Connected Mass Transit

Cisco IoT Solution Brief

Available Languages

Download Options

  • PDF
    (9.3 MB)
    View with Adobe Reader on a variety of devices
Updated:October 6, 2020

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Available Languages

Download Options

  • PDF
    (9.3 MB)
    View with Adobe Reader on a variety of devices
Updated:October 6, 2020


Connecting and optimizing Mass Transit fleets

Introduction to Cisco Managed Gateways for Mass Transit

Cisco is a global leader in data and networking and provides a wide range of products to address connected mass transit solutions. By applying our networking and IoT expertise to mass transit systems we have created innovative technology solutions which optimize system operations for mass transit. Our goal is to future-proof your investment by providing an evolution path from today’s bus-centric connected bus and rail systems to cloud-based solutions and interaction with the smart cities of tomorrow.

Graphical user interface, text, applicationDescription automatically generated

Cisco Validated Designs

Since the inception of IP networking, Cisco Validated Designs™ (CVDs) have been used to validate, architect, and configure next-generation technologies. CVDs start with the vertical use cases and architect the flow from the edge device to the application, validating the key Cisco and 3rd party components along the way. Each aspect of the architecture is thoroughly tested and documented with sample configurations, helping to simplify integration through proven solutions.

The goal is to ensure a deployment that’s simple, faster, reliable and cost effective.

Mass transit challenges

Currently, mass transit faces a host of problems and inefficiencies in the way it is operated:

     Multiple, disjointed on-board systems resulting in the presence of multiple LTE gateways/SIM cards

     Lack of unified connected fleet operations insights

     High costs, especially with antenna installation and recurring cellular charges. Also, leads to difficult scaling, as thousands of vehicles each require multiple gateways and vendors

     Minimal to no security

     Legacy Vehicle Logic Unit (VLU)-centric architecture that limits future technologies and passenger services

     Serviced mainly by IT professionals and the IT department

     Systems are often on-premise-based and require staff to be on site at the Operations Control Center for access and visibility into the network

     Access to high quality and high-fidelity data is often difficult due to outdated legacy technology

Graphical user interface, text, applicationDescription automatically generated

Transit operational processes and use cases

Transit solutions must consider three key aspects of a transit operations: business, fleet and vehicle operations.

DiagramDescription automatically generated

Business operations support the planning, commercial, ridership and financial performance. Fleet operations focus on the day-to-day real-time operation of the transit service including vehicle location, on-time performance, route compliance and route adjustments, as necessary. Lastly, vehicle operations focus on the fleet vehicle performance, maintenance, refreshes of hardware and software systems for optimal fleet performance.

Note: This presentation focuses on busses, but concepts also apply to ligh trail and part apply to transit service vehicles.

A picture containing tableDescription automatically generated

Simple provisioning and operations

To ensure our architecture is Simple, Scalable and Flexible, we have developed field-friendly gateway management with strong asset operation capabilities. Deep integration with asset systems and operations ensures that field crew can easily deploy and manage these gateways without the need for IT support. Simple provisioning

Simple provisioning


Make it easy for the technician and non-IT staff to provision and manage connectivity at scale.


A picture containing diagramDescription automatically generated

True zero touch deployment of the gateways

1.     Configure templates using our point and click simplicity. Associate gateways with bus ID

2.     Technician deploys the gateways using either a mobile or web application

3.     A single pane-of-glass to activate/deactivate your SIM card and manage your rate plan with Cisco Control Center (offered by select Service Providers)

Your busses are now in service.

Simple operation


Minimize service outages and support faster troubleshooting/updates.


A picture containing diagramDescription automatically generated

Minimize downtime through remote troubleshooting using the bus ID.   

1.     10 pm: Alert at Operations Center indicating faulty CAD/AVL system.

2.     10 pm: Transit Center supervisor asks maintenance to remotely troubleshoot and fix.

3.     10:05 pm: Mechanic securely logs into the gateway using the asset ID and applies VLU updates.

4.     10:15 pm: Bus back in service with functioning VLU.

Scalable security and flexible Edge Compute

We also ensure a secure architecture designed for environments that are constantly under attack. Application flexibility is provided through a full-featured, secure Edge Compute layer that supports next generation applications along with a large partner ecosystem that can help drive innovation.

Scalable security


Real-time cyber security protection from external and internal threats for thousands of buses.

A picture containing diagramDescription automatically generated


Multi-layered security enforced through a single control point; ensure data confidentiality and end-end encryption. Standard IPSEC VPN to the operations network. Enforce network segmentations and policies:

1.     Keep high-priority data separate and protected

2.     High availability and connectivity of CAD/AVL data

3.     Full integration with existing security services like Umbrella, Cisco’s Cloud based security that secures users and devices, Stealthwatch, Cisco’s machine learning network security traffic analysis, no need for third-party security

Your buses are now equipped with internet-ready cybersecurity.

Flexible Edge Compute


Support a variety of NextGen Transit apps like smart mobility, traffic signal prioritization and monitoring of operational sensors.


A picture containing diagramDescription automatically generated

Edge Compute that support standards-based microservices through an open ecosystem.

1.     Deploy Linux-based microservices onto the IR829 gateway

2.     The necessary gateway/sensor data is pulled by applications located anywhere; on-site, at the data center, or in the cloud

Flexible and versatile operations are available.

Simple mass transit architecture

This architecture covers a typical basic deployment scenario for managed gateways considering use case requirements and available connectivity options and management.


     A VLU or other on-vehicle equipment that requires a secure connection over cellular

     Simple to deploy and operate by field technicians

     Visibility to VLU and connected devices with secure remote access

     On-board devices can report events and logs to the operations center

     Able to troubleshoot and perform remote updates

     Real-time information delivered to operations center for fleet management

     Provides a passenger WiFi service

Proposed network architecture

     Integrated gateways and cloud management

     WiFi AP for passenger internet access

Graphical user interface, applicationDescription automatically generated


Key design elements

1.     Reliable LTE connectivity/expansive coverage with low interference

2.     Predefined configuration templates for fleet management and on-board devices

3.     Robust end-to-end security for business, vehicle, and fleet data and management


Graphical user interface, text, application, emailDescription automatically generated

Next generation mass transit site

This architecture covers deployment scenarios with multiple services on the fleet vehicle using managed gateways and cloud management with Edge Compute available for local processing, as needed. Multi-agency use of vehicle device data is supported through segmentation and security.


     Consolidated communications into one dual WiFi/LTE gateway

     Integration with next gen apps to perform advanced functions such as fleet management, vehicle diagnostics and rider alerts

     Simple to deploy (gateway, devices and Edge Compute applications) and operate by field technicians

     Support for multiple agency access to data from their specific devices and services located on the vehicle

     Establishment of controls to limit agency access to their vehicle devices and services

     Edge computing to enable local interaction between systems for vehicle location, fleet management, operations and diagnostics

Proposed network architecture

     On-site network with cloud management

     Unified deployment and management of on-site gateways, switches and compute


Graphical user interface, applicationDescription automatically generated


Key design elements

1.     Edge Compute platform to enable local processing of sensors/device data to drive next gen applications such as Swiftly or KPIT

2.     Reliable LTE connectivity/expansive coverage with low interference, easy to deploy

3.     Easy to deploy configuration templates for systems/devices at the vehicle

4.     Robust security for vehicle and fleet device data and management

5.     Network segmentation to enforce secure device data access to authorized agencies

Graphical user interface, text, application, emailDescription automatically generated

Next generation mass transit—partners ecosystem

One foundational aspect of our next generation mass transit architecture is our robust partner ecosystem. Our partners seek to build an ecosystem which enables next generation functions that provide value to our customers. Utilizing Edge Compute, our partner’s Linux based microservices can be pushed down to the IR829 Gateway. The necessary gateway/sensor data can be accessed via the cloud, at the data center, or on-site.


     View vehicle schedule adherence and on-time performance metrics and reports including real-time transit vehicle location with passenger predictions

     Tools for operators to view vehicles in real-time and make adjustments to the transit service

     Vehicle movement replay and analysis of run-times with suggested schedule improvements

     Provide updates to passengers about service changes, stop adjustments, and detours/delays and to field operators and drivers via onboard tablets


     Delivers single pane-of-glass cloud-based platform for all connected vehicle and asset types coupled with field service mobility applications

     Connects fleet and operational data for optimal fleet visibility, utilization, and monetization

     Real-time visibility into location, productivity, fuel spend and fleet run time costs

     Captures drive time; route effectiveness and delivers ETA’s using current and historical traffic data

     Vehicle/asset diagnostics to drive preventative maintenance and driver/passenger safety


Graphical user interface, applicationDescription automatically generated


     Display diagnostics data to show signal strength and connectivity information

     LTE data consumption, application performance, network speed/performance, and mobile data usage

     Provides information on the networking capabilities on-board the vehicle


     Enables the implementation of remote vehicle diagnostics and service-oriented vehicle telemetry for predictive maintenance

     Provides vehicle state event management, KPI dashboarding, and repair instructional information

     Reduces vehicle down-time and increases FFV (Fixed-First-Visit) rates

Smart city integration

This architecture covers more advanced or next generation deployment scenarios requiring high bandwidth, low latency links to smart city fiber-connected intersections and coordination between other connected autonomous vehicles.


     Real-time communication with the intersection supporting traffic signal prioritization (TSP) decisions for bus and emergency vehicles

     C-V2X On-board Unit (OBU) for high-speed bi-directional communication with an intersection RSU (roadside unit) or other vehicles to share speed, location, trajectory, and telemetry data

     Via the OBU, receive C-V2X data from the intersection or other vehicles for driver alerting, safety messages, etc.

     OBU vehicular data upload to fleet management systems

     Unified deployment and management of on-site gateways, switches and compute

Proposed Network Architecture

     On-board network with cloud management

     C-V2X connectivity to support advanced ITS applications and improve passenger safety


DiagramDescription automatically generated


Key Design Elements

1.     On-board unit (OBU) supporting C-V2X communication between the mass transit vehicle, intersection RSU and other connected vehicles

2.     Direct wireless connection between the OBU and the RSU to enable C-V2X operations

3.     C-V2X capabilities for urban location, platooning, traffic efficiency, vehicle operations management, etc.

4.     Easy to deploy configuration templates for systems/devices at the intersection

5.     Robust security for intersection device data and management

6.     Network segmentation to enforce secure device data access to authorized agencies

7.     Edge Compute platform enables local processing of RSU device data to drive intelligent traffic control and analytics

Graphical user interface, text, application, emailDescription automatically generated

Deploying connected mass transit

Deployment of connected mass transit solutions requires careful planning and execution to guarantee success and support later expansion and evolution. Below are steps and actions as well as deployment challenges and how they can be overcome.

Deployment steps

Graphical user interface, text, application, chat or text messageDescription automatically generated


1.     Identify initial required services (e.g,. secure backhaul for VLU, video security, APC systems, passenger WiFi services, etc.)

2.     Capture and assess plans for future service expansion and connectivity such as vehicle telematics collection/assessment, interior and exterior signage, emergency alerting and cloud services

3.     Assess current and future services—will local processing be required for telematics, intelligent linking of vehicle on-board systems, integration with cloud services

4.     Create engineering design considering available power/space, on-board subsystem connectivity and data center interfaces. Plan your deployment phases for easy rollout of services in the future

5.     Define on-board device addressing, port mapping/forwarding, device and network security options. Leverage Cisco Validated Designs for guidance

6.     Assess antenna mounting options and location via a study of other RF systems and antennas in use. Select optimal MIMO antenna solution given RSSI in service area

7.     Execute the plan—install/configure equipment, provision the vehicle and perform an acceptance test

Cisco help in addressing key intersection deployment challenges


     Zero-touch deployment to automate the process and remove human error

     Secure remote access and visibility to on-board devices behind the gateway

     Effective link debugging with cellular performance metrics and history dashboard


     Multiple/flexible VPN options to control access and protect your data

     Port security (802.1x, MAB) to limit and authenticate access to switching ports

     Network segmentation to enforce secure device data access to authorized agencies

     Physical security via alarm inputs triggering SNMP alarms

     Stealthwatch for protocol inspections to detect intruders

Mass transit technology selection guide

Cisco products are designed for harsh outdoor environments such as would be experienced in mass transit or intersection cabinets. With the support Cisco’s advanced management and security products as well as Edge Compute capability, they provide a rich set of capabilities and possibilities for meeting current and future intersection and roadway needs.

Production options

A close up of electronicsDescription automatically generated

     Pictured is the Cisco IR829 Industrial Router

     See also: Cisco IR800 Series Industrial Routers




WAN options

LTE x 2

Switch ports (RJ45)

4 GigE






Yes + gyroscope + accelerometer


Alarm input

Dimensions and availability

1.15 X 5.05 X 6.27 (globally)


Edge Compute options

CPU architecture

Intel 64 bit (x86_64)

CPU (units) available


Memory available


Storage available

512 - 1800MB

(40GB-80GB with SSD)

CPU architecture

PaaS, LXC, Docker


     IOT Operations Center Overview

     Cisco Validated Designs
Remote and Mobile Assets Industry solutions

     Cisco DevNet Home page

     Cisco IOx:

    Platform support matrix


For more information, please refer to the links above or contact your local Cisco Account Manager.


Learn more