IT4A develops a ‘Secure, Segregated and Managed Remote Access System’ for increased efficiency and safety to operations for this Tunnel
This particular tunnel provides a direct route for heavy traffic flowing between London and the South, a recent development which has environmentally transformed surrounding areas due to its ability to ease congestion and improve traffic flow.
Road infrastructure specialists, EM Highway Services (later Kier Group) are accountable to Highways England for the smooth running of tunnel operations.
The mile long tunnel is fitted with numerous ‘Life Safety Systems’; these include Supervisory Control/Data acquisition (SCADA) and Radar Pressurization Units (RPU’s). The SCADA system plays a crucial role in allowing the control room to monitor and, to a point, control the automated systems within the tunnel. Automated systems in place include: CCTV, lighting, ventilation, traffic control, public announcement systems, energy supply, coordinated tele control systems, communication systems, incident detection, emergency radio and wireless, fire detection, fire pump systems with water and a rear projection system.
The RPU is fitted with a ‘Collision Detection System’, which, unlike CCTV, is not compromised by visibility. SCADA and RPU systems are made up of hundreds of interconnected devices, making faults an inevitability. When critical faults occur, the traffic is stopped until the fault is repaired.
Engineers with the right skills to maintain such systems are limited. With the Tunnel’s SCADA and RPU systems maintainers often distant, a secure remote access would speed response to support related issues. The need for a remote access solution therefore emerged.
Road infrastructure is considered critical by the UK’s, government-led, Centre for the Protection of National Infrastructure (CPNI); the security of systems associated to the road infrastructure is of paramount importance.
For Highways England (formally Highways Agency) to approve the use of a remote access system, a thorough risk assessment is to be carried-out. This is controlled through Highways England’s Code of Connection (CoCo) approval process.
The specific needs of such a system meant no ‘off the shelf’ solution could be implemented; instead it called for a tailor made solution which required the expertise of a highly skilled solutions provider.
IT4Automation, experts in critical network infrastructures, have over fifteen years’ experience in building, installing and maintaining networks to light and heavy automation industries. Having already delivered innovative CoCo-compliant solutions which have transformed another UK Motorway network, IT4A were selected without hesitation. From their previous experience, IT4A had a full understanding of CPNI and specifically Highways England’s CoCo quality management and risk treatment processes.
Developing a custom-built remote access solution, that fulfils the current need for remote assistance and support, is not necessarily challenging. However, by including segregation at the level of the remote access sessions and meeting (and exceeding) the high security requirements, imposed by Highways England the solution complexity is further increased.
In the basis of design stage, IT4A had to consider other necessities such as interfacing seamlessly with existing systems without inflicting any disruptions during installation and commissioning.
The challenge began when the interface for managing the remote access sessions was introduced. Furthermore, this had be incorporated with the existing Permit to Work system and the activity throughout the remote access sessions, recorded.
The fundamental management features are based on already implemented UK Motorway network solutions. However, there are several distinct additions, necessary to ease the remote access sessions management and further security. A dedicated software application was developed for this purpose. In addition, a physically controlled on/off panel, fitted with key switches, was constructed. These are used by the Control Room to grant or deny remote access permissions to individual remote maintainers. In order to implement this, intensive research and development was carried out by IT4A engineers.
Segregated Remote Access
As part of the requirement to reduce vulnerabilities and potential risks to the critical systems, direct interfacing is not permitted. To overcome this, segregated virtual workstations were implemented for each remote maintainer. Despite high level security protection, when remote maintainers are granted access permission, they can perform maintenance jobs equal to physically being at the tunnel, without the safety-related concerns. Through the use of secure remote access dongles, individual for each remote maintainer, the desired tunnel system can be accessed at any time, providing that an Internet connection exists. As previously mentioned, the Control Room can grant exclusive remote access permissions, using both the remote access control application and panel. With regards to the latter, limiting access has been achieved by fitting two switches – the first switch enables access to ‘Management and Monitoring’, the second switch provides access to the ‘Life Safety Systems’, including SCADA & RPU.
Critical Network Infrastructure Protection
IT4A selected and installed multiple network security appliances in order to restrict and protect communication, and prevent various cyber-attacks. This was achieved through the implementation of a security policy, as per the Highways England, CPNI and other relevant industry standards. As part of the incident management strategy and quality assurance, an automated activity logging feature has been implemented. This means, for example, when granting remote access for repairing a fault with the RPU, changes made by the corresponding engineer will be recorded, allowing the Control Room to review any performed changes. The solution was tested both off-site (witnessed ‘factory acceptance testing’) and on-site (‘site acceptance testing’). These checks are to ensure that all the features have been correctly implemented. Including the protection against external attacks, successful logging and alerting, segmentation and unused port protection.
To determine the appropriate components that fulfil the functional needs of the solution, IT4A engineers prepared a risk assessment and mitigation plan which considered the possible threats and risks, at various levels. This means, for example, to mitigate against the risk of service loss as a result of air conditioning failure, proven, ruggedized, components were selected. In some situations suitable products were not available on the market and custom-built elements of the solution, such as the physically controlled on/off panel, were engineered. To consolidate the solution and offer the necessary versatility, IT4A used a virtualization platform. This allowed several separate virtual workstations to come together into one piece of hardware.
Robust and Versatile Implementation
The Tunnel now boasts a custom-built ‘Secure, Managed and Segregated Remote Access System’, designed, developed and installed by IT4A. This innovative solution aims to decrease tunnel closures to minutes rather than hours and, through a significant reduction in travel time, the overall maintenance costs are reduced.
Thorough documentation has been provided to support the solution (operation and maintenance manuals, functional design specification, risk assessment and treatment, test plans etc.). All the components used in this solution have been marked as property of Highways England, giving the solution longevity, should contractors change in the coming years.
IT4A are pleased with their contribution to the Tunnel’s network infrastructure and look forward to using their expertise in this field to help develop other transportation operations.