T short tons (2000 lb) 0.907 megagrams (or "metric ton") Mg (or "t")
Temperature (exact degrees)
°F Fahrenheit 5 (F-32)/9 or (F-32)/1.8 Celsius °C
fc foot-candles 10.76 lux lx
fl foot-Lamberts 3.426 candela/m2 cd/m2
Force and Pressure or Stress
lbf poundforce 4.45 newtons N
lbf/in2 poundforce per square inch 6.89 kilopascals kPa

Approximate Conversions from SI Units
Symbol When You Know Multiply By To Find Symbol
mm millimeters 0.039 inches in
m meters 3.28 feet ft
m meters 1.09 yards yd
km kilometers 0.621 miles mi
mm2 square millimeters 0.0016 square inches in2
m2 square meters 10.764 square feet ft2
m2 square meters 1.195 square yards yd2
ha hectares 2.47 acres ac
km2 square kilometers 0.386 square miles mi2
mL milliliters 0.034 fluid ounces fl oz
L liters 0.264 gallons gal
m3 cubic meters 35.314 cubic feet ft3
m3 cubic meters 1.307 cubic yards yd3
g grams 0.035 ounces oz
kg kilograms 2.202 pounds lb
Mg (or "t") megagrams (or "metric ton") 1.103 short tons (2000 lb) T
Temperature (exact degrees)
°C Celsius 1.8C+32 Fahrenheit °F
lx lux 0.0929 foot-candles fc
cd/m2 candela/m2 0.2919 foot-Lamberts fl
Force and Pressure or Stress
N newtons 02.225 poundforce lbf
kPa kilopascals 0.145 poundforce per square inch lbf/in2

Note: SI is the symbol for the International System of Units. Appropriate rounding should be made to comply with Section 4 of ASTM E380. (Revised March 2003)

Office of Operations