Abstract
Some recent incidents and analyses have indicated that possibly the vulnerability of IT systems in railway automation is increasing. Due to several trends, such as digitalization or the use of commercial IT and communication systems the threat potential has increased. This paper discusses the way forward for the railway sector, how many advantages of digitalization can be realized without compromising safety. In particular topics like standardization or certification are covered, but also technical issues like SW update.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
The Telegraph: Cyber attack hits German train stations as hackers target Deutsche Bahn. http://www.telegraph.co.uk/news/2017/05/13/cyber-attack-hits-german-train-stations-hackers-target-deutsche/
ISA 99: Standards of the Industrial Automation and Control System Security Committee of the International Society for Automation (ISA) on information security. http://isa99.isa.org/Documents/Forms/AllItems.aspx
IEC 62280 Railway applications, Communication, signaling and processing systems–Safety related communication in transmission systems, September 2010 (CENELEC EN 50159)
IEC 62425 Railway applications, Communication, signaling and processing systems – Safety-related electronic systems for signaling, February 2003 (CENELEC EN 50129)
Commission Implementing Regulation (EU) No 402/2013 on the common safety method for risk evaluation and assessment and repealing Regulation (EC) No 352/2009, 30 April 2013
ISO: Information technology - Security techniques - Information security risk management, ISO 27005 (2011)
NIST: Guide for conducting risk assessments, SP800-30 (2012)
IEC: Industrial communication networks – Network and system security – Part 3-3: System security requirements and security levels, IEC 62443-3-3 (2015)
IEC 62443-3-2: Security for industrial automation and control systems – Part 3-2: Security risk assessment and system design, draft for comments, August 2015
Electric signaling systems for railways – Part 104: IT Security Guideline based on IEC 62443 (in German) (2015)
Schlehuber, C.: Analysis of security requirements in critical infrastructure and control systems (in German), Master thesis, TU Darmstadt (2013)
Braband, J., Schäbe, H.: Probability and Security – Pitfalls and Chances. In: Proceedings of the Advances in Risk and Reliability Technology Symposium 2015, Loughborough (2015)
UK Department for Transport: Rail Cyber Security - Guidance to Industry (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Braband, J. (2017). Cyber Security in Railways: Quo Vadis?. In: Fantechi, A., Lecomte, T., Romanovsky, A. (eds) Reliability, Safety, and Security of Railway Systems. Modelling, Analysis, Verification, and Certification. RSSRail 2017. Lecture Notes in Computer Science(), vol 10598. Springer, Cham. https://doi.org/10.1007/978-3-319-68499-4_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-68499-4_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-68498-7
Online ISBN: 978-3-319-68499-4
eBook Packages: Computer ScienceComputer Science (R0)