This page contains a Flash digital edition of a book.
control rooms No ICCS is an island


In today’s increasingly IP-based control rooms, isolating an ICCS is no way to protect it from external threats.David Cohen explains how the world, and system design, have moved on


seemed reasonable and the vulnerability of the ICCS system remained minimal. However, developments in technology since the


formation of the initial ICCS concept (such as mobile telephony and Voice over IP) together with the enhanced information exchange requirements for caller information (ID, location, etc.) that arise from systems such as EISEC, NG911 or eCall have increasingly led to connection of ICCS systems to TCP/IP networks – using WAN networks which increasingly pass over the Internet. Tere is also an increase in remote operator access to


ICCS, over WAN networks and the Internet, to support standby control rooms and collaborative working. Tis requirement presents a point of network


vulnerability that is frequently addressed by the introduction of a firewall.


About the author


In an IP age, control room security


policies should be based on a trio of core factors


I


n the two decades since integrated communication control systems (ICCSs) became the main platform for control room functions, efforts to ensure their security


have changed very little. Tese critical systems need to maintain security and


immunity from web-based viruses and intentional hacking. Te first systems focused on getting high-reliability systems to market, but an increased awareness of vulnerabilities pushed suppliers to declare the ICCS an ‘island’ with no connections to the outside world. Tis attitude is still prevalent today – but how long can it continue? Initially, an ICCS was a conceptually simple system that


integrated telephone and radio voice services into a common platform. Te main interfaces to the outside world were usually limited to: nnetworking to remote operator positions; nnetworking to the (then analogue) radio system; nnetworking between ICCS switches. Tese network interfaces were predominately


implemented over fixed links generally owned by the blue- light service in question and often deploying proprietary or ‘closed’ protocols. Tus the concept of an ICCS ‘island’


12


David Cohen specializes in ICT strategy and procurement, particularly in the public sector and emergency services


D


avid Cohen is with the UK-based ICT consultants Mason, where he applies more


than 15 years’ experience in providing consultancy to all aspects of ICT strategy, design, assessment, procurement and implementation, particularly in the public sector and emergency services. He has broad experience in voice, data networking and ICT systems. Particular areas of speciality are wireless mobility, server infrastructure, virtualization and thin- client technologies, and data centre specification and design. www.mason.biz


TE TRA TODAY Issue 7 2012


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36