The ITS Program worked with cybersecurity experts and the transportation community to identify cybersecurity resources for deployer consideration. References and guides were adapted from other industries and new development initiatives created materials that can help agencies identify, protect against, respond to, and manage cybersecurity risks. The guides and reference materials are available to agencies in three groups.
General Cybersecurity References and Guides – This information includes general cybersecurity references and guides developed by other agencies and organizations that assist government agencies (federal, state, local, and tribal), businesses, universities, and nonprofit organizations, among other entities, to harden their critical infrastructure. These include:
- The National Institute of Standards and Technology (NIST) Framework
- ISO/IEC 27000 Family of Information Security Standards
- Center for Internet Security (CIS) controls and benchmarks
- Multi-State Information Sharing and Analysis Center (MS-ISAC)
Informative References Tailored for the ITS Environment – This information includes materials that the ITS JPO and its modal partners have tailored specifically to address cybersecurity in an ITS environment. These include:
- Cybersecurity Framework Profile for Connected Vehicle Environments
- Intelligent Transportation Systems Penetration Testing
Additional Implementation References and Guides – This information contains references and guides specific to ITS cybersecurity in transportation management centers (TMC) and ITS cybersecurity in incident response and management. These include:
- Transportation Management Center Information Technology Security
- Transportation Cybersecurity Incident Response and Management Framework
- National Transportation Library - Repository and Open Science Access Portal (ROSAP)