Abstract
Railway systems are critical transportation infrastructure assets that must be protected from cyber attacks. However, deployments and upgrades of operational technology systems are always challenging due to the short timeframes available for maintenance. Specifically, there is insufficient time to test the safety and robustness of software updates and patches during railway system operation. Cyber security guidelines have been specified for the railway sector. However, the guidelines only mention the security requirements, not how they should be implemented in railway systems. This chapter proposes a security framework for railway system deployments. The framework can also be used as a reference for cyber security testing.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Acute Market Reports, Railway Signaling Systems Market Size, Market Share, Application Analysis, Regional Outlook, Growth Trends, Key Players, Competitive Strategies and Forecasts, 2020 to 2028, Report ID: 5232539, New York, 2020.
R. Alguliyev, Y. Imamverdiyev and L. Sukhostat, Cyber-physical systems and their security issues, Computers in Industry, vol. 100, pp. 212–223, 2018.
R. Chan and K. Chow, Threat analysis of an elevator control system, in Critical Infrastructure Protection XI, M. Rice and S. Shenoi (Eds.), Springer, Cham, Switzerland, pp. 175–192, 2017.
CYRAIL Project, Cybersecurity in the Railway Sector, Evoleo Technologies, Maia, Portugal (cyrail.eu), 2017.
R. Frangie, A. Mihalic, T. Chehab, J. Kan, C. Luk and S. Perinpacumarasamy, Smart railways ... or not so smart: A cyber security perspective, Proceedings of the Conference on Railway Excellence, pp. 230–239, 2018.
C. Gransart, V. Deniau, E. Simon, A. Fleury, S. Lecoeuche, P. Millot and E. Masson, Cyber security of the railway wireless system: Detection, decision and human-in-the-loop, Proceedings of the Seventh Transport Research Arena, 2018.
N. Huq, R. Vosseler and M. Swimmer, Cyberattacks Against Intelligent Transportation Systems, TrendLabs, Trend Micro, Tokyo, Japan, 2017.
S. Lakshminarayana, J. Karachiwala, S. Chang, G. Revadigar, S. Kumar, D. Yau and Y. Hu, Signal jamming attacks against communications-based train control: Attack impacts and countermeasures, Proceedings of the Eleventh ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 160–171, 2018.
P. Radanliev, D. De Roure, J. Nurse, R. Nicolescu, M. Huth, S. Cannady and R. Mantilla Montalvo, New Developments in Cyber Physical Systems, the Internet of Things and the Digital Economy – Discussion on Future Developments in the Industrial Internet of Things and Industry 4.0, Unpublished Manuscript (www.preprints.org/manuscript/201903.0094/v1), 2019.
A. Thaduri, M. Aljumaili, R. Kour and R. Karim, Cybersecurity for e-maintenance in the railway infrastructure: Risks and consequences, International Journal of System Assurance Engineering and Management, vol. 10(2), pp. 149–159, 2019.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 IFIP International Federation for Information Processing
About this paper
Cite this paper
Chan, R. (2022). A Security Framework for Railway System Deployments. In: Staggs, J., Shenoi, S. (eds) Critical Infrastructure Protection XV. ICCIP 2021. IFIP Advances in Information and Communication Technology, vol 636. Springer, Cham. https://doi.org/10.1007/978-3-030-93511-5_12
Download citation
DOI: https://doi.org/10.1007/978-3-030-93511-5_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-93510-8
Online ISBN: 978-3-030-93511-5
eBook Packages: Computer ScienceComputer Science (R0)