Four Tunnels, one bridge and 116.8 miles of motorway used by >200,000 vehicles each day.

Britain’s busiest motorways rely on a variety of technologies to manage the flow of traffic, but to manage the technology, a rugged and reliable network is required. IT4Automation’s world-class, managed design with remote access is vital for the safe and smooth-running operation of some of the UK's busiest motorways.

The challenge in this case was to provide resilient communications, redundant communications, between all of those places, interfacing with existing tunnel control systems that were maintained by other third parties.

Security was a massive issue. We didn’t want anyone being able, for example, to take over the motorway signage for their own purposes. Equally, we didn’t want any contractor who was doing something on one system accidentally causing a problem with another. We needed to ensure the network was segmented by both application and location.

A further need that was identified at an early stage was remote maintainer access. If you have systems like CCTV, as well as systems controlling signage and the blowers ventilating the tunnels – all sorts of different applications, often run by different organisations – you have to provide each one of those organisations with access to the equipment for which they are responsible, but not to anyone else’s. We had to design our network to allow that to happen.’

IT4A's remote access solution had to meet the design constraints and testing requirements set out by Highways England and managed through the Code of Conenction (CoCo) - a risk based network security methodology. Without a CoCo in place for the control and monitoring networks, we would not be allowed to use the National Road Telecommunicaiton System (NRTS) - the Highways England Data Network Infrastructure.


Passive Infrastructure

IT4A’s solution involved using a combination of NRTS data circuits and private copper and fibre either already installed or added by design. Existing fibre, some in place for 20+ years, was cleaned and sometimes re-terminated to achieve formal re-certification, we wanted to engineer the network to perform predictably. The process identified a number of issues that rendered certain cables unusable prior to re-working. The outcome was a trusted and certified fibre infrastructure with alternate paths around every site.

Active Resilient Ethernet

IT4A’s ruggedized network design benefits from multiple level of redundancy in the data path, with automated and seamless failover; further resilience is gained by feeding core switches from dual power supplies. The dual redundant topology was extended to include all critical routers and firewalls. The network benefits from a common network time clock and centralised time synchronised logging of all events and alerts. Hardened products were selected to maintain the network's operation in the event of air conditioning (AC) plant failure.

Network Segmentation

Historically these motorway tunnel systems were autonomous with LAN extension, across point to point circuits, used to extend client workstation access. The move from autonomy to a managed networked system, that enabled all Operational activities to be achieved from either of the Operating Centres, required significant thought. Network segmentation ensured lines of demarcation were maintained between service providers whilst network integration allowed all services to benefit from diverse paths, communication node and router/firewall redundancy and management.

Remote Maintainer Access

The approach used to segment the network enabled a remote access solution to be deployed that gave controlled and highly authenticated access to all or part of each network segment(s). Remote communication carries risks and therefore access is strictly controlled; the aim is to provide the maintainer with a similar degree of access and scrutiny as could be achieved locally. Whilst connected all access to the maintainers local Internet is blocked ensuring that approved access is not extended beyond the authorized service delivery point and compromised. All access is monitored and can be withdrawn if miss-used.


Network Monitoring and Technical Support

A fundamental component of a network security plan is the support plan that is implemented to ensure measures, implemented to control risks, are actually doing the job. It was IT4A's existing support capabilities that became central to this critical motorway's function. From its Network Operation Centre in Surrey, IT4A monitor all network and communication path related alerts and failures. Remediation activities are triggered when a failure or security breach is identified, the strategy also considers threat, risk and mitigation techniques to deliver protection and peace of mind. IT4A work in partnership with the local engineering teams to maximise system wide availability.

System Components

IT4A selected the NEMA TS2 certified Industrial Ethernet switches for the resilient Gigabit Ethernet Core and distributed switched Gigabit Ethernet backbone. Industrial strength router / firewalls form the redundant routed backbone. All products have an industrial specification allowing normal operation from -10 to + 60ºC without cooling.

Summary of Capabilty

IT4A have demonstrated their ability to operate in a live, critical and challenging environment. The project initially involved the design and implementation of a SCADA Wide Area Network (WAN) that allowed multiple remote tunnel assets to be monitored and controlled from multiple operating centres, the scope expanded to improving resilience, performance and security of a multi-site, multi-applicaiton network. Today the new, Highways England, validated infrastructure is fully monitored and supported by IT4A; authorised maintainers now have secure and controlled remote access to the systems they are responsible for across the network.