Fellowships | FUSE CORPS
Developing a Cyber Security Strategy to Protect Transportation Infrastructure
Department of Transportation
Los Angeles, CA

“Developing a Cyber Security Strategy to Protect Transportation Infrastructure” 
Los Angeles Department of Transportation 
Los Angeles, CA

PROJECT CONTEXT

Los Angeles pioneered traffic signal automation in the early 1980s in preparation for the Olympic Games, having deployed the largest Intelligent Vehicle-Highway System (IVHS) in its field to date. The Los Angeles Department of Transportation’s (LADOT) Automated Traffic Surveillance and Control Program (ATSAC) is believed to be the largest urban traffic control automation of its kind in the world and has endured for more than 30 years. 

Transportation officials agree (and federal mandate requires) that it is time to modernize the system. LADOT would like to utilize rapidly evolving technology in Intelligent Transportation Systems (ITS) to update its system with the goal of boosting the capacity and flow of urban street infrastructure for people, cargo, vehicles and data. The department has been actively planning for this large infrastructure project and recently presented to City Council emphasizing that its traffic management system “must evolve into an innovation platform”. This is likely to involve connected and autonomous vehicles; data sharing; technology/software/mobile applications; and infrastructure investment. The plan envisions a future that requires its systems to be able to communicate back to vehicles in real-time to provide directions and ensure safety, and that allows vehicles to automatically adjust their speed to time the green lights so as to minimize stop-and-go traffic and reduce energy waste and greenhouse gas emissions. 

However, alongside new technology enhancements come the very real threat of malicious hacking, similar to what was depicted in the 2003 movie The Italian Job , set in Los Angeles. Department officials have highlighted the need to protect the city and its residents from the threat of hacking by adopting machine learning and end-to-end encryption that secures the system from cyber hackings and other vulnerabilities. Los Angeles is at the forefront of this modernization effort and is being closely watched by federal agencies to evaluate LADOT’s pioneering leadership in the field as well as the very large business development potential of this endeavor. 

It is a challenging and complex prospect to reconfigure a city’s transportation infrastructure. The Department staff must embrace a major new ITS development that involves technology still in the early stages of development as well as the engagement of many different cross-sector agencies, institutions and stakeholders. To support this work, LADOT will partner with FUSE Corps to host an executive-level Fellow for one year to create a comprehensive business plan to address the need for investment in cyber security that would help the city safeguard the its transportation system. This fellow will work with stakeholders to develop a roadmap that guides the way toward an actionable plan and helps the Department successfully implement the goals of this complex infrastructure project. 

PROJECT SUMMARY

The following provides a general overview of the proposed fellowship project. This project summary and the potential deliverables that follow will be collaboratively revisited by the host agency, the Fellow, and FUSE staff during the first month of the project, after which a revised scope of work will be developed and agreed upon by the Fellow and the host agency. 

Starting in October 2017, it is proposed the FUSE Fellow will begin his or her work with a review of the general cyber security requirements for an industrial control system that will include general frameworks, management control, safeguard requirements, incident response, and of any known and/or proposed regulatory constraints in all levels of governments. The fellow will develop a Cyber Security Improvement Plan that would correspond with the existing ATSAC IT infrastructure and network architecture and would align with the city’s CICC Unified Incident Response Plan. 

The fellow will then work with department leaders and other stakeholders within the city to develop two or three potential business model scenarios addressing cyber security that will specify how the department can improve and enhance its traffic system, along with plans for implementation, specific timetables and budgets. The fellow will then engage with project stakeholders both inside and outside of government to evaluate the models and ultimately coalesce around a final plan of action. 

It is hoped that the fellow’s efforts will focus on the development of an ATSAC Cyber Security Improvement Plan and the accompanying ATSAC Security Network Architecture, and that the Fellow will provide business expertise to city leaders on the implementation of both of the Plan and Architecture. 

POTENTIAL DELIVERABLES
 
  • Conduct a thorough review of the cyber security requirements for an industrial control system – Review cyber security structures, management, control, and incident response. Study other deployed and large-scale urban traffic signal control systems as well as critical transportation control systems found in air traffic control, railway control, etc. The review should also include large-scaled critical utility control systems found in electrical, water, oil and gas or any other pertinent industrial control systems of critical importance. 
  • Develop working relationships with key stakeholders and analyze feedback – Meet with a broad range of LADOT staff, other city officials and partner organizations to better understand their perspectives, priorities, and concerns with regard to current process challenges and need for improvement. Uncover the questions that each wants to answer in order to identify or generate the necessary resources and tools. Establish relationships with the many different LADOT divisions, with a particular focus on those closest to the actual IT systems infrastructure, network architecture and department communications to identify their goals and concerns. 
  • Synthesize recommendations to develop Cyber Security Improvement Plan – Synthesize best practices and learnings and create a business case for the ATSAC Cyber Security Improvement Plan, assuming budget constraints and timelines that prioritize the most critical recommendations. Include written recommendations and action plans with different possible strategies and implementation timelines for consideration. Address human and financial resource needs, as well as recommendations toward the procurement of products and equipment, and enlistment of specific skills, knowledge, and experience necessary for implementation. Deliver presentations to city officials and LADOT staff as directed and build consensus around the chosen path forward.  
  • Begin implementing recommendations, create long-term rollout plan and help ensure sustainable impact – Identify and implement the most likely “early wins” that can be accomplished within the year to begin carrying out the ATSAC Cyber Security Implementation Plan. Create a sustainable multi-year approach for implementing process improvements. Help analyze funding and/or financing alternatives, convene internal and external parties, participate in key meetings, and conduct other activities as needed to help support the actualization of the ATSAC Cyber Security Improvement Plan. Empower staff to make more informed decisions and enable them to align their efforts from division to division into a department-wide approach to cyber security. 

KEY STAKEHOLDERS
 
  • Dan Mitchell, Assistant General Manager, Department of Transportation  
  • Sean Skehan, Principal Transportation Engineer, Department of Transportation 
  • Bill Shao, Senior Transportation Engineer, Department of Transportation 
  • George Chen, Transportation Engineer, Department of Transportation 

QUALIFICATIONS
 
  • At least 15 years of professional experience in a relevant field, particularly with a strong background in large-scale urban industrial control systems such as traffic signal control, air traffic control, railway control or public utilities. Familiarity with complex cyber security systems, business analysis, systems building and/or management consulting. Familiarity with the world of public transportation management systems is ideal. 
  • Ability to identify best practices in cyber security pertaining industrial control systems, understand data and evidence and use it to support a business case and security system improvement, and make a persuasive argument to support recommendations. 
  • Strong record of success engaging a variety of cross-sector stakeholders and managing cross-functional teams. Ability to relate to a wide variety of diverse audiences with varying interest with strong emotional intelligence and empathy. 
  • Excellent stakeholder engagement skills and the ability to use facilitative leadership techniques to coordinate stakeholder activities. 
  • Superior critical thinking and analytical skills. Ability to synthesize complex information into clear and concise recommendations. 
  • Exceptional written and verbal communication skills with an ease in public presentations. 
  • Self-motivated, goal-oriented, entrepreneurial leader who is an independent worker, creatively resourceful in identifying solutions to complex problems, persistent in obtaining information, and able to create direction and movement within potentially ambiguous environments. 
  • Flexibility, adaptability, persistence, humility, inclusivity and sensitivity to cultural differences.

TO APPLY 

Click the link below to upload a resume and complete the online application questions in lieu of a cover letter. The application process will allow you to indicate interest in more than one fellowship opportunity. You only need to submit one application. Interested candidates are encouraged to apply as soon as possible, as selections will be made on a rolling basis and specific opportunities may close quickly. 

This role offers the opportunity to work full time for 12 months as an independent contractor of FUSE Corps with an annual stipend of $90,000 paid through monthly installments. 

The FUSE Fellowship is an equal opportunity program with a core value of incorporating diverse perspectives. We strongly encourage candidates from all backgrounds to apply.

_

APPLY: Developing a Cyber Security Strategy to Protect Transportation Infrastructure


Previous MonthNext Month
SunMonTueWedThuFriSat