This solution is used within the U.S.. It combines standards associated with US: NTCIP Data Collection with those for I-F: SNMPv3/TLS. The US: NTCIP Data Collection standards include upper-layer standards required to implement center-to-field communications for data collection and monitoring of traffic characteristics (e.g., non-real-time data). The I-F: SNMPv3/TLS standards include lower-layer standards that support secure center-to-field and field-to-field communications using simple network management protocol (SNMPv3); implementations are strongly encouraged to use the TLS for SNMP security option for this solution to ensure adequate security.
| Level | DocNum | FullName | Description |
|---|---|---|---|
| Mgmt | NTCIP 1201 | NTCIP Global Object (GO) Definitions | This standard defines SNMP objects (data elements) used by a wide range of field devices like time and versioning information. |
| Mgmt | IETF RFC 3411 | An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks | This standard (RFC) defines the basic architecture for SNMPv3 and includes the definition of information objects for managing the SNMP entity's architecture. |
| Mgmt | IETF RFC 3412 | Message Processing and Dispatching for the Simple Network Management Protocol (SNMP) | This standard (RFC) contains a MIB that assists in managing the message processing and dispatching subsystem of an SNMP entity. |
| Mgmt | IETF RFC 3413 | Simple Network Management Protocol (SNMP) Applications | This standard (RFC) includes MIBs that allow for the configuration and management of remote Targets, Notifications, and Proxys. |
| Mgmt | IETF RFC 3414 | User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) | This standard (RFC) contains a MIB that assists in configuring and managing the user-based security model. |
| Mgmt | IETF RFC 3415 | View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP) | This standard (RFC) contains a MIB that supports the configuration and management of the View-based access control model of SNMP. |
| Mgmt | IETF RFC 3416 | Version 2 of the Protocol Operations for the Simple Network Management Protocol (SNMP) | This standard (RFC) defines the message structure and protocol operations used by SNMPv3. |
| Mgmt | IETF RFC 3418 | Management Information Base (MIB) for the Simple Network Management Protocol (SNMP) | This standard (RFC) defines the MIB to configure and manage an SNMP entity. |
| Mgmt | IETF RFC 4293 | Management Information Base for the Internet Protocol (IP) | This standard (RFC) defines the MIB that manages an IP entity. |
| Security | IETF RFC 6353 | Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP) | This standard (RFC) defines how to use the TLS authentication service to provide authentication within the access control mechanism of SNMP. |
| ITS Application Entity | NTCIP 1206 | NTCIP Object Definitions for Data Collection | This standard defines SNMP objects (data elements) for data collection and monitoring (DCM) equipment. |
| ITS Application Entity | NTCIP 1209 | NTCIP Object Definitions for Transportation Sensor Systems (TSS) | This standard defines SNMP objects (data elements) to monitor and control transportation system sensors that measure real-time vehicular traffic information. |
| Facilities | NTCIP 1206 | NTCIP Object Definitions for Data Collection | This standard defines SNMP objects (data elements) for data collection and monitoring (DCM) equipment. |
| Facilities | NTCIP 1209 | NTCIP Object Definitions for Transportation Sensor Systems (TSS) | This standard defines SNMP objects (data elements) to monitor and control transportation system sensors that measure real-time vehicular traffic information. |
| Facilities | IETF RFC 3411 | An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks | This standard (RFC) defines the basic architecture for SNMPv3 and includes the definition of information objects for managing the SNMP entity's architecture. |
| Facilities | IETF RFC 3412 | Message Processing and Dispatching for the Simple Network Management Protocol (SNMP) | This standard (RFC) contains a MIB that assists in managing the message processing and dispatching subsystem of an SNMP entity. |
| Facilities | IETF RFC 3413 | Simple Network Management Protocol (SNMP) Applications | This standard (RFC) includes MIBs that allow for the configuration and management of remote Targets, Notifications, and Proxys. |
| Facilities | IETF RFC 3414 | User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) | This standard (RFC) contains a MIB that assists in configuring and managing the user-based security model. |
| Facilities | IETF RFC 3415 | View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP) | This standard (RFC) contains a MIB that supports the configuration and management of the View-based access control model of SNMP. |
| Facilities | IETF RFC 3416 | Version 2 of the Protocol Operations for the Simple Network Management Protocol (SNMP) | This standard (RFC) defines the message structure and protocol operations used by SNMPv3. |
| TransNet | IETF RFC 2460 | Internet Protocol, Version 6 (IPv6) Specification | This standard (RFC) specifies version 6 of the Internet Protocol (IPv6), also sometimes referred to as IP Next Generation or IPng. |
| TransNet | IETF RFC 4291 | IP Version 6 Addressing Architecture | This standard (RFC) defines the addressing architecture of the IP Version 6 (IPv6) protocol. It includes the IPv6 addressing model, text representations of IPv6 addresses, definition of IPv6 unicast addresses, anycast addresses, and multicast addresses, and an IPv6 node's required addresses. |
| TransNet | IETF RFC 4443 | Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification | This standard (RFC) defines the control messages to manage IPv6. |
| TransNet | IETF RFC 793 | Transmission Control Protocol | This standard (RFC) defines the main connection-oriented Transport Layer protocol used on Internet-based networks. |
| Access | NTCIP 2104 | NTCIP SP-Ethernet | This standard defines the Access Layer for center-to-field communications where the local connection is some variant of Ethernet. |
One significant or possibly a couple minor issues. For existing deployments, the chosen solution likely has identified security or management issues not addressed by the communications solution. Deployers should consider additional security measures, such as communications link and physical security as part of these solutions. They should also review the management issues to see if they are relevant to their deployment and would require mitigation. For new deployments, the deployment efforts should consider a path to addressing these issues as a part of their design activities. The solution does not by itself provide a fully secure implementation without additional work.
| Issue | Severity | Description | Associated Standard | Associated Triple |
|---|---|---|---|---|
| Out of date (medium) | Medium | The standard includes normative references to other standards that have been subject to significant changes that can impact interoperability or security of systems and the industry has not specified if and how these updates should be implemented for deployments of this standard. | IETF RFC 6353 TLS for SNMP | (All) |
| Update data to SNMPv3 | Low | Data has been defined for SNMPv1, but needs to be updated to SNMPv3 format. | (None) | (All) |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Region 8 ITS Field Equipment=>roadside archive data=>NYSDOT Third-Party Sensor Data Archive |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSBA ITS Field Equipment=>roadside archive data=>NYSBA Toll Archive System |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSBA ITS Field Equipment=>roadside archive data=>NYSBA Video Sharing Servers |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | WCDPWT ITS Field Equipment=>roadside archive data=>NYSDOT Region 8 HVTMC Transportation Management |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | WCDPWT ITS Field Equipment=>roadside archive data=>WCDPWT ATR Count Archive |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT ITS Field Equipment=>roadside archive data=>NYSDOT Region 8 HVTMC Transportation Management |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Region 8 ITS Field Equipment=>roadside archive data=>NYSDOT Region 8 HVTMC Incident Data Archive |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Region 8 ITS Field Equipment=>roadside archive data=>NYS DMV Accident Reporting System |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Region 8 ITS Field Equipment=>roadside archive data=>NYSDOT Bridge Management System |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Region 8 ITS Field Equipment=>roadside archive data=>NYSDOT Statewide Operations Center Archive Management System |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Region 8 ITS Field Equipment=>roadside archive data=>NYSDOT 8-1 Maintenance Management System |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Traffic Count Stations=>roadside archive data=>NYSDOT Region 8 HVTMC Incident Data Archive |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Traffic Count Stations=>roadside archive data=>NYS DMV Accident Reporting System |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Traffic Count Stations=>roadside archive data=>NYSDOT Bridge Management System |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Traffic Count Stations=>roadside archive data=>NYSDOT Main Office Highway Data Services |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Traffic Count Stations=>roadside archive data=>NYSDOT Statewide Operations Center Archive Management System |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Traffic Count Stations=>roadside archive data=>NYSDOT Third-Party Sensor Data Archive |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Traffic Count Stations=>roadside archive data=>NYSDOT 8-1 Maintenance Management System |
| Use case not considered in design (minor) | Low | While the indicated standards nominally address the information flow, the design may not meet practical constraints because this particular use case was not the focus of the design effort. | (None) | NYSDOT Region 8 ITS Field Equipment=>roadside archive data=>NYSDOT Main Office Highway Data Services |
| Use TLS for SNMP Option | Low | The standard allows for multiple security mechanisms. The only defined mechanism that meets the requirements for C-ITS is the one based on TLS. | (None) | (All) |
| Source | Destination | Flow |
|---|---|---|
| NYS DMV Accident Reporting System | NYSDOT Region 8 ITS Field Equipment | data collection and monitoring control |
| NYS DMV Accident Reporting System | NYSDOT Traffic Count Stations | data collection and monitoring control |
| NYSBA ITS Field Equipment | NYSBA Toll Archive System | roadside archive data |
| NYSBA ITS Field Equipment | NYSBA Video Sharing Servers | roadside archive data |
| NYSBA Toll Archive System | NYSBA ITS Field Equipment | data collection and monitoring control |
| NYSBA Video Sharing Servers | NYSBA ITS Field Equipment | data collection and monitoring control |
| NYSDOT 8-1 Maintenance Management System | NYSDOT Region 8 ITS Field Equipment | data collection and monitoring control |
| NYSDOT 8-1 Maintenance Management System | NYSDOT Traffic Count Stations | data collection and monitoring control |
| NYSDOT Bridge Management System | NYSDOT Region 8 ITS Field Equipment | data collection and monitoring control |
| NYSDOT Bridge Management System | NYSDOT Traffic Count Stations | data collection and monitoring control |
| NYSDOT ITS Field Equipment | NYSDOT Region 8 HVTMC Transportation Management | roadside archive data |
| NYSDOT Main Office Highway Data Services | NYSDOT Region 8 ITS Field Equipment | data collection and monitoring control |
| NYSDOT Main Office Highway Data Services | NYSDOT Traffic Count Stations | data collection and monitoring control |
| NYSDOT Region 8 HVTMC Incident Data Archive | NYSDOT Region 8 ITS Field Equipment | data collection and monitoring control |
| NYSDOT Region 8 HVTMC Incident Data Archive | NYSDOT Traffic Count Stations | data collection and monitoring control |
| NYSDOT Region 8 HVTMC Transportation Management | NYSDOT ITS Field Equipment | data collection and monitoring control |
| NYSDOT Region 8 HVTMC Transportation Management | WCDPWT ITS Field Equipment | data collection and monitoring control |
| NYSDOT Region 8 ITS Field Equipment | NYS DMV Accident Reporting System | roadside archive data |
| NYSDOT Region 8 ITS Field Equipment | NYSDOT 8-1 Maintenance Management System | roadside archive data |
| NYSDOT Region 8 ITS Field Equipment | NYSDOT Bridge Management System | roadside archive data |
| NYSDOT Region 8 ITS Field Equipment | NYSDOT Main Office Highway Data Services | roadside archive data |
| NYSDOT Region 8 ITS Field Equipment | NYSDOT Region 8 HVTMC Incident Data Archive | roadside archive data |
| NYSDOT Region 8 ITS Field Equipment | NYSDOT Statewide Operations Center Archive Management System | roadside archive data |
| NYSDOT Region 8 ITS Field Equipment | NYSDOT Third-Party Sensor Data Archive | roadside archive data |
| NYSDOT Statewide Operations Center Archive Management System | NYSDOT Region 8 ITS Field Equipment | data collection and monitoring control |
| NYSDOT Statewide Operations Center Archive Management System | NYSDOT Traffic Count Stations | data collection and monitoring control |
| NYSDOT Third-Party Sensor Data Archive | NYSDOT Region 8 ITS Field Equipment | data collection and monitoring control |
| NYSDOT Third-Party Sensor Data Archive | NYSDOT Traffic Count Stations | data collection and monitoring control |
| NYSDOT Traffic Count Stations | NYS DMV Accident Reporting System | roadside archive data |
| NYSDOT Traffic Count Stations | NYSDOT 8-1 Maintenance Management System | roadside archive data |
| NYSDOT Traffic Count Stations | NYSDOT Bridge Management System | roadside archive data |
| NYSDOT Traffic Count Stations | NYSDOT Main Office Highway Data Services | roadside archive data |
| NYSDOT Traffic Count Stations | NYSDOT Region 8 HVTMC Incident Data Archive | roadside archive data |
| NYSDOT Traffic Count Stations | NYSDOT Statewide Operations Center Archive Management System | roadside archive data |
| NYSDOT Traffic Count Stations | NYSDOT Third-Party Sensor Data Archive | roadside archive data |
| WCDPWT ITS Field Equipment | NYSDOT Region 8 HVTMC Transportation Management | roadside archive data |
| WCDPWT ITS Field Equipment | WCDPWT ATR Count Archive | roadside archive data |
All rights reserved. © 2020 New York State Department of Transportation