Cisco IoT Solution Brief
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Connecting and optimizing Mass Transit fleets
Introduction to Cisco Managed Gateways for Mass Transit
Cisco is a global leader in data and networking and provides a wide range of products to address connected mass transit solutions. By applying our networking and IoT expertise to mass transit systems we have created innovative technology solutions which optimize system operations for mass transit. Our goal is to future-proof your investment by providing an evolution path from today’s bus-centric connected bus and rail systems to cloud-based solutions and interaction with the smart cities of tomorrow.
Cisco Validated Designs
Since the inception of IP networking, Cisco Validated Designs™ (CVDs) have been used to validate, architect, and configure next-generation technologies. CVDs start with the vertical use cases and architect the flow from the edge device to the application, validating the key Cisco and 3rd party components along the way. Each aspect of the architecture is thoroughly tested and documented with sample configurations, helping to simplify integration through proven solutions.
The goal is to ensure a deployment that’s simple, faster, reliable and cost effective.
Mass transit challenges
Currently, mass transit faces a host of problems and inefficiencies in the way it is operated:
● Multiple, disjointed on-board systems resulting in the presence of multiple LTE gateways/SIM cards
● Lack of unified connected fleet operations insights
● High costs, especially with antenna installation and recurring cellular charges. Also, leads to difficult scaling, as thousands of vehicles each require multiple gateways and vendors
● Minimal to no security
● Legacy Vehicle Logic Unit (VLU)-centric architecture that limits future technologies and passenger services
● Serviced mainly by IT professionals and the IT department
● Systems are often on-premise-based and require staff to be on site at the Operations Control Center for access and visibility into the network
● Access to high quality and high-fidelity data is often difficult due to outdated legacy technology
Transit operational processes and use cases
Transit solutions must consider three key aspects of a transit operations: business, fleet and vehicle operations.
Business operations support the planning, commercial, ridership and financial performance. Fleet operations focus on the day-to-day real-time operation of the transit service including vehicle location, on-time performance, route compliance and route adjustments, as necessary. Lastly, vehicle operations focus on the fleet vehicle performance, maintenance, refreshes of hardware and software systems for optimal fleet performance.
Note: This presentation focuses on busses, but concepts also apply to ligh trail and part apply to transit service vehicles.
Simple provisioning and operations
To ensure our architecture is Simple, Scalable and Flexible, we have developed field-friendly gateway management with strong asset operation capabilities. Deep integration with asset systems and operations ensures that field crew can easily deploy and manage these gateways without the need for IT support. Simple provisioning
Simple provisioning
Challenge
Make it easy for the technician and non-IT staff to provision and manage connectivity at scale.
Solution
True zero touch deployment of the gateways
1. Configure templates using our point and click simplicity. Associate gateways with bus ID
2. Technician deploys the gateways using either a mobile or web application
3. A single pane-of-glass to activate/deactivate your SIM card and manage your rate plan with Cisco Control Center (offered by select Service Providers)
Your busses are now in service.
Simple operation
Challenge
Minimize service outages and support faster troubleshooting/updates.
Solution
Minimize downtime through remote troubleshooting using the bus ID.
1. 10 pm: Alert at Operations Center indicating faulty CAD/AVL system.
2. 10 pm: Transit Center supervisor asks maintenance to remotely troubleshoot and fix.
3. 10:05 pm: Mechanic securely logs into the gateway using the asset ID and applies VLU updates.
4. 10:15 pm: Bus back in service with functioning VLU.
Scalable security and flexible Edge Compute
We also ensure a secure architecture designed for environments that are constantly under attack. Application flexibility is provided through a full-featured, secure Edge Compute layer that supports next generation applications along with a large partner ecosystem that can help drive innovation.
Scalable security
Challenge
Real-time cyber security protection from external and internal threats for thousands of buses.
Solution
Multi-layered security enforced through a single control point; ensure data confidentiality and end-end encryption. Standard IPSEC VPN to the operations network. Enforce network segmentations and policies:
1. Keep high-priority data separate and protected
2. High availability and connectivity of CAD/AVL data
3. Full integration with existing security services like Umbrella, Cisco’s Cloud based security that secures users and devices, Stealthwatch, Cisco’s machine learning network security traffic analysis, no need for third-party security
Your buses are now equipped with internet-ready cybersecurity.
Flexible Edge Compute
Challenge
Support a variety of NextGen Transit apps like smart mobility, traffic signal prioritization and monitoring of operational sensors.
Solution
Edge Compute that support standards-based microservices through an open ecosystem.
1. Deploy Linux-based microservices onto the IR829 gateway
2. The necessary gateway/sensor data is pulled by applications located anywhere; on-site, at the data center, or in the cloud
Flexible and versatile operations are available.
Simple mass transit architecture
This architecture covers a typical basic deployment scenario for managed gateways considering use case requirements and available connectivity options and management.
Requirements
● A VLU or other on-vehicle equipment that requires a secure connection over cellular
● Simple to deploy and operate by field technicians
● Visibility to VLU and connected devices with secure remote access
● On-board devices can report events and logs to the operations center
● Able to troubleshoot and perform remote updates
● Real-time information delivered to operations center for fleet management
● Provides a passenger WiFi service
Proposed network architecture
● Integrated gateways and cloud management
● WiFi AP for passenger internet access
Key design elements
1. Reliable LTE connectivity/expansive coverage with low interference
2. Predefined configuration templates for fleet management and on-board devices
3. Robust end-to-end security for business, vehicle, and fleet data and management
Next generation mass transit site
This architecture covers deployment scenarios with multiple services on the fleet vehicle using managed gateways and cloud management with Edge Compute available for local processing, as needed. Multi-agency use of vehicle device data is supported through segmentation and security.
Requirements
● Consolidated communications into one dual WiFi/LTE gateway
● Integration with next gen apps to perform advanced functions such as fleet management, vehicle diagnostics and rider alerts
● Simple to deploy (gateway, devices and Edge Compute applications) and operate by field technicians
● Support for multiple agency access to data from their specific devices and services located on the vehicle
● Establishment of controls to limit agency access to their vehicle devices and services
● Edge computing to enable local interaction between systems for vehicle location, fleet management, operations and diagnostics
Proposed network architecture
● On-site network with cloud management
● Unified deployment and management of on-site gateways, switches and compute
Key design elements
1. Edge Compute platform to enable local processing of sensors/device data to drive next gen applications such as Swiftly or KPIT
2. Reliable LTE connectivity/expansive coverage with low interference, easy to deploy
3. Easy to deploy configuration templates for systems/devices at the vehicle
4. Robust security for vehicle and fleet device data and management
5. Network segmentation to enforce secure device data access to authorized agencies
Next generation mass transit—partners ecosystem
One foundational aspect of our next generation mass transit architecture is our robust partner ecosystem. Our partners seek to build an ecosystem which enables next generation functions that provide value to our customers. Utilizing Edge Compute, our partner’s Linux based microservices can be pushed down to the IR829 Gateway. The necessary gateway/sensor data can be accessed via the cloud, at the data center, or on-site.
Swiftly
● View vehicle schedule adherence and on-time performance metrics and reports including real-time transit vehicle location with passenger predictions
● Tools for operators to view vehicles in real-time and make adjustments to the transit service
● Vehicle movement replay and analysis of run-times with suggested schedule improvements
● Provide updates to passengers about service changes, stop adjustments, and detours/delays and to field operators and drivers via onboard tablets
IntelliShift
● Delivers single pane-of-glass cloud-based platform for all connected vehicle and asset types coupled with field service mobility applications
● Connects fleet and operational data for optimal fleet visibility, utilization, and monetization
● Real-time visibility into location, productivity, fuel spend and fleet run time costs
● Captures drive time; route effectiveness and delivers ETA’s using current and historical traffic data
● Vehicle/asset diagnostics to drive preventative maintenance and driver/passenger safety
NetMotion
● Display diagnostics data to show signal strength and connectivity information
● LTE data consumption, application performance, network speed/performance, and mobile data usage
● Provides information on the networking capabilities on-board the vehicle
KPIT
● Enables the implementation of remote vehicle diagnostics and service-oriented vehicle telemetry for predictive maintenance
● Provides vehicle state event management, KPI dashboarding, and repair instructional information
● Reduces vehicle down-time and increases FFV (Fixed-First-Visit) rates
Smart city integration
This architecture covers more advanced or next generation deployment scenarios requiring high bandwidth, low latency links to smart city fiber-connected intersections and coordination between other connected autonomous vehicles.
Requirements
● Real-time communication with the intersection supporting traffic signal prioritization (TSP) decisions for bus and emergency vehicles
● C-V2X On-board Unit (OBU) for high-speed bi-directional communication with an intersection RSU (roadside unit) or other vehicles to share speed, location, trajectory, and telemetry data
● Via the OBU, receive C-V2X data from the intersection or other vehicles for driver alerting, safety messages, etc.
● OBU vehicular data upload to fleet management systems
● Unified deployment and management of on-site gateways, switches and compute
Proposed Network Architecture
● On-board network with cloud management
● C-V2X connectivity to support advanced ITS applications and improve passenger safety
Key Design Elements
1. On-board unit (OBU) supporting C-V2X communication between the mass transit vehicle, intersection RSU and other connected vehicles
2. Direct wireless connection between the OBU and the RSU to enable C-V2X operations
3. C-V2X capabilities for urban location, platooning, traffic efficiency, vehicle operations management, etc.
4. Easy to deploy configuration templates for systems/devices at the intersection
5. Robust security for intersection device data and management
6. Network segmentation to enforce secure device data access to authorized agencies
7. Edge Compute platform enables local processing of RSU device data to drive intelligent traffic control and analytics
Deploying connected mass transit
Deployment of connected mass transit solutions requires careful planning and execution to guarantee success and support later expansion and evolution. Below are steps and actions as well as deployment challenges and how they can be overcome.
Deployment steps
Actions
1. Identify initial required services (e.g,. secure backhaul for VLU, video security, APC systems, passenger WiFi services, etc.)
2. Capture and assess plans for future service expansion and connectivity such as vehicle telematics collection/assessment, interior and exterior signage, emergency alerting and cloud services
3. Assess current and future services—will local processing be required for telematics, intelligent linking of vehicle on-board systems, integration with cloud services
4. Create engineering design considering available power/space, on-board subsystem connectivity and data center interfaces. Plan your deployment phases for easy rollout of services in the future
5. Define on-board device addressing, port mapping/forwarding, device and network security options. Leverage Cisco Validated Designs for guidance
6. Assess antenna mounting options and location via a study of other RF systems and antennas in use. Select optimal MIMO antenna solution given RSSI in service area
7. Execute the plan—install/configure equipment, provision the vehicle and perform an acceptance test
Cisco help in addressing key intersection deployment challenges
Integration
● Zero-touch deployment to automate the process and remove human error
● Secure remote access and visibility to on-board devices behind the gateway
● Effective link debugging with cellular performance metrics and history dashboard
Security
● Multiple/flexible VPN options to control access and protect your data
● Port security (802.1x, MAB) to limit and authenticate access to switching ports
● Network segmentation to enforce secure device data access to authorized agencies
● Physical security via alarm inputs triggering SNMP alarms
● Stealthwatch for protocol inspections to detect intruders
Mass transit technology selection guide
Cisco products are designed for harsh outdoor environments such as would be experienced in mass transit or intersection cabinets. With the support Cisco’s advanced management and security products as well as Edge Compute capability, they provide a rich set of capabilities and possibilities for meeting current and future intersection and roadway needs.
Production options
● Pictured is the Cisco IR829 Industrial Router
● See also: Cisco IR800 Series Industrial Routers
Mounting |
Panel |
WAN options |
LTE x 2 |
Switch ports (RJ45) |
4 GigE |
WiFi |
802.11 |
RS232/RS485 |
2 DTE/DCE |
GPS |
Yes + gyroscope + accelerometer |
GPIO |
Alarm input |
Dimensions and availability |
1.15 X 5.05 X 6.27 (globally) |
Edge Compute options
CPU architecture |
Intel 64 bit (x86_64) |
CPU (units) available |
732 |
Memory available |
767MB |
Storage available |
512 - 1800MB (40GB-80GB with SSD) |
CPU architecture |
PaaS, LXC, Docker |
Resources
● IOT Operations Center Overview
● Cisco Validated Designs
Remote and Mobile Assets Industry solutions
● Cisco IOx:
For more information, please refer to the links above or contact your local Cisco Account Manager.