1 / 37

Trust Me! (…or regional sharing of Data and Video)

Trust Me! (…or regional sharing of Data and Video). Richard R. Dye Maryland State Highway Administration. Our Neighbors to the North…PennDOT. Our Neighbors to the North…PA Turnpike. Our Neighbors to the South…VDOT. …and Maryland has the mighty CHART.

kioshi
Download Presentation

Trust Me! (…or regional sharing of Data and Video)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trust Me!(…or regional sharing of Data and Video) Richard R. Dye Maryland State Highway Administration

  2. Our Neighbors to the North…PennDOT

  3. Our Neighbors to the North…PA Turnpike

  4. Our Neighbors to the South…VDOT

  5. …and Maryland has the mighty CHART

  6. There are multiple types of multi-agency events available in the CHART system: Action Event Often used by Maryland Aviation Administration for parking messages around BWI Congestion Event, Disabled Vehicle Event, Incident Event Used by State Highway and Transportation Authority for roadway events Planned Roadway Closure Event Auto-populated by district offices through permitting system Safety Message Event Often instigated by public affairs Special Event Often used by Law Enforcement and Emergency Services

  7. The CHART system includes a component that enables users to use field devices (DMS, HAR, etc.) select camera sources and specify destinations for CCTV video streams that include devices and CCTVs belonging to: • SHA • MdTA • Anne Arundel County • Harford County • Montgomery County • Prince George’s County • The system supports this command and control as well as the distribution of the CCTV video traffic via IP multicast to over 60 operational Centers plus the World Wide Web

  8. Baltimore Region Montgomery County MIEMSS / MEMA Statewide Tower CCTV Western Maryland Annapolis / Eastern Shore DC Region Eastern Shore TOCs and CCTV - 7 Regional Gigabit Ethernet Nodes connected by state fiber optics, state microwave and leased circuits - Over 60 TOCs homed to regional nodes (cheaper and more robust network) - Over 280 CCTVs on new network (Approx 200 non-SHA) - Over 100 DMS on new network - Over 100 Speed detectors - 32 HARs on new network - 46 Weather Station (21 with CCTV)

  9. Partners Transportation Management Highway Maintenance Law Enforcement CHART Statewide Operations Center CHART DC Region Traffic Center CHART Baltimore Region Traffic Ctr CHART Annapolis Region Traffic Ctr Bay Bridge Traffic Operations Center Authority Operations Center Montgomery County Traffic Center Prince George's County Traffic Center Anne Arundel County Traffic BWI Airport Operations Northern Virginia DOT Traffic Center Washington DC Traffic Mgt Center Ravens Traffic Operations Center Redskins Traffic Operations Center Baltimore City DOT Baltimore City PD Dayton Shop Owings Mills Shop Laurel Shop Fairland Shop Annapolis Shop Gaithersburg Shop Golden Ring Shop Upper Marlborough Shop Harford Shop Baltimore County Police Maryland State Police Barracks - Annapolis Maryland State Police Barracks - Rockville Maryland State Police Barracks - Forestville Maryland State Police Barracks - Golden Ring Maryland State Police Barracks - College Park Maryland State Police Barracks – Waterloo Maryland State Police Barracks – Glen Burnie US Park Police (Greenbelt) Maryland Transportation Authority Police Current Users of CHART

  10. Partners (Continued) Emergency Operations Information Share / Lab Device Maintenance SHA Wash DC Region Emergency Operations Center SHA Baltimore Region Emergency Operations Center SHA Annapolis Region Emergency Operations Center Maryland Emergency Management Agency Maryland Emergency Medical Services (Ambulance) Harford County EOC / 911 Howard County EOC / 911 Anne Arundel County Fire Dispatch (Soon EOC) Baltimore County EOC (Soon PD/Fire/911) Network Operations Center Traffic Signal Repair Shop Radio and Camera Repair Shop Dynamic Message Sign Repair Shop University of Maryland Center for Advanced Transportation Technology Lab Current Users of CHART

  11. Future Partners Baltimore County Fire / Police / 911 Eastern Shore EOCs Eastern Shore MSP

  12. As a region …where do we stand?

  13. Current MDOT Approach (the porcupine)

  14. Current Solution • Solution involves the extension of the MDOT network to the remote (non-MDOT) customer location • Network, video and workstation equipment is installed on the remote site • The equipment is not connected to the customer network • MDOT manages the network and PC equipment located at the remote (non-MDOT site) • Security solution involves locking down the PC, MAC based security and access lists • “normalization” of video between various codec formats is handled via banks of decoders and encoders • We know it works and can install it quickly

  15. Challenges • Poor Security (waiver is needed as this violates current state security policy) • Limited Scalability • Expensive associated with management of MDOT assets spread out across the state in non-MDOT facilities • End user has “yet another” system to learn to use that they will most likely only use on a limited basis • Cumbersome support for video from sources other than Coretec encoders

  16. Our Neighbors to the North…PennDOT

  17. Our Neighbors to the South…VDOT

  18. RITIS Innovative ways to address increasing travel demand

  19. Proposed Solution (kill the porcupine) • Architecture is similar to the existing solution but includes the following differences • Establishes a strong security boundary between MDOT and the 3rd Party customers via the installation of a firewall • Firewall configured to permit requests from 3rd party customer to access the CHART application (Don’t hide from them…EMBRACE YOUR IT SECURITY GROUP) • Use of Multicast Source Discovery Protocol (MSDP) to maintain IP multicast functionality through the firewall • Use of video transcoders to convert various video codec formats

  20. Benefits • Does not require a small MDOT “island” to be created and maintained at the remote site • Improves network security • Improves scalability • Solution does not require dedicated PCs to be configured on the 3rd party network to access the CHART application • Reduces the management responsibilities of MDOT • Improves operational usability • Improves security and scalability • Management responsibility of all network equipment, PCs, decoders, etc that are beyond the MDOT firewall and the outside Proxy RP router will be the responsibility of the 3rd party • Reduces the management responsibilities of MDOT • Improves scalability • Use of video transcoders eliminates the need for legacy video switches as well as large banks of decoders and encoders • Simplifies application development • Improves scalability

  21. Update on Testing • CHART CCR 15990 • Created test architecture in lab • Utilized Smartbits system to simulate IP mulitcast video flows and BW utilization • Tested hardware • Cisco ASA 5520 Firewall • Cisco 2821 • Cisco 3845 • Cisco 3750 • Minimum Performance requirements • 92Mbps at 228 flows • Results • All products identified above can properly support the minimum performance requirements • “weakest link” for all systems identified above is the Cisco ASA 5520 • Max performance – 140Mbps at 480 flows

  22. Update on Testing • Phase of Secure Data / Video Share (CHART CCR 15990) • Security Team has performed an initial security audit • Implementing prototype testing on production network • Under separate CHART CCR, Implement Solution with existing CHART Coretec Video Encoders / Decoders (equipment has been purchased) • Estimated time frame – 6/9 months • Complete testing of transcoders to convert video to and from the Coretec MPEG 4 format (CHART CCR 15991) • Have Security Team perform a security audit • Implement prototype testing on production network to Flash and Windows Media Player • Under separate CHART CCR, Implement Transcoding Solution with external users selecting and decoding CHART videos without Coretec Video Encoders / Decoders (adds scaleability to all types of MDOT video and public sharing of approved video) • Estimated time frame – 9/12 months

  23. Lab Testing • Baseline test path capable of supporting 540Mbps at 480 flows

  24. Proposed Architecture • The key building blocks for the new Secure Architecture include the following • Cisco ASA 5520 Firewall • Cisco 3750 switches with Enhanced image • Cisco 3750 switches with Standard image • Cisco 3845 routers • Cisco 7206 routers • Security Domains • MDOT Network • CHART Field Sites (Huts and Cabinets) * • State of Maryland Government Intranet customers • CHART 3rd Party customers (including media outlets) * New Requirement added during Testing

  25. Proposed Architecture – high-level

  26. Proposed Security POPs

  27. Installation and O&M (Continued) • As currently designed, this new approach will allow the secure sharing of CHART data and video out to 3rd parties as well as allow the sharing of 3rd party data and video back to MDOT through CHART immediately increasing our flexibility and security • As currently designed, this new approach will allow the transcoding of CHART video out to standard Media Player formats as well as other departmental video into CHART format meeting a major Governor / Secretary initiative for homeland security (DOTOPS) IT Security and Homeland Security people will look like this

  28. Maybe by this time next year…

More Related