In 2020, the New York City Department of Transportation completed a large-scale Intelligent Transportation System (ITS) deployment, led by AT&T. The project involved collaboration of multiple vendors and agencies working together on a tight timeline. The end result is a citywide traffic system communications upgrade, including a Digi dual cellular router at each intersection, Digi Remote Manager® (Digi RM) and customized Digi software and services.
NYC DOT oversees one of the most complex urban transportation networks in the world, with 6,300 miles of streets and highways, over 12,000 miles of sidewalk, nearly 14,000 signalized intersections and 800 bridges and tunnels. Their stated mission is to provide for the safe, efficient, and environmentally responsible movement of people and goods in the City of New York and to maintain and enhance the transportation infrastructure crucial to the economic vitality and quality of life of our primary customers, City residents. It is a tremendous commitment, especially in the largest and busiest city in America.
NYC Traffic Management
New York City DOT’s traffic management system controls the traffic signals at 14,000 intersections, as well as a range of Intelligent Transportation Systems (ITS) devices including traffic cameras, variable message signs and vehicle detection devices. An intelligent software application operating at NYC DOT’s Traffic Management Center (TMC) in Long Island City accommodates changing traffic patterns and eases traffic congestion. It obtains vehicle queue depth and movement from various types of sensors located throughout the city, then adjusts signal timing by coordinating with Advanced Traffic Sold-state Controllers (ASTC) located at each intersection.
Special events, construction, or traffic incidents typically wreak havoc on traffic conditions in cities. Due to these dynamics, especially in dense and crowded NYC, effective traffic management is not possible without a high speed and reliable communications network and centralized management.
NYCWiN Replacement
NYC DOT’s years of operational experience with the previous NYCWiN network and knowledge of emerging trends resulted in a detailed specification for the replacement network. Critical areas included concurrent dual carrier failover/fallback, centralized device management, NYC Cyber-approved encryption and support for Connected Vehicle (CV). The solution proposed by AT&T and Digi progressed through pilot in early 2019 and then into deployment starting in October, finishing ahead of schedule in June 2020. The previous NYCWiN network was decommissioned that same month.
Digi provided expert assistance and dedicated resources during system integration and deployment. The tailored implementation services included onsite personnel working daily with NYC DOT network engineers and contractors for nearly a year. Planning, testing and troubleshooting by the implementation engineer kept the project moving forward, along with coordinated engagement of Digi engineering and technical support when required.
At each cabinet, the previous NYCWiN equipment was replaced with the Digi cellular router, a PCTEL antenna and a Transition Networks Power-over-Ethernet (POE) switch. The POE switch enables communication with cameras and expands the Ethernet port count for connection to various ITS devices such as a CV Roadside Unit (RSU). The antenna is actually multiple antenna elements housed within a single impact-resistant radome, and supports cellular, GPS, Wi-Fi and Bluetooth. The Digi cellular router connects to the existing traffic controller and functions as the gateway to the TMC for all ITS devices. Its onboard edge computing platform, built on an embedded Python environment, enables custom integration with non-standard ITS devices and quick adaptation to evolving system requirements.
The New Network
Running such a large and diverse cellular communications network with a 99.99% availability requirement demands a high level of automation, a highly reliable hardware/software platform and network fault tolerance/redundancy, as well as great management tools and accurate performance metrics. The hybrid network infrastructure, with cloud-hosted Digi RM and a Digi router at each intersection, delivers the required performance and scalability.
A key feature of the deployment, supporting the rapid installation process, was zero-touch configuration, a feature of Digi RM via its Profile Manager tool. This method of configuring devices with their required functionality enabled field personnel to quickly install the pre-configured devices. It continues to enable technical personnel at NYC DOT to manage all devices centrally, and quickly deploy firmware updates to any or all deployed systems.
Central Management with Digi RM
NYC DOT takes full advantage of Digi RM, Digi’s cloud-based device management and data enablement platform. The data enablement functions permit integration of legacy and complementary systems into the communications network.
Network automation is a core capability of Digi RM and is designed to improve security, availability and operational efficiency. It has quickly grown into an industry must-have as networks diversify and expand against a growing global security threat.
Digi RM automates measurement of key link-level performance metrics enabling quick assessment and visibility into any trends. This takes the guesswork out of troubleshooting, enabling efficient root cause determination and faster remediation.
Network Fault Tolerance
The new network incorporates a dual carrier design that maximizes network connectivity and availability by automatically failing over to a secondary carrier in times of network service outages. The Digi router also automatically falls back to the primary AT&T FirstNet® network. Both cellular links (and the fiber link where available) are active and monitored end-to-end.
Security
The network is protected at every level using a defense-in-depth security strategy. The primary link is FirstNet®, providing NYC DOT with a first responder grade solution, and priority and preemption over the air and on the FirstNet® core. In addition, all data packet communications between the intersection and TMC are encrypted and carried over an IPsec VPN using advanced encryption algorithms, with the Digi router in the cabinet as one endpoint and a Fortinet carrier-class FortiGate Next Generation Firewall (NGFW) at the headend datacenters.
NGFWs filter network traffic to protect an organization from internal and external threats. Along with maintaining features of stateful firewalls such as packet filtering, IPsec and SSL VPN support, network monitoring, and IP mapping features, NGFWs possess deeper content inspection capabilities. These capabilities provide the ability to identify attacks, malware, and other threats, and allow the NGFW to block these threats.
The Digi router includes a suite of hardware and firmware features called Digi TrustFence® to protect itself and ensure the reliability and integrity of its security functions. It uses a cryptographic co-processor to protect particularly sensitive data such as stored passwords and encryption keys so that they are not accessible even by an administrator. It also includes mechanisms so that the router itself can be updated while ensuring that the updates will not introduce malicious or other unexpected changes. A strong stateful firewall blocks unauthorized access and monitors all network connections.
The Result
The project rollout earned NYC DOT an award for the
Outstanding ITS Project of the Year - Traffic Management Systems by the Intelligent Transportation Society of New York (ITS-NY). The transcript of the meeting in which NYC DOT received the award provided this description of the project:
“The New York City Wireless Infrastructure Network (NYCWIN) provides a citywide communication backbone to all ITS devices, including traffic cameras, VMS, vehicle detection devices and 14K traffic signals. This project involved the decommissioning of the previous NYCWIN infrastructure, which was integrated into all NYC DOT traffic and ITS equipment. The replacement is an AT&T wireless network, which incorporates a dual carrier design to maximize network connectivity and uptime. By automatically using a secondary carrier in times of network service outage thus providing 99.99% communication reliability. It is a turnkey solution, to operate and maintain the integrity of NYC DOT systems. This large scale deployment was completed in 9 months and under budget…”
Today, Digi is working with department of transportation agencies across the U.S. to implement similar systems to address congestion, establish automation to improve traffic flow, ensure emergency vehicles can respond quickly to incidents, and provide visibility and management to DOT agencies.