Skip to main content

Automating an Analysis of Safety-Security Interactions for Railway Systems

  • Conference paper
  • First Online:
Reliability, Safety, and Security of Railway Systems. Modelling, Analysis, Verification, and Certification (RSSRail 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14198))

  • 501 Accesses

Abstract

Over recent years, the number of cyberattacks on safety-critical systems, including railways has been rapidly increasing. To analyze the impact of cyberattacks on safety, we need to create methods supporting a systematic and rigorous analysis of system behavior in the presence of cyber threats. In this paper, we propose a methodology and automated tool support for an integrated analysis of the impact of cyberattacks on the safety of railway systems. Our approach relies on graphical modeling in SysML, HAZOP-based analysis of cyber threats and formal modeling in Event-B. The proposed approach allows the designers to identify and visualize the safety requirements that become violated as a result of various cyberattacks.

Supported by Trafikverket, Sweden.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Troubitsyna, E., Laibinis, L., Pereverzeva, I., Kuismin, T., Ilic, D., Latvala, T.: Towards security-explicit formal modelling of safety-critical systems. In: Skavhaug, A., Guiochet, J., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9922, pp. 213–225. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45477-1_17

    Chapter  Google Scholar 

  2. Vistbakka, I., Troubitsyna, E., Kuismin, T., Latvala, T.: Co-engineering safety and security in industrial control systems: a formal outlook. In: Romanovsky, A., Troubitsyna, E.A. (eds.) SERENE 2017. LNCS, vol. 10479, pp. 96–114. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-65948-0_7

    Chapter  Google Scholar 

  3. Troubitsyna, E., Vistbakka, I.: Deriving and formalising safety and security requirements for control systems. In: Gallina, B., Skavhaug, A., Bitsch, F. (eds.) SAFECOMP 2018. LNCS, vol. 11093, pp. 107–122. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99130-6_8

    Chapter  Google Scholar 

  4. Poorhadi, E., Troubitysna, E., Dán, G.: Formal modelling of the impact of cyber attacks on railway safety. In: Habli, I., Sujan, M., Gerasimou, S., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2021. LNCS, vol. 12853, pp. 117–127. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-83906-2_9

    Chapter  Google Scholar 

  5. Poorhadi, E., Troubitsyna, E., Dán, G.: Analysing the impact of security attacks on safety using SysML and event-B. In: Seguin, C., Zeller, M., Prosvirnova, T. (eds.) Model-Based Safety and Assessment. IMBSA 2022. Lecture Notes in Computer Science. vol. 13525. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-15842-1_13

  6. Snook, C., Butler, M.: UML-B: Formal modeling and design aided by UML. ACM Trans. Softw. Eng. Methodol. 15(1), 92–122 (2006). https://doi.org/10.1145/1125808.1125811

  7. UML-B Homepage. https://www.uml-b.org/

  8. Dghaym, D., Dalvandi, M., Poppleton, M., Snook, C.: Formalising the Hybrid ERTMS level 3 specification in iUML-B and Event-B. Int. J. Softw. Tools Technol. Transf. 22(3), 297–313 (2019). https://doi.org/10.1007/s10009-019-00548-w

    Article  Google Scholar 

  9. SysML Homepage. https://sysml.org/

  10. The RODIN platform. http://rodin-b-sharp.sourceforge.net/

  11. Abrial, J.-R.: Modeling in Event-B. Cambridge University Press (2010). https://doi.org/10.14236/ewic/ics-csr2014.1

  12. Dassault Systèmes. https://www.3ds.com/

  13. ATL- a model transformation technology. https://www.eclipse.org/atl/

  14. Rose editor. https://sourceforge.net/projects/rodin-b-sharp/files/Plugin_Rose_Editor/

  15. EBSysMLSec. https://github.com/Poorhadi/HAZOP-EBSysMLSec

  16. ERTMS/ETCS signaling system. https://www.era.europa.eu/domains/infrastructure/european-rail-traffic-management-system-ertms_en

  17. Ministry of Defence: Interim Defence Standard 00–58/1: Hazop Studies on Systems. Directorate of Standardization (1994)

    Google Scholar 

  18. Case Study including proof. https://github.com/Poorhadi/MovingBlockSysML

  19. Chothia, T., Ordean, M., De Ruiter, J., Thomas, R.J.: An attack against message authentication in the ERTMS train to trackside communication protocols. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 743–756. ACM (2017)

    Google Scholar 

  20. Zhang, Q., Huang, Z., Xie, J.: Distributed system model using SysML and event-B. In: Gu, X., Liu, G., Li, B. (eds.) MLICOM 2017. LNICST, vol. 226, pp. 326–336. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-73564-1_32

    Chapter  Google Scholar 

  21. Tueno Fotso, S.J., Mammar, A., Laleau, R., Frappier, M.: Event-B expression and verification of translation rules between SysML/KAOS domain models and B system specifications. In: Butler, M., Raschke, A., Hoang, T.S., Reichl, K. (eds.) ABZ 2018. LNCS, vol. 10817, pp. 55–70. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-91271-4_5

    Chapter  Google Scholar 

  22. Salunkhe, S., Berglehner, R., Rasheeq, A.: Automatic transformation of SysML model to event-B model for railway CCS application. In: Raschke, A., Méry, D. (eds.) ABZ 2021. LNCS, vol. 12709, pp. 143–149. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77543-8_14

    Chapter  Google Scholar 

  23. Masson, É., Gransart, C.: Cyber security for railways – a huge challenge – Shift2Rail perspective. In: Pirovano, A. (ed.) Nets4Cars/Nets4Trains/Nets4Aircraft 2017. LNCS, vol. 10222, pp. 97–104. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56880-5_10

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Ehsan Poorhadi .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Poorhadi, E., Troubitsyna, E. (2023). Automating an Analysis of Safety-Security Interactions for Railway Systems. In: Milius, B., Collart-Dutilleul, S., Lecomte, T. (eds) Reliability, Safety, and Security of Railway Systems. Modelling, Analysis, Verification, and Certification. RSSRail 2023. Lecture Notes in Computer Science, vol 14198. Springer, Cham. https://doi.org/10.1007/978-3-031-43366-5_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-43366-5_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-43365-8

  • Online ISBN: 978-3-031-43366-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics