Abstract
Over recent years, the number of cyberattacks on safety-critical systems, including railways has been rapidly increasing. To analyze the impact of cyberattacks on safety, we need to create methods supporting a systematic and rigorous analysis of system behavior in the presence of cyber threats. In this paper, we propose a methodology and automated tool support for an integrated analysis of the impact of cyberattacks on the safety of railway systems. Our approach relies on graphical modeling in SysML, HAZOP-based analysis of cyber threats and formal modeling in Event-B. The proposed approach allows the designers to identify and visualize the safety requirements that become violated as a result of various cyberattacks.
Supported by Trafikverket, Sweden.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Troubitsyna, E., Laibinis, L., Pereverzeva, I., Kuismin, T., Ilic, D., Latvala, T.: Towards security-explicit formal modelling of safety-critical systems. In: Skavhaug, A., Guiochet, J., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9922, pp. 213–225. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45477-1_17
Vistbakka, I., Troubitsyna, E., Kuismin, T., Latvala, T.: Co-engineering safety and security in industrial control systems: a formal outlook. In: Romanovsky, A., Troubitsyna, E.A. (eds.) SERENE 2017. LNCS, vol. 10479, pp. 96–114. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-65948-0_7
Troubitsyna, E., Vistbakka, I.: Deriving and formalising safety and security requirements for control systems. In: Gallina, B., Skavhaug, A., Bitsch, F. (eds.) SAFECOMP 2018. LNCS, vol. 11093, pp. 107–122. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99130-6_8
Poorhadi, E., Troubitysna, E., Dán, G.: Formal modelling of the impact of cyber attacks on railway safety. In: Habli, I., Sujan, M., Gerasimou, S., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2021. LNCS, vol. 12853, pp. 117–127. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-83906-2_9
Poorhadi, E., Troubitsyna, E., Dán, G.: Analysing the impact of security attacks on safety using SysML and event-B. In: Seguin, C., Zeller, M., Prosvirnova, T. (eds.) Model-Based Safety and Assessment. IMBSA 2022. Lecture Notes in Computer Science. vol. 13525. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-15842-1_13
Snook, C., Butler, M.: UML-B: Formal modeling and design aided by UML. ACM Trans. Softw. Eng. Methodol. 15(1), 92–122 (2006). https://doi.org/10.1145/1125808.1125811
UML-B Homepage. https://www.uml-b.org/
Dghaym, D., Dalvandi, M., Poppleton, M., Snook, C.: Formalising the Hybrid ERTMS level 3 specification in iUML-B and Event-B. Int. J. Softw. Tools Technol. Transf. 22(3), 297–313 (2019). https://doi.org/10.1007/s10009-019-00548-w
SysML Homepage. https://sysml.org/
The RODIN platform. http://rodin-b-sharp.sourceforge.net/
Abrial, J.-R.: Modeling in Event-B. Cambridge University Press (2010). https://doi.org/10.14236/ewic/ics-csr2014.1
Dassault Systèmes. https://www.3ds.com/
ATL- a model transformation technology. https://www.eclipse.org/atl/
Rose editor. https://sourceforge.net/projects/rodin-b-sharp/files/Plugin_Rose_Editor/
EBSysMLSec. https://github.com/Poorhadi/HAZOP-EBSysMLSec
ERTMS/ETCS signaling system. https://www.era.europa.eu/domains/infrastructure/european-rail-traffic-management-system-ertms_en
Ministry of Defence: Interim Defence Standard 00–58/1: Hazop Studies on Systems. Directorate of Standardization (1994)
Case Study including proof. https://github.com/Poorhadi/MovingBlockSysML
Chothia, T., Ordean, M., De Ruiter, J., Thomas, R.J.: An attack against message authentication in the ERTMS train to trackside communication protocols. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 743–756. ACM (2017)
Zhang, Q., Huang, Z., Xie, J.: Distributed system model using SysML and event-B. In: Gu, X., Liu, G., Li, B. (eds.) MLICOM 2017. LNICST, vol. 226, pp. 326–336. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-73564-1_32
Tueno Fotso, S.J., Mammar, A., Laleau, R., Frappier, M.: Event-B expression and verification of translation rules between SysML/KAOS domain models and B system specifications. In: Butler, M., Raschke, A., Hoang, T.S., Reichl, K. (eds.) ABZ 2018. LNCS, vol. 10817, pp. 55–70. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-91271-4_5
Salunkhe, S., Berglehner, R., Rasheeq, A.: Automatic transformation of SysML model to event-B model for railway CCS application. In: Raschke, A., Méry, D. (eds.) ABZ 2021. LNCS, vol. 12709, pp. 143–149. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77543-8_14
Masson, É., Gransart, C.: Cyber security for railways – a huge challenge – Shift2Rail perspective. In: Pirovano, A. (ed.) Nets4Cars/Nets4Trains/Nets4Aircraft 2017. LNCS, vol. 10222, pp. 97–104. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56880-5_10
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Poorhadi, E., Troubitsyna, E. (2023). Automating an Analysis of Safety-Security Interactions for Railway Systems. In: Milius, B., Collart-Dutilleul, S., Lecomte, T. (eds) Reliability, Safety, and Security of Railway Systems. Modelling, Analysis, Verification, and Certification. RSSRail 2023. Lecture Notes in Computer Science, vol 14198. Springer, Cham. https://doi.org/10.1007/978-3-031-43366-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-43366-5_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-43365-8
Online ISBN: 978-3-031-43366-5
eBook Packages: Computer ScienceComputer Science (R0)