Samenvatting
In this paper, the authors present general information security guidance applicable to surface transportation systems worldwide. This guidance presents information security as a vital part of a system life-cycle process, thus requiring planning and provisioning as would any other facet of the transportation system. The guidance also describes effective information security as a process that incorporates strategic planning, policy analysis, integrated solution, education and training, management, and system assessment. Although based on current practice and policy within the United States, the substance of this guidance can be applied to almost any ITS environment.