Public safety services have changed dramatically over the years as technology has disrupted our industry. We now operate under a “mobile first” paradigm, where tools and information are extended from the enterprise to the field as their primary function instead of as an add-on feature set. Security – in the past considered a solution unto itself – is now pervasive at every level of system design.
When working with a customer, my objective in creating a mobile workspace is to understand the agency’s goals, utilize as much of its past investments as possible and integrate the latest technology – all while building into the architecture maximum change tolerance for the road ahead.
What follows is a high-level overview of the components of a modern in-vehicle computing system, including best practices and configuration considerations that are often overlooked.
Delivering Power and Connectivity
The first component I’ll address is power. An in-vehicle computer and other electronics can be directly connected to the vehicle’s battery. However, adding a power distribution unit has many advantages.
PDU’s, like the Havis ChargeGuard, connect to the car’s ignition allowing it to act as a power button. PDU’s often have built-in timers and battery sensors that allow electronics to power down automatically with the ignition, after a period of time or before the car battery is drained.
Fuel or idle management devices, like the Havis IdleRight, sense the car battery’s condition and alternately idle and turn off the car to maintain the battery’s charge using minimal fuel.
Communication is the next system I design. Decisions made here have far reaching impact in terms of functionality and costs. Basic public safety IT communication protocols include cellular, GPS and Wi-Fi. At the simplest level, these functions can be integrated into most mobile devices. For increased accuracy, bandwidth and consistency, roof mounted antennas should be utilized.
For the best performance, including enterprise networking and security features and over the air management, choose a mobile access router. A MAR provides 15-30 miles of range on the cellular antenna versus the usual three to five miles. It is also capable of multicasting GPS data to multiple devices and can create a Wi-Fi hotspot around the car. As more devices are integrated into vehicles, the ability of a MAR to connect everything and backhaul off a single wireless wide area network (WWAN) modem becomes the most effective option from both a performance and cost perspective.
Vendors are moving quickly to facilitate the rollout of the FirstNet public safety broadband network, producing modems and mobile devices using the newly dedicated bandwidth.
The Mobile Office
Government agencies have never had more choice when it comes to the mobile devices they’ll use in the field. Every form factor is available, with a range of rugged ratings appropriate for the non-linear environments that first responders operate in.
From rugged laptops and hardened PC’s to tablets and handhelds, many devices and peripherals are available to facilitate various tasks. There are far too many devices and considerations to spend a helpful amount of time on the topic in this post, however, do check out my Mobile Device Qualifying Guide and this slideshow for considerations and examples of appropriate devices.
Telephony is often overlooked in vehicles. Phones are used in the field as much or more than the computer or radio. They should be mounted safely to maximize functionality and avoid distraction.
You can power them via USB, leverage the car’s audio system via Bluetooth and connect them to the in-car Wi-Fi. Proper integration of phones in the mobile work environment is the difference between having a powerful tool or a dangerous distraction.
Mobile printing allows delivery of reports and citations on scene. Ruggedized mobile printers are available in the traditional 8.5×11-inch format as well as 4 inches. Printers can be mounted almost anywhere. For example, under an armrest, on the cage wall, dash, glove box or even taking the place of a car seat headrest.
Mobile office components must be properly mounted and docked to provide functional ergonomics and ensure a safe work environment. Mounts can be positioned almost anywhere. Docks provide power, port replication and radio pass-through, greatly enhancing the functionality of mobile devices in and outside of the vehicle.
Client access solutions connect users to their tools and information on their devices. A mobile virtual private network (VPN) is used to provide an encrypted connection from the mobile user back to the data center.
Mobile VPN’s often provide session persistence, a feature that keeps software running smoothly through connectivity interruptions. Without session persistence, an interruption in data connectivity can cause software to fail, close or crash forcing a user to relaunch, re-authenticate or restart their machine entirely. Law enforcement officers (LEO’s), accessing Criminal Justice Information Services (CJIS) from a non-secure environment, must ensure their VPN is FIPS 140-2 certified to ensure compliance with the CJIS Security Policy.
Enterprise device management (EDM) solutions allow agencies to manage and secure their cellular mobile devices. EDM solutions offer functionality to assist in complying with the CJIS Security Policy such as:
- Remote locking of device
- Remote wiping of device
- Setting and locking device configuration
- Detection of “rooted” and “jailbroken” devices
- Enforce folder or disk level encryption
Identification and Authentication
Advanced authentication has evolved over the years from a cumbersome and costly addition to an integrated solution offering complimentary features. When designing an advanced authentication solution, I like to look for existing investments I can leverage.
For example; many agencies use contactless smart cards for building access. These can be repurposed as a form of authentication. Much of the hardware, standard operating procedures (SOPs) and policies are already in place to utilize the cards and add or remove users. Smart card readers can be integrated internally to most rugged laptops and tablets or mounted externally and connected via USB.
Identity management software that facilitates advanced authentication also allows for single-sign-on (SSO). This enables users to logon once using advanced authentication, e.g. username, password and smart card, then simply use a tap of their smart card to log into each additional tool.
Identity management solutions also facilitate user-based password reset. If a user needs to reset a password or does not have their smart card, they can use other methods of authentication to do so without contacting IT.
No in-vehicle computing solution is complete without a distracted driving prevention solution. Though distracted driving policies should be diligently enforced, an automatic software-based solution should be utilized to ensure officer safety and efficacy on the road.
Software, like AutoExec’s Screen Out, allows customized computer behavior based on conditions in the field. For example, agencies can disable the keyboard over a chosen vehicle speed or freeze or turn off the screen entirely. Many agencies choose to allow one software window to stay up, e.g. CAD/RMS, but deactivate the keyboard, mouse and touchscreen over 15 mph.
The Road Ahead
Public safety IT is a perpetually emerging market. Constant technological innovation and the evolving expectations of the public drive us to design our tools and policies to allow for constant adaptation.
Thoughtful consideration around the interdependent IT systems in public safety vehicles is paramount to the balance of safety and service. The technological advantages we afford our first responders will be measured in property and lives lost or saved.